Quantum key distribution and Denial-of-Service: Using strengthened classical cryptography as a fallback option

Schartner, Peter; Raß, Stefan

doi:10.1109/compsym.2010.5685533

Cited by 11 publications

(10 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Quantum Key Distribution (QKD) Networks C QKD resources, the mitigation of attacks is envisaged as described in [7]. Various approaches integrating QKD in a network scale have been successfully demonstrated worldwide including field trials [9][10][11][12].…”

Section: Monitoring and Physical Layer Attack Mitigation In Sdn-contrmentioning

confidence: 99%

“…However, QKD sensitivity to the optical losses and the noise level of the links increase the technology susceptibility against physical-layer attacks and becomes the main security threat in optical QKD networks [6,7]. An attack over an individual optical fiber link can be executed by acting on the quantum channel, increasing the noise above the threshold of security and disrupting the key generation, despite the availability of the QKD link.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Monitoring and Physical-Layer Attack Mitigation in SDN-Controlled Quantum Key Distribution Networks

Hugues-Salas

Ntavou

Gkounis

et al. 2019

J. Opt. Commun. Netw.

View full text Add to dashboard Cite

Quantum Key Distribution (QKD) has been identified as a secure method for providing symmetric keys between two parties based on the fundamental laws of quantum physics, making impossible for a third party to copy the quantum states exchanged without being detected by the sender (Alice) and receiver (BoB) and without altering the original states. However, when QKD is applied in a deployed optical network, physical layer intrusions may occur in the optical links by injecting harmful signals directly into the optical fibre. This can have a detrimental effect on the key distribution and eventually lead to its disruption. On the other hand, network architectures with software defined networking (SDN) benefit from a homogeneous and unified control plane that can seamlessly control a QKD enabled optical network end-to-end. There is no need for a separate QKD control, a separate control for each segment of an optical network and an orchestrator to coordinate between these parts. Furthermore, SDN allows customised and application tailored control and algorithm provisioning, such as QKD aware optical path computation, to be deployed in the network, independent of the underlying infrastructure. Therefore, in this manuscript, we investigate the integration of the application, SDN and QKD infrastructure layers and confirm capability for flexible supervision and uninterrupted key service provisioning in the event of link level attacks. An experimental demonstrator is used, for the first time, to verify the architecture proposed, considering realtime monitoring of quantum parameters and fiberoptic link intruders to emulate real-world conditions. Furthermore, attacks on a standard single-mode fiber (via a 3dB coupler) and a multicore fiber (via an adjacent core) are undertaken to explore different connectivity between QKD units. Results show an additional attacker identification and switching time of less than 60ms for the link cases investigated, being negligible compared to the total (re)initialization time of 14 minutes of the QKD units.

show abstract

Section: Monitoring and Physical Layer Attack Mitigation In Sdn-contrmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Monitoring and Physical-Layer Attack Mitigation in SDN-Controlled Quantum Key Distribution Networks

Hugues-Salas

Ntavou

Gkounis

et al. 2019

J. Opt. Commun. Netw.

View full text Add to dashboard Cite

show abstract

“…This time span may be used to securely transmit an alarm message to the network management center. The second approach proposed by Schartner & Rass (2010) resurrects the idea of keeping public parameters secret, like proposed by Kaabneh & Al-Bdour (2005). Here the idea is to use the remaining key material in the most efficient way and maintain a high level of secrecy during the DOS attack on the QKD link(s).…”

Section: Trusted Nodes Denial-of-service Maintenance and Recoverymentioning

confidence: 99%

“…And if the attacker retrieves the primes of the modulus by other means, he is still missing the public key (which is also transmitted encrypted by use of an OTP). For assessing how hard these problems really are, and an alternative that replaces RSA and AES by ECC, we refer the reader to Schartner & Rass (2010).…”

Section: Counteracting Dos-attacksmentioning

confidence: 99%