IETF Logo Mail Archive

Re: [saag] [Qirg] Security considerations in draft-irtf-qirg-quantum-internet-use-cases-08

Joseph D Touch <joseph.d.touch@aero.org> Mon, 14 February 2022 16:21 UTC

Return-Path: <prvs=037160803=joseph.d.touch@aero.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E44D3A1130; Mon, 14 Feb 2022 08:21:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=aero.org header.b=r0kUyvSm; dkim=pass (1024-bit key) header.d=aerospacecloud.onmicrosoft.com header.b=V+RU8QOa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Eypa87Dqs48I; Mon, 14 Feb 2022 08:21:38 -0800 (PST)
Received: from email3-east.aero.org (email3-east.aero.org [130.221.184.167]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0084A3A111C; Mon, 14 Feb 2022 08:21:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=aero.org; i=@aero.org; q=dns/txt; s=mailhub; t=1644855698; x=1676391698; h=from:to:cc:subject:date:message-id:mime-version; bh=xYFEiqNhOaf9ZGINBEletNcFfeH2b50vUSSVQbxLqPM=; b=r0kUyvSmCMq9w25RrDo/zjb5nV43Zy5iCXROJp+qaJSUudW6CVaA0mIp dh7wQ/9E+KGHBq9dQLws+P2kCcGwnfyE0TOXcdV+GLhPlbdBa/BFp9vTw D9tpRlC9/P/rOtobUF096szQqhvPC+2kAh7jDgLHwj79I14WauaRwZuH6 8=;
x-SBRS: 3.5
x-SenderGroup: Inbound_Office365
IronPort-Data: A9a23:R9MkV6n2WP27aAGiB3QzeA3o5gzlIURdPkR7XQ2eYbSJt1+Wr1Gzt xIdWjjQOquKYjD8L9onbNnj9kJX6JeHy981HAA9q3wzFi4T+ZvOCOrCIxarNUt+DCFioGGLT ik6QoOdRCzhZiaE/n9BFJC/9yEkvU2vbuOkUrOUUsxJbVY4Dn9n0HqPosZh6mJSqYDR7zil5 JWi86UzBHf/g2QuajhNt/rZwP9SlK+aVA0w7wVWic9j7Ae2e0k9VPrz8onsR5dQatA88t+SH 44v/pnglo/q105F5ueer1rOWhZiroj6YFHU0iIOM0SVqkMqSiQais7XPReHAKtdo23hc9tZk L2huXEsIOuA02KldOk1CnFl/y9C0aJuwLTIGFK5tpGpwHLDYUXJ4OlfL00pBNhNkgp3KTkmG f0wBxsmNkrGq8fthbWxR69rm9gpK9TtMMUHoHZ8wDrFDPEgB5feX6HN4twe1zA17ixMNa+GO 4xFNnwxMVKZO0Mn1lQ/UfrSmM+qgWLyaz0epBSJorc840DawRZ2lr/3P7I5f/TRGJoJwBjwS mTu52nLLRo6F9al4gGXzmi1isH3vhjlV9dHfFG/3qUz2wbMroAJMzUUUlu95/ywllKlQNVZf hBM9zAvprMp80rtRd74dxG9qWSP+B8RR9QWFPc1gCmUy7DbyweDGmZCSSROAPQtutU5bT0ny lHPmMnmbRR0ubSaYXOQ6rnSqim9URX5NkcHbC4ACAcAuNboq9lpigqVF449VqmoktfyBDf8h SiQqzQzjKkSishN0Lin+VfAgHSnoZ2hohMJChv/Zmmq1yl/Y9OfaLOt+2b+zupxD4qGdwzU1 JQboPS24OcLBJCLsSWCRuQRAb2kj8pp1hWM3TaD+LFxqFyQF26fkZN4vGggfB0wWioQUXq4O xGK41g5CIp7ZSPyNcdKj5SN59PGJEQKPfjoTbjxadtIb4MZmOSvoXk1PRH4M4wAgCERfUwXP J6adYOgCC0VAq8/lj6uHb5Fj/ks2zw0wn7VSdbj1RO73LGCZXmTD7AYLF+JaeN/56SByOk0z zq9H5TTo/m8eLShCsUyzWL1BQxVRZTcLcymw/G7jsbZfmJb9JgJUpc9O48JdY1/hLhynezV5 Hy7UUIw4AOh2SGYeVjUNiozOeqHsXNDQZQTbXJE0bGAiyhLXGpTxPtFH3fKVeV6qL0+laIsJ xX7U5zRXKoSElwrBAjxnbGm9dc5K3xHdCqLPiG/ZyM4cYIoTAvT4tj+dxfu8y9mM8ZEnZpWn lFU7SuCGcBrb106Uq7+Mavzp3vs4yR1sL8sDiPgf4kCEG2xodMCA3Gg3pcffZpWQT2dnWTy6 upjKUxFzQU7i9Rpq4ahaGHth9vBLtaS6WIEQziFve7ub3GyE6jK6dYobdtktAv1DAvckJhOr 80Ppx0gGJXrRGp3jrc=
IronPort-HdrOrdr: A9a23:olbo0q+TYtr125tVu2Ruk+ESdr1zdoMgy1knxilNoENuH/Bwxv rFoB1E73TJoR4LUnAhhtyMfIGcKEmsq6KdgbNxAV5tZnjMhILaFvAh0WKE+UyhJ8SezJ8d6U 4EScQObayXMbEUt7e23ODTKadZ/DC4ytGDuQ6z9QYaceguUdAq0++WYjzrRnGfamF9dMwE/b Cnl5h6TwPJQwVBUixQbkN1dtQr3ue7wa4OAiR2SSLPijP+wg9AOISKXyRwhS1uAA+nqI1KmQ eq4m+JhNTFworLu26tphyjneUi6a+RveevHPbttiFWEESltu/PXvVIZ1TrhkEYnAiB0icGrD CmmWZrAy0H0QKVQojam2ql5+EguAxeukMK/WXorkcKwaTCNRwH41cov/NiTvKV0TsagDk6u5 g7/V6xht5yN1ftjS7979/HW1VDkVe1m2Mrlaopg3lWQeIlGZlshL1a2HkQPIYLHSr85oxiOv JpFtvg6PFfdk7fR2zFv0F0qebcbkgbL1OjeAwvq8aV2z9ZkDRS1E0D3vESmX8G6dYUV4RE3e LZKa5l/Ys+f/P+VZgNN9vpfPHHNFAlACi8D156GG6XKJ3uOBr22rnKCfsOldOXkaczvbsPca L6IXdlXF4JCmPT4PK1rb522yGIZG28WD/q24V6559004eMIIYDSRfzC2zHHKOb0qUi6+3gKs +O0cFtcsfexVWHI/dt4+SSYegqFZBIarxQhj98YSOynisnEPyWigXASoetGJPdVQw8Ume6OH EERzSbHrQ90qm0YA6HvPEHYQKqRqQ0lagASZQzPIAoudAw3kgliHlItbx8jvv7dAGrGMQNDR RDyHSOqNLgmUCGuVvI72JqPhJcCwJ8/KjgOkk64jPi7HmEC4rqNr2kCDtv4Ec=
X-IronPort-AV: E=McAfee;i="6200,9189,10258"; a="357466"
X-IronPort-AV: E=Sophos;i="5.88,368,1635220800"; d="scan'208,217";a="357466"
Received: from mail-dm3gcc02lp2106.outbound.protection.outlook.com (HELO GCC02-DM3-obe.outbound.protection.outlook.com) ([104.47.65.106]) by email3-east.aero.org with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Feb 2022 11:21:34 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PS5A1WOFPFJxUsfq/pYiqL9iT8e8RK2hUE+vg12egctT78zX2/EHIs1n7cENa1f1/IOjAscESuHb2SwCCwFabnmfWqfl21L/aPZVAzQunLfwlleOnWtHXW+9lJcOOfXonBot2f0bb2tKbQ4bVy8eKrq2rObcScHNdYGEKvHBqpbNAHKufoeWOsJYDGPVwXjjoIcrt7fkHoLlFUIWYo4ALME13rr2H+tUkPdhf1r2joA21K/fRpbCmQPyyB7NKAhTnC6RH4LzHfnJdZrWPm612FbTNcDVT7hBNCDshrQXcT+oUETIY/FubPl40ScObS+26er8/RyNBWRcwQ/k5il72A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xYFEiqNhOaf9ZGINBEletNcFfeH2b50vUSSVQbxLqPM=; b=GA/22VlXaoIZbdVrPbGJW+mNpzKtXgpzLX7U0U5PoGzagFqayB1wGmOEGR2hik6lHV4jGFmyhqD+W/+HmSJ7puYL6eiSRgLc+XMDKbS3Jfbnqpt3vsDl6xx7uETazDnnmftz9mXIS4kih3D4AY65blD4/KK6IQyem3PAsYIbR6LqgIDok5PzgJyUT3gKgVYOG5TyQmG79v6avth6c73mCpIW1QnCUf5n2o7fukS3SYEypjRxtDASeTFJ0KIoEAjxGcuyp8+UJZr+LOpW/UWpJeQA5qW3/HBaaFc7T61DFb1hITCNtLnFnffdQZpxAnpmmaf0n2JKWrreYgS6PfJaJA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aerospacecloud.onmicrosoft.com; s=selector2-aerospacecloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xYFEiqNhOaf9ZGINBEletNcFfeH2b50vUSSVQbxLqPM=; b=V+RU8QOan9bXDqI0hGooMNnwWB2ZRQ794B3XbodDT1PP48eyJdKVfLjwzrDg9cYdGQk3qYndZhRl4d+fUrWWf9xL2x7HyS15ZPvBmFMu21uXAPxG59ZTusmVSAMB4J27TC9Cszl61Ih+lERb/ugrfzxWIyrDZS2MSaFOhSBpALU=
Received: from SJ0PR09MB6542.namprd09.prod.outlook.com (2603:10b6:a03:266::20) by SJ0PR09MB6399.namprd09.prod.outlook.com (2603:10b6:a03:268::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4975.17; Mon, 14 Feb 2022 16:21:33 +0000
Received: from SJ0PR09MB6542.namprd09.prod.outlook.com ([fe80::9d9:2d2f:e71:8d43]) by SJ0PR09MB6542.namprd09.prod.outlook.com ([fe80::9d9:2d2f:e71:8d43%5]) with mapi id 15.20.4975.019; Mon, 14 Feb 2022 16:21:33 +0000
From: Joseph D Touch <joseph.d.touch@aero.org>
To: John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, "qirg@irtf.org" <qirg@irtf.org>
CC: "cfrg@ietf.org" <cfrg@ietf.org>, saag <saag@ietf.org>
Thread-Topic: [Qirg] Security considerations in draft-irtf-qirg-quantum-internet-use-cases-08
Thread-Index: AQHYIb7un+HZWK/OK0afiMO7u4+DkQ==
Date: Mon, 14 Feb 2022 16:21:33 +0000
Message-ID: <DBB63D54-C4C5-42C8-9612-9324BAB6EEDA@aero.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.49.21050901
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=aero.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f1037973-a5cb-4cc8-a097-08d9efd610c4
x-ms-traffictypediagnostic: SJ0PR09MB6399:EE_
x-microsoft-antispam-prvs: <SJ0PR09MB63992E1798D83ADC12D1F1C0BD339@SJ0PR09MB6399.namprd09.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: VL4HHKiSYCg/yFIqOblmb5eEIBZCUk+/KUO5eZyBR03aO1Mz5yHLD0E8xP6B4y82F/7Iob4uH8OiKxHoVK6kgWtkxsPajcgkOxpbNDtoDsqWQrtIly5DD4vNPIbgSELO0ptGWdyCNVwgi52s2ryLMug9OxE16YWRVL1Ez4HY3+KgxK3UGOAnIqpFjxOsx0WKOU6hccp8vhOz38kzQoY9Hrfp6iuEft1EwXnKUOYNP/9S2drTLcOeglGIkh2kpiNrNE9DAyOyDOVPzNwbS/4gCOOwgLDK0J4xpl3i9+TQBKN4uVjd0ff50eUCIy2KARPNga976uZPbBLf399/BSr5DYD0s3B7Jt3O1IkPNB5nY3I1orhbV/hhPRwHs50k36npRI07DBOdxfyuw7gUBXV/3Zo6IXR+jnusn5M2HIOmMapDI9dMKMIJM5N73pow5Tv+/A7KGS8UUSHZrX8G2lCBGSKuI9IMmiyiC3X1FDPIYR1MK7deKqx7/B84e4HlvFfhjEhWp8GX5BPQ9QAvyX7i4itE7DVgfFGfOp5LB23xYwGao7dGi2vymjq88R5jLapp6lTS/taSWBMa85T3lrdORO+FE+y8Qgl3MNm7rZx4TmRCNW8N5KHBasL8FEhO/qXMT4AsvzvwiIdNnOslcKzNbwrpe/OQ64IeXVKKJ9n+iqRqDGtHWc8E0h2YqRrq5GM4umUon1p2JREdfBNCGdtOqnITNpBUDyWQVmogGp5Twjt0dORifs42JyV9QeGlIbLW
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR09MB6542.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(86362001)(4326008)(54906003)(110136005)(8676002)(6486002)(8936002)(66446008)(64756008)(66476007)(316002)(76116006)(66556008)(66946007)(38070700005)(36756003)(5660300002)(38100700002)(122000001)(71200400001)(508600001)(2616005)(6506007)(83380400001)(15650500001)(2906002)(40140700001)(6512007)(53546011)(33656002)(26005)(186003)(66574015)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: BM3KKYjQpapzfgUDddLNpj2eZTtSPj2pK6BmP/vsGd2TQ14mW7apNhFR3jghYOFfSOMwHat+Xu6LEzoWA/8cdRy4klVKaNmZAXFuxK7bIZgEk/wx0MuoQsiGR7HMF9FwQLJIrdEgZvayslYfqrjSRNYPLoXTqvUubv71/6oAwa5T0YhmHVofY7fYBb4BGW5tWyHscTSq/eaN4cWY+e5DA8/auOICkCVaMkBTi6eWpUGPeM9maf/jwkURQECXlBc+923iHkszUglbXgTz0gwgSGoMC0VJzo3Arjmy04zgwWAJMf/Wwi43CmLsB/MZcObN61OqrnEJ9S25y6VqOX10RDUVTZYaY2Xr7W1yOuHBvL5TUjFN9jmiKHjxpR5pZrh6lCnFxNeKL6VB4qnEbfLWUxeDXAkPaZtvK0C1zAsaqUjU5VNaXiQZrxl3d9vmov+RWa571vCvIskiAIO3aSpgFmVbH4tyC8TJg3Hck8Q4wEioXt25J9iTFEDQNtbsI8D+FMHW/ToFFFsGfE4LoI2Iq6dOK/LbvLq4ZSiOrLLHNXR3v7QnniA+khXC6NPwsMcVahMcseWz6iaphEUqL/mMM5nYXeZlh9hmOy5rofPOSMe8PkWrvqP2cMPLuZ44nRRtyMNjG+GftrauKLCt6N8X1Qgttp67Ozjrd2uIk4hCSWuirqWLzqsLNKkmxRtUF7/gD/GHLqZKb+3zLeaOGNQhv4Gsb3e6xnnaNFeghjlrKVTWKFPkXYKb6MMRwMOx3iu2jDSn2mHUEoRmJ7QbvCYWL/XH1wI6a403M+ht10ZseHKVjR/J/ryi2yRZIceczl1JM0v4Ha0dYugMran7cISOladn9O5Cruk4xyyFFphuLEUfepaXsnNmTFnAYAQ2XDZPuB3RFgLEBbdVkFGM2uQao2givk8/Jq8dNJMRf0dTkG+vrfbk9n+uXEpKmRPTCErkj5+vQphIq7k4o4O+ZcigjB4Xt0Zk7k2KmdNE1rry02XTVItQ60RAEf+xwx8qoHgYXUxhEK4lGPiI1j6f3s3KO75sBVANVWx6PTLth2+4/uTyU5FPc0VQ856uNiWPs7GCe6labj57D7wmXODCj6V9dGQo3PeHgBpnWNKdQOli4E0fBQXcIrET3te5dD0YZGV6HibdB6uGyu2QMFMJceFA0uDYqQhhpQH6WBq7Xw5A4S+mSSq+NThSMiIOq+BkkIoKaUH5SMKNagK1zUXmIKORKf/PIu1nfBYWOaZtxPsgndY0CzOPt+8qUCwTUaYzFqZXjU8+/ME7UH718Yu8PsTd23PNjOZpKe9RlEyt8IcDiWI5UUhcnwJPwSo0A1xV4JFDcB7wQh9MPVQo35XezvgO3A==
Content-Type: multipart/alternative; boundary="_000_DBB63D54C4C542C896129324BAB6EEDAaeroorg_"
MIME-Version: 1.0
X-OriginatorOrg: aero.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR09MB6542.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f1037973-a5cb-4cc8-a097-08d9efd610c4
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Feb 2022 16:21:33.0966 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c8294700-c5a4-4ca1-a876-1457d39899fd
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR09MB6399
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/6JMJ0lNPwMIvaBLQlbFPhrdd8Rc>
X-Mailman-Approved-At: Mon, 21 Feb 2022 15:54:55 -0800
Subject: Re: [saag] [Qirg] Security considerations in draft-irtf-qirg-quantum-internet-use-cases-08
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Feb 2022 16:21:44 -0000

Hi, all,

Besides the quantum issues, it might be important to include all of the classical channel issues with QKD too.

Joe

--
Dr. Joseph Touch
Principal Scientist
Information Systems and Cyber Division
The Aerospace Corporation
424-254-4357 cell


From: Qirg <qirg-bounces@irtf.org> on behalf of John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>
Date: Saturday, February 12, 2022 at 4:37 AM
To: "qirg@irtf.org" <qirg@irtf.org>
Cc: "cfrg@ietf.org" <cfrg@ietf.org>, saag <saag@ietf.org>
Subject: [Qirg] Security considerations in draft-irtf-qirg-quantum-internet-use-cases-08

Hi,

I think this document is progressing nicely, but the security considerations are severely lacking. I don't think the document can be published without additions to the security considerations. The document mostly focuses on that fact that QKD is information-theoretically secure but misses a lot of practical security weaknesses. Only relying on QKD would catastrophically decrease the security of modern networks and augmenting modern networks with QKD does not make a significant difference.

I think the security consideration has to mention zero-trust as well as referring to the very good overviews given in [3][4][5].

Suggested text:

"
Modern networks are implemented with zero trust principles where classical cryptography is used for confidentiality, integrity protection, and authentication on many of the logical layers of the network stack, often all the way from device to software in the cloud [1]. The cryptographic solutions in use today are based on well-understood primitives, provably secure protocols and state-of-the-art implementations that are secure against a variety of side-channel attacks.

In contrast to conventional cryptography and PQC, the security of QKD is inherently tied to the physical layer, which makes the threat surfaces of QKD and conventional cryptography quite different. QKD implementations have already been subjected to publicized attacks [2] and the NSA notes that the risk profile of conventional cryptography is better understood [3]. The fact that conventional cryptography and PQC are implemented at a higher layer than the physical one means PQC can be used to securely send protected information through untrusted relays. This is in stark contrast with QKD, which relies on hop-by-hop security between intermediate trusted nodes. The PQC approach is better aligned with the modern technology environment, in which more applications are moving toward end-to-end security and zero-trust principles. It is also important to note that while PQC can be deployed as a software update, QKD requires new hardware.

Regarding QKD implementation details, the NSA states that communication needs and security requirements physically conflict in QKD and that the engineering required to balance them has extremely low tolerance for error. While conventional cryptography can be implemented in hardware in some cases for performance or other reasons, QKD is inherently tied to hardware. The NSA points out that this makes QKD less flexible with regard to upgrades or security patches. As QKD is fundamentally a point-to-point protocol, the NSA also notes that QKD networks often require the use of trusted relays, which increases the security risk from insider threats.

The UK’s National Cyber Security Centre cautions against reliance on QKD, especially in critical national infrastructure sectors, and suggests that PQC as standardized by the NIST is a better solution [4]. Meanwhile, the National Cybersecurity Agency of France has decided that QKD could be considered as a defense-in-depth measure complementing conventional cryptography, as long as the cost incurred does not adversely affect the mitigation of current threats to IT systems [5].
"

[1]  NIST, Zero Trust Architecture, August 2020
[2] Physical Review A 78, Experimental demonstration of time-shift attack against practical quantum key distribution systems, October 28, 2008, Zhao, Y.; Fung, C.; Qi, B.; Chen, C.; Lo, H.
[3] NSA, Post-Quantum Cybersecurity Resources
[4] National Cyber Security Centre, Quantum security technologies, March, 2020
[5] ANNSI, Should quantum key distribution be used for secure communications?, May 2020

v2.23.0 | Report a Bug | By Email