- The best robot vacuum deals of February 2025: Save on Roomba, Roborock, Eufy, and more
- Achieving Reliable AI Models for Network Performance Assurance
- This Sonos Ace deal makes these premium headphones a more tempting purchase
- Digging into voice AI platform Deepgram
- La falta de formación no merma la concepción estratégica de la IA
Quantum Key Distribution and the Path to Post-Quantum Computing
This is the fourth in our series of blogs about the quantum threat. Our most recent post, The Impacts of Government Regulations on PQC Product Availability, discussed government standards for Post-Quantum Computing (PQC) and their impact on PQC adoption. As a diverse collection of stakeholders anticipates the maturing of PQC, the risks of Q-Day and Harvest Now, Decrypt Later (HNDL) cyberattacks remain a cause for concern. In this post, we will explore what’s available today for quantum-safe solutions, along with the viability and potential of Quantum Key Distribution (QKD), an emerging technology that spans the gap between the present and the PQC future.
Today’s Quantum Safe Solutions
While the quantum threat remains in the future, tech companies, standards bodies, and government entities have sought its mitigation for some time. To this end, Cisco was an early pioneer in efforts to define and provide quantum-safe networking solutions. Our initial focus was on quantum-safe hardware secure boot, followed by quantum-safe network transport protocols.
Secure boot first took the form of Cisco’s LDWM signature scheme, published in 2013 by McGrew & Curcio, which provides asymmetric authentication without the need for large integer mathematics. Cisco started shipping hardware products with LDWM-based quantum-safe secure boot soon after. In 2019, Cisco’s D. McGrew, M. Curcio, and S. Fluhrer authored the Leighton-Micali Signature (LMS) hash-based digital signature scheme, which creates secure digital signatures using a cryptographic hash function. LMS is included in the NSA’s CNSA 2.0 requirements, which we discussed in our post, Cryptography in a Post Quantum World.
QKD, SKIP, ETSI, and the Ability to Share Keys Between Endpoints
Cisco then turned its attention to creating quantum-safe network transport protocols. This work focused primarily on integrating with QKD, a technology that provides secure sharing of cryptographic keys by leveraging the physical properties of fiber optics. By sharing keys using photons, it is possible to ensure that the key has not been intercepted or corrupted. A number of vendors have developed QKD systems in recent years, though the idea for the technology stretches back decades.
Please note that for simplicity, I use the term “QKD” to represent both the hardware-based solutions mentioned above and “QKD-like” solutions that provide quantum safe keys using other methods. Some of these alternate methods are software-only solutions. My following use of “QKD” refers to all these solutions.
Given that the PQC algorithms had not, at that time, been standardized yet, Cisco concentrated on ways to provision quantum-safe keys to replace or augment legacy key exchange methods that were not quantum safe. The SKIP interface, developed in 2017, serves this purpose. SKIP is an API enabling network devices to obtain quantum safe keys from an external key management system, such as QKD. These keys are used in transport protocols, like IPsec and MACsec, to make them quantum safe and protect against harvest-now, decrypt-later attacks. IETF RFC 8784 defines the use of these keys for IPsec (IKEv2). Unfortunately, there is no standard for using these keys for MACsec.
Cisco submitted the SKIP specification to the IETF with the objective of becoming an Informational RFC. SKIP is supported in numerous Cisco devices and is openly available for industry use. Currently, about a dozen vendors support the SKIP interface:
In 2019, the European Telecommunications Standards Institute (ETSI) published its QKD interface specification, ETSI GS-QKD-014. The ETSI API offers a subset of the SKIP capabilities, but it is generally similar in terms of functionality. QKD vendors that initially implemented the ETSI specification have stated they were able to add the SKIP interface in just weeks.
Some QKD vendors have implemented both specifications. Many of these have stated that they support the simultaneous operation of SKIP and ETSI within their solutions. However, a few minor differences between the specifications prevent SKIP-ETSI interoperation.
The Future of QKD
We often get asked if Cisco will implement the ETSI specification. This question raises a broader and, in some ways, more important question: What is the future of QKD? What will be the role of QKD in the spectrum of solutions and devices that use optics and quantum technology to handle the management and distribution of quantum-safe keys, as well as those that are completely software-based?
One relevant answer is that, for all its promise, QKD is still relatively early in its technology lifecycle. Many companies are actively evaluating the use of QKD and QKD-like solutions for their networks. Key issues to consider include:
- How well do specific QKD solutions work?
- Are they truly secure? What are the threat vectors and how are they being addressed?
- Are they viable for the organization’s requirements and environment?
- Are they viable financially?
- Are the components used in the solution trustworthy?
- How does a QKD solution fit into emerging PQC solutions?
Many governments are prohibiting QKD systems in government or military applications. This is true for the UK, for instance. The US, Australia, and EMEA will not use QKD until certain limitations have been overcome. The capabilities, maturity and acceptance of QKD systems continues to expand. Some organizations are predicting security in-depth using both QKD and PQC solutions in select use cases (e.g., BSI, Section 6.11), and QKD systems are also being used in a few production networks.
Conclusion
While QKD systems show promise and may in some cases become a part of protections against the rising threat from quantum computers, Cisco is making PQC solution development a priority at this time. This is consistent with how most governments and organizations are approaching the matter.
Related Blogs
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Security Social Channels
Instagram
Facebook
Twitter
LinkedIn
Share:
