TECHNICAL
In this paper, we provide an updated analysis of QKD as a security technology, and the development of QRNGs. We also consider the future of quantum networking technologies.
This means taking one of two options to protect against the quantum computing threat. The first of these is using post- quantum cryptography (PQC) to provide authentication. PQC algorithms have been through a rigorous standardisation process run by NIST (the US national standards body) with extensive global scrutiny from experts in academia, industry and governments. Implementations are already being developed and deployed in some operational systems, and PQC will continue to be integrated into security protocols and widely used libraries. As well as offering authentication, PQC also includes mechanisms for agreeing cryptographic keys. The NCSC recommends PQC as the primary mitigation to the threat to cryptography from quantum computing, and has issued guidance on timelines for PQC migration. The second option is to use QKD in systems based only on symmetric-key authentication (which is resistant to quantum computing) with pre-shared keys to support authentication. This can work in some controlled environments, but such systems do not have general purpose applicability as the distribution and management of these authentication keys makes scaling and managing systems difficult in practice.
Quantum Key Distribution
Quantum Key Distribution provides a mechanism to generate and share cryptographic keys in a way that guarantees detection against eavesdroppers and is resistant to a future quantum computer. It offers provable security (in the sense that – given a model of operation – there is a set of security guarantees that it upholds) that is underpinned by the laws of physics. Establishment of cryptographic keys between communicating parties in a network is only one of a number of necessary steps needed to ensure secure communications. A critical additional mechanism is authentication; that is, establishing the identity of those parties. QKD does not provide authentication, nor do any other quantum techniques. Therefore, in practice, QKD must be combined with other cryptographic services to provide security against the threat from quantum computing, and therefore should not be relied on as a mechanism that provides substantial security value.