Using QKD in MACsec for secure Ethernet networks
Abstract Media access control security (MACsec) is an IEEE 802.1AE standard for secure communication on Ethernet links. MACsec ensures the confidentiality, integrity and origin authenticity of Ethernet frames. The secrecy of MACsec stems from a root key that is either configured as a pre‐shared key...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2021-09-01
|
| Series: | IET Quantum Communication |
| Subjects: | |
| Online Access: | https://doi.org/10.1049/qtc2.12006 |
| _version_ | 1811220227774480384 |
|---|---|
| author | Joo Yeon Cho Andrew Sergeev |
| author_facet | Joo Yeon Cho Andrew Sergeev |
| author_sort | Joo Yeon Cho |
| collection | DOAJ |
| description | Abstract Media access control security (MACsec) is an IEEE 802.1AE standard for secure communication on Ethernet links. MACsec ensures the confidentiality, integrity and origin authenticity of Ethernet frames. The secrecy of MACsec stems from a root key that is either configured as a pre‐shared key or derived from a mutual authentication protocol. However, both methods are not ideal because such a root key may be disclosed due to human errors or broken by quantum attacks. Here, the authors investigate the quantum key distribution (QKD) as an alternative source of trust for MACsec. QKD can be used as either a root key provider or a session key generator. The authors develop a new key exchange protocol based on QKD for Ethernet networks. Furthermore, it is verified by the experiment that QKD could be well integrated into MACsec without performance degradation. |
| first_indexed | 2024-04-12T07:38:15Z |
| format | Article |
| id | doaj.art-aa787e70b39345788fd4d80072067bc9 |
| institution | Directory Open Access Journal |
| issn | 2632-8925 |
| language | English |
| last_indexed | 2024-04-12T07:38:15Z |
| publishDate | 2021-09-01 |
| publisher | Wiley |
| record_format | Article |
| series | IET Quantum Communication |
| spelling | doaj.art-aa787e70b39345788fd4d80072067bc92022-12-22T03:41:53ZengWileyIET Quantum Communication2632-89252021-09-0123667310.1049/qtc2.12006Using QKD in MACsec for secure Ethernet networksJoo Yeon Cho0Andrew Sergeev1ADVA Optical Networking SE Fraunhoferstrasse Martinsried GermanyADVA Optical Networking Israel Ltd. Hatidhar Street Ra’anana IsraelAbstract Media access control security (MACsec) is an IEEE 802.1AE standard for secure communication on Ethernet links. MACsec ensures the confidentiality, integrity and origin authenticity of Ethernet frames. The secrecy of MACsec stems from a root key that is either configured as a pre‐shared key or derived from a mutual authentication protocol. However, both methods are not ideal because such a root key may be disclosed due to human errors or broken by quantum attacks. Here, the authors investigate the quantum key distribution (QKD) as an alternative source of trust for MACsec. QKD can be used as either a root key provider or a session key generator. The authors develop a new key exchange protocol based on QKD for Ethernet networks. Furthermore, it is verified by the experiment that QKD could be well integrated into MACsec without performance degradation.https://doi.org/10.1049/qtc2.12006access protocolsauthorisationcryptographic protocolscryptographylocal area networksmetropolitan area networks |
| spellingShingle | Joo Yeon Cho Andrew Sergeev Using QKD in MACsec for secure Ethernet networks IET Quantum Communication access protocols authorisation cryptographic protocols cryptography local area networks metropolitan area networks |
| title | Using QKD in MACsec for secure Ethernet networks |
| title_full | Using QKD in MACsec for secure Ethernet networks |
| title_fullStr | Using QKD in MACsec for secure Ethernet networks |
| title_full_unstemmed | Using QKD in MACsec for secure Ethernet networks |
| title_short | Using QKD in MACsec for secure Ethernet networks |
| title_sort | using qkd in macsec for secure ethernet networks |
| topic | access protocols authorisation cryptographic protocols cryptography local area networks metropolitan area networks |
| url | https://doi.org/10.1049/qtc2.12006 |
| work_keys_str_mv | AT jooyeoncho usingqkdinmacsecforsecureethernetnetworks AT andrewsergeev usingqkdinmacsecforsecureethernetnetworks |