Towards quantum‐secure software defined networks
Abstract The evolution of quantum computers is considered a serious threat to public‐key cryptosystems (e.g. RSA, ECDSA, ECDH, etc.). This is indeed a big concern for security of the Internet and other data communication and storage systems. The reason is that public‐key schemes are the basis in the...
| Váldodahkkit: | , , , , |
|---|---|
| Materiálatiipa: | Artihkal |
| Giella: | English |
| Almmustuhtton: |
Wiley
2024-03-01
|
| Ráidu: | IET Quantum Communication |
| Fáttát: | |
| Liŋkkat: | https://doi.org/10.1049/qtc2.12073 |
| _version_ | 1827337832983691264 |
|---|---|
| author | Mohammad Reza Nosouhi Keshav Sood Vinay Chamola Jongkil Jay Jeong Anuroop Gaddam |
| author_facet | Mohammad Reza Nosouhi Keshav Sood Vinay Chamola Jongkil Jay Jeong Anuroop Gaddam |
| author_sort | Mohammad Reza Nosouhi |
| collection | DOAJ |
| description | Abstract The evolution of quantum computers is considered a serious threat to public‐key cryptosystems (e.g. RSA, ECDSA, ECDH, etc.). This is indeed a big concern for security of the Internet and other data communication and storage systems. The reason is that public‐key schemes are the basis in the generation of shared symmetric keys that are used to perform data encryption/decryption in communication and data transfer protocols. One possible approach to address this issue is to use Quantum Key Distribution (QKD) (instead of public‐key schemes) for the ultra‐secure generation of symmetric keys. QKD is a physical layer technology that allows two parties (equipped with optical communication interfaces) to generate secure random keys over a quantum channel that is immune to eavesdropping threats. The keys are then used by symmetric encryption schemes (e.g. AES) to encrypt data over classical channels. This allows us to have data encryption/decryption without needing a public‐key scheme. However, due to its inherent characteristics, the implementation of QKD has mostly been considered in particular contexts only (e.g. backhaul networks, point‐to‐point connections, optical networks, etc.). This indeed limits the utility of QKD technology to only some particular applications while it has the potential to be used in a wide range of used cases. Motivated by this (increasing the usability of QKD technology), in this study, the authors propose a model that enables SDN‐based networks to utilise QKD technology and provide QKD security service (i.e., random key generation service) to network applications and security protocols in a practical and efficient way. In the proposed approach, secret keys are generated based on the distribution of quantum entanglement between QKD nodes deployed in the network. The significant characteristic of our proposed model is that it does not rely on quantum repeaters to operate. This also improves the efficiency of the employed QKD mechanisms in terms of the key generation rate. |
| first_indexed | 2024-03-07T19:02:50Z |
| format | Article |
| id | doaj.art-e17cd3a70a804b0da2f7d604aefc100d |
| institution | Directory Open Access Journal |
| issn | 2632-8925 |
| language | English |
| last_indexed | 2024-03-07T19:02:50Z |
| publishDate | 2024-03-01 |
| publisher | Wiley |
| record_format | Article |
| series | IET Quantum Communication |
| spelling | doaj.art-e17cd3a70a804b0da2f7d604aefc100d2024-03-01T12:07:40ZengWileyIET Quantum Communication2632-89252024-03-0151667110.1049/qtc2.12073Towards quantum‐secure software defined networksMohammad Reza Nosouhi0Keshav Sood1Vinay Chamola2Jongkil Jay Jeong3Anuroop Gaddam4Centre for Cyber Resilience and Trust (CREST) School of Information Technology Deakin University Burwood AustraliaCentre for Cyber Resilience and Trust (CREST) School of Information Technology Deakin University Burwood AustraliaEEE Department BITS Pilani Rajasthan IndiaCentre for Cyber Resilience and Trust (CREST) School of Information Technology Deakin University Burwood AustraliaSchool of Information Technology Deakin University Burwood AustraliaAbstract The evolution of quantum computers is considered a serious threat to public‐key cryptosystems (e.g. RSA, ECDSA, ECDH, etc.). This is indeed a big concern for security of the Internet and other data communication and storage systems. The reason is that public‐key schemes are the basis in the generation of shared symmetric keys that are used to perform data encryption/decryption in communication and data transfer protocols. One possible approach to address this issue is to use Quantum Key Distribution (QKD) (instead of public‐key schemes) for the ultra‐secure generation of symmetric keys. QKD is a physical layer technology that allows two parties (equipped with optical communication interfaces) to generate secure random keys over a quantum channel that is immune to eavesdropping threats. The keys are then used by symmetric encryption schemes (e.g. AES) to encrypt data over classical channels. This allows us to have data encryption/decryption without needing a public‐key scheme. However, due to its inherent characteristics, the implementation of QKD has mostly been considered in particular contexts only (e.g. backhaul networks, point‐to‐point connections, optical networks, etc.). This indeed limits the utility of QKD technology to only some particular applications while it has the potential to be used in a wide range of used cases. Motivated by this (increasing the usability of QKD technology), in this study, the authors propose a model that enables SDN‐based networks to utilise QKD technology and provide QKD security service (i.e., random key generation service) to network applications and security protocols in a practical and efficient way. In the proposed approach, secret keys are generated based on the distribution of quantum entanglement between QKD nodes deployed in the network. The significant characteristic of our proposed model is that it does not rely on quantum repeaters to operate. This also improves the efficiency of the employed QKD mechanisms in terms of the key generation rate.https://doi.org/10.1049/qtc2.12073public key cryptographyquantum communicationquantum computingquantum cryptographyquantum entanglementquantum information |
| spellingShingle | Mohammad Reza Nosouhi Keshav Sood Vinay Chamola Jongkil Jay Jeong Anuroop Gaddam Towards quantum‐secure software defined networks IET Quantum Communication public key cryptography quantum communication quantum computing quantum cryptography quantum entanglement quantum information |
| title | Towards quantum‐secure software defined networks |
| title_full | Towards quantum‐secure software defined networks |
| title_fullStr | Towards quantum‐secure software defined networks |
| title_full_unstemmed | Towards quantum‐secure software defined networks |
| title_short | Towards quantum‐secure software defined networks |
| title_sort | towards quantum secure software defined networks |
| topic | public key cryptography quantum communication quantum computing quantum cryptography quantum entanglement quantum information |
| url | https://doi.org/10.1049/qtc2.12073 |
| work_keys_str_mv | AT mohammadrezanosouhi towardsquantumsecuresoftwaredefinednetworks AT keshavsood towardsquantumsecuresoftwaredefinednetworks AT vinaychamola towardsquantumsecuresoftwaredefinednetworks AT jongkiljayjeong towardsquantumsecuresoftwaredefinednetworks AT anuroopgaddam towardsquantumsecuresoftwaredefinednetworks |