Using QKD in MACsec for secure Ethernet networks

Using QKD in MACsec for secure Ethernet networks

Abstract Media access control security (MACsec) is an IEEE 802.1AE standard for secure communication on Ethernet links. MACsec ensures the confidentiality, integrity and origin authenticity of Ethernet frames. The secrecy of MACsec stems from a root key that is either configured as a pre‐shared key...

Full description

Bibliographic Details
Main Authors: Joo Yeon Cho, Andrew Sergeev
Format: Article
Language:English
Published: Wiley 2021-09-01
Series:IET Quantum Communication
Subjects:
access protocols
authorisation
cryptographic protocols
cryptography
local area networks
metropolitan area networks
Online Access:https://doi.org/10.1049/qtc2.12006
Description
Summary:Abstract Media access control security (MACsec) is an IEEE 802.1AE standard for secure communication on Ethernet links. MACsec ensures the confidentiality, integrity and origin authenticity of Ethernet frames. The secrecy of MACsec stems from a root key that is either configured as a pre‐shared key or derived from a mutual authentication protocol. However, both methods are not ideal because such a root key may be disclosed due to human errors or broken by quantum attacks. Here, the authors investigate the quantum key distribution (QKD) as an alternative source of trust for MACsec. QKD can be used as either a root key provider or a session key generator. The authors develop a new key exchange protocol based on QKD for Ethernet networks. Furthermore, it is verified by the experiment that QKD could be well integrated into MACsec without performance degradation.
ISSN:2632-8925

Similar Items