Beyond Fiber: Scaling Quantum Security Across Networks

by

Author: Denis Avetisyan

A new approach to key distribution leverages hybrid quantum and post-quantum cryptography to connect geographically separated quantum key distribution systems.

A testbed spanning Galicia and the Basque Country demonstrates a hybrid quantum-classical key distribution network, utilizing physically secured <span class="katex-eq" data-katex-display="false">QKD</span> links-propagating keys via <span class="katex-eq" data-katex-display="false">ETSI\,020</span> with <span class="katex-eq" data-katex-display="false">QKD</span> and post-quantum cryptography-alongside <span class="katex-eq" data-katex-display="false">ETSI\,020</span> interfaces secured solely with post-quantum cryptography, while vendor key management systems distribute <span class="katex-eq" data-katex-display="false">QKD</span> keys via <span class="katex-eq" data-katex-display="false">ETSI\,014</span> calls to key management transfer station nodes.
A testbed spanning Galicia and the Basque Country demonstrates a hybrid quantum-classical key distribution network, utilizing physically secured QKD links-propagating keys via ETSI\,020 with QKD and post-quantum cryptography-alongside ETSI\,020 interfaces secured solely with post-quantum cryptography, while vendor key management systems distribute QKD keys via ETSI\,014 calls to key management transfer station nodes.

This paper details a federated Key Management System for secure key delivery across disparate Quantum Key Distribution networks using a combination of trusted nodes, ETSI standards, and hybrid key transport mechanisms.

While quantum key distribution (QKD) promises information-theoretic security, its practical deployment for wide-area networking remains challenging due to the limitations of direct fiber links and inherent trust assumptions. This paper, ‘Interconnecting Regional QKD Networks: Hybrid Key Delivery Across Quantum Domains’, presents a standards-driven, distributed key management system designed to overcome these obstacles. The proposed framework securely relays keys between isolated QKD domains using a hybrid approach combining QKD-generated keys with post-quantum cryptography (PQC) for transport, and has been experimentally validated across a three-region testbed. Can this federated architecture pave the way for scalable, globally interconnected quantum-secured networks?

The Quantum Horizon: Securing Tomorrow’s Communications

The foundation of modern digital security rests upon the computational difficulty of certain mathematical problems – problems that classical computers find practically impossible to solve within a reasonable timeframe. However, the anticipated arrival of fault-tolerant quantum computers presents a fundamental challenge to this security. Algorithms like Shor’s algorithm demonstrate the capability to efficiently factor large numbers and compute discrete logarithms – the very problems underpinning widely used public-key cryptography such as RSA and ECC. This means that data currently considered secure, including financial transactions, governmental communications, and personal information, becomes vulnerable to decryption by a sufficiently powerful quantum computer. The threat isn’t merely theoretical; ongoing advancements in quantum computing technology necessitate proactive development and implementation of cryptographic alternatives capable of withstanding quantum attacks, marking a critical turning point in the field of cybersecurity.

The digital landscape currently relies on cryptographic algorithms – like RSA and ECC – to safeguard sensitive information, but the anticipated arrival of fault-tolerant quantum computers presents a significant and growing threat to their effectiveness. These algorithms, while secure against classical computational attacks, are vulnerable to Shor’s algorithm, a quantum algorithm capable of factoring large numbers and solving the discrete logarithm problem with exponential speedup. This means that encrypted data considered secure today could be readily decrypted in the future, necessitating a proactive transition to quantum-resistant cryptography. This paradigm shift involves developing and deploying new cryptographic algorithms – often referred to as post-quantum cryptography – that are believed to be secure against both classical and quantum attacks, ensuring continued confidentiality and integrity in a post-quantum world. The urgency stems not only from the potential for future decryption of stored data, but also from the risk of “harvest now, decrypt later” attacks where malicious actors are currently intercepting encrypted communications with the intention of decrypting them once quantum computers become powerful enough.

While post-quantum cryptography focuses on developing algorithms resistant to quantum attacks, a complete security solution demands more than just mathematical resilience. Secure key distribution-the reliable and authenticated exchange of encryption keys-forms the bedrock of any cryptographic system, and this process presents a significant challenge in a post-quantum world. Simply possessing an unbreakable algorithm is insufficient if the key used with that algorithm is compromised during transmission. Robust infrastructure for key distribution encompasses both the physical network and the protocols governing key exchange, requiring careful consideration of factors like channel security, authentication mechanisms, and resilience against man-in-the-middle attacks. This necessitates investment in technologies like Quantum Key Distribution (QKD) or the development of classically-secured distribution networks that can withstand future quantum threats, ensuring that cryptographic keys remain confidential and integrity is maintained throughout the entire communication lifecycle.

The practical implementation of quantum key distribution (QKD) hinges critically on two performance metrics: key rate and delay. While QKD offers theoretical security against future computational threats, its real-world viability is determined by how quickly secure keys can be generated and distributed. Current functional QKD systems demonstrate key rates typically around 2-3 kilobits per second – a rate sufficient for securing certain data streams, but a limitation for high-bandwidth applications. Equally important is the delay experienced during key distribution, which currently ranges from 100 to 700 milliseconds. This latency, though seemingly brief, presents challenges for time-sensitive communications and requires careful system design to minimize impact. Ongoing research focuses on improving both key rates and reducing delays to broaden the applicability of QKD and establish it as a cornerstone of future secure communication networks.

Concurrent key request latency varies over time, with each vertical slice representing the delay for queries directed to a specific Key Management System Test Node (KMSTN).
Concurrent key request latency varies over time, with each vertical slice representing the delay for queries directed to a specific Key Management System Test Node (KMSTN).

Quantum Key Distribution: Evaluating Practicality and Range

Quantum Key Distribution (QKD) achieves information-theoretic security by leveraging the principles of quantum mechanics to guarantee the detection of any eavesdropping attempts during key exchange; however, practical implementations are fundamentally limited in transmission distance. This limitation stems from signal attenuation and decoherence in optical fibers, requiring increasingly powerful lasers and sensitive detectors to maintain a viable signal over longer distances. Current fiber-optic QKD systems typically achieve secure key exchange up to approximately 200 kilometers without the use of repeaters. Beyond this range, the probability of error in key exchange becomes unacceptably high, necessitating alternative approaches such as trusted nodes or satellite-based QKD to extend the secure communication range.

Extending the practical range of Quantum Key Distribution (QKD) beyond the limitations imposed by signal attenuation necessitates the implementation of trusted nodes. These nodes function as relay points, receiving a quantum key from one adjacent node and then distributing a new quantum key to the next, thereby creating a multi-hop network of secure links. Each trusted node decrypts the incoming key, encrypts a new key, and forwards it, effectively extending the secure communication path. The security of this extended network, however, is fundamentally dependent on the physical security and integrity of these trusted nodes, as any compromise at a node breaks the end-to-end security of the key distribution.

Trusted nodes in a Quantum Key Distribution (QKD) network necessitate a robust Key Management System (KMS) for both operational functionality and secure storage of generated keys. The KMS is responsible for receiving, authenticating, and securely storing keys relayed through the trusted node, preventing unauthorized access or modification. This system must also manage key versioning, archiving, and destruction according to established security protocols. Furthermore, the KMS facilitates key distribution to Secure Application Entities, ensuring only authorized parties can access the keys required for encrypted communication. Compromise of the KMS represents a single point of failure, therefore it requires stringent physical and logical security controls, including tamper-proof hardware, multi-factor authentication, and regular security audits.

Secure Application Entities (SAEs), representing the endpoints requiring secure communication – such as servers, workstations, or dedicated security appliances – do not directly generate or store cryptographic keys. Instead, these entities utilize a Key Management System (KMS) through defined application programming interfaces (APIs) to request and receive keys appropriate for their specific security needs. Following key consumption for encryption, decryption, or authentication, the SAEs do not retain the keys; key material remains securely stored and managed within the KMS. This architecture minimizes the attack surface by centralizing key management and ensuring that sensitive cryptographic material is not exposed on potentially compromised endpoints. The KMS provides key versioning and lifecycle management, enabling secure key rotation and revocation as required by security policies.

Key requests are processed through a workflow involving message exchanges between Knowledge Management System Task Nodes (KMSTNs) and Service Access Entities (SAEs).
Key requests are processed through a workflow involving message exchanges between Knowledge Management System Task Nodes (KMSTNs) and Service Access Entities (SAEs).

Hybrid Key Transport: A Pragmatic Approach to Quantum-Resistant Security

Hybrid Key Transport addresses the limitations of both Quantum Key Distribution (QKD) and Post-Quantum Cryptography (PQC) by combining their respective strengths. QKD, while offering information-theoretic security, is constrained by distance due to signal attenuation and practical implementation challenges. PQC algorithms, such as Kyber, are resistant to attacks from both classical and quantum computers, but their security relies on computational hardness assumptions. Hybrid approaches utilize QKD to establish a secret key over a limited distance, then employ PQC algorithms to extend the key’s usability and distribution range beyond the QKD system’s physical limitations, effectively increasing the overall system’s reach and bolstering security against evolving threats.

Hybrid key transport utilizes Quantum Key Distribution (QKD) to generate and distribute an initial secret key between parties. This key is then used to encrypt a symmetric key, such as one generated by the Kyber post-quantum cryptographic algorithm. The encrypted symmetric key is transmitted classically. Upon receipt, the classical message is decrypted using the key established via QKD, yielding the symmetric key. Subsequent data transmission then employs this symmetric key with a classical symmetric encryption algorithm, providing confidentiality. This combination allows QKD to address the limitations of distance and infrastructure while benefiting from the maturity and wider deployment capabilities of PQC algorithms like Kyber.

Integration of hybrid key transport systems with existing protocols, notably Transport Layer Security (TLS), facilitates deployment without requiring wholesale infrastructure replacement. This is achieved by utilizing QKD or PQC-established keys within the TLS key exchange process, typically through mechanisms like key encapsulation. Specifically, a hybrid system can employ QKD to generate a shared secret, which is then used as input to a PQC key encapsulation mechanism (KEM) like Kyber. The resulting ciphertext, along with appropriate metadata, is transmitted via TLS. This allows for a gradual transition towards quantum-resistant cryptography, leveraging existing security infrastructure and minimizing disruption to established network communications.

The European Telecommunications Standards Institute (ETSI) has developed standards to facilitate the interoperability of Quantum Key Distribution (QKD) and Post-Quantum Cryptography (PQC) systems. Specifically, ETSI GS QKD 014 defines the key management system (KMS) interface, outlining requirements for secure key storage, retrieval, and distribution. Complementing this, ETSI GS QKD 020 specifies the interfaces for secure application coordination, enabling QKD and PQC to work together within existing security architectures. These standards address aspects such as key format, API specifications, and security considerations, promoting a standardized approach to hybrid key transport implementation and deployment, and enabling integration with legacy systems.

Keyrate statistics reveal distinct patterns between nodes KMSTN1 and KMSTN7.
Keyrate statistics reveal distinct patterns between nodes KMSTN1 and KMSTN7.

Securing the Foundation: Trust and Integrity in a Quantum Landscape

The Trusted Platform Module (TPM) is a dedicated microcontroller designed to secure hardware by integrating cryptographic keys into a protected environment. It functions as a hardware root of trust, meaning its integrity is essential for establishing trust in the system. TPMs utilize cryptographic mechanisms to generate, store, and protect keys, preventing unauthorized access and modification. These keys can be used for various security functions, including disk encryption, user authentication, and digital rights management. Crucially, TPMs are resistant to tampering; physical attempts to compromise the module typically result in key deletion or module disablement, further safeguarding sensitive data and ensuring system integrity. Modern TPMs, such as TPM 2.0, support a range of cryptographic algorithms and offer enhanced security features compared to earlier versions.

Trusted nodes employ techniques such as One-Time Pads (OTPs) to achieve exceptionally secure key relaying by generating a truly random key sequence the same length as the message being transmitted; this key is used only once and then destroyed, preventing any cryptographic attack even if the key is intercepted. The security of OTPs relies entirely on the key’s randomness and the guarantee of its single use; any reuse compromises the entire system. Because OTPs require a pre-shared secret key as long as the message itself, practical implementation is limited to scenarios with infrequent communication or where a secure key distribution channel already exists. This method effectively eliminates any statistical relationship between the ciphertext and the plaintext, offering theoretical perfect secrecy.

The Key Management System (KMS) functions as the single point of control for cryptographic keys within the network infrastructure. This centralized approach encompasses the entire key lifecycle, beginning with secure generation utilizing approved algorithms and entropy sources. Distribution is handled through controlled access mechanisms and encryption, ensuring keys reach authorized nodes only. The KMS also provides robust management features, including key rotation, revocation, and secure storage, often leveraging Hardware Security Modules (HSMs) for enhanced protection against compromise. Audit trails are maintained to track key usage and administrative actions, enabling compliance and forensic analysis. By centralizing these functions, the KMS minimizes the risk of key sprawl, loss, or unauthorized access, strengthening the overall security posture of the network.

Interoperability and scalability within a secure infrastructure are directly supported by the implementation of standardized interfaces and protocols. Specifically, adherence to industry-recognized cryptographic standards – such as those defined by NIST and IETF – ensures that components from different vendors can securely communicate and exchange data. Standardized Application Programming Interfaces (APIs) facilitate integration between hardware security modules (HSMs), key management systems (KMS), and application software. Furthermore, the use of open protocols like TLS 1.3 and SSH allows for secure communication across heterogeneous networks, while standardized key exchange mechanisms, like those based on elliptic-curve cryptography, enable scalable key distribution without compromising security. These practices minimize vendor lock-in and enable a modular, adaptable system capable of growth and evolution.

A Quantum Future: EuroQCI and the Path to Sovereign Security

Across Europe, a concerted effort is underway to establish a quantum communication infrastructure, spearheaded by initiatives like the EuroQCI. This ambitious project aims to create a secure and sovereign communication network leveraging the principles of quantum mechanics. The envisioned infrastructure won’t replace existing networks, but rather will function as a highly secure layer for transmitting critical data, protecting it from increasingly sophisticated cyber threats – including those posed by future quantum computers. By connecting key strategic locations – governmental institutions, critical infrastructure providers, and research centers – EuroQCI intends to ensure data confidentiality and integrity across borders, fostering a resilient digital ecosystem and positioning Europe at the forefront of this transformative technology. The project’s scope extends beyond immediate security concerns, also encouraging the development of a European quantum technology industry and promoting collaborative research in the field.

The EuroQCI initiative relies heavily on Hybrid Key Transport to overcome the limitations of current quantum communication methods, particularly when establishing secure connections over long distances. This approach strategically combines Quantum Key Distribution (QKD) with Post-Quantum Cryptography (PQC). QKD, while offering information-theoretic security, suffers from signal loss over extended fiber optic networks; PQC offers a robust alternative that, while not inherently quantum, is designed to resist attacks from future quantum computers. Hybrid Key Transport leverages the strengths of both, using QKD for initial key establishment over shorter, more reliable links, and seamlessly transitioning to PQC for extending secure communication across the entire network. This ensures not only immediate security but also future-proofs the infrastructure against evolving threats, allowing for the reliable and confidential exchange of information across a continent-wide quantum communication network.

The future of secure communication hinges on a layered approach, and the convergence of Quantum Key Distribution (QKD) with Post-Quantum Cryptography (PQC) represents a significant stride towards that goal. While QKD utilizes the laws of physics to guarantee secure key exchange, it currently faces limitations in range and scalability. PQC, conversely, employs mathematical algorithms resistant to attacks from both classical and future quantum computers, offering a software-based solution applicable to existing infrastructure. Crucially, the EuroQCI initiative recognizes that neither technology operates in isolation; a robust system requires both. Standardized interfaces are therefore paramount, allowing seamless integration and interoperability between QKD systems, PQC algorithms, and conventional communication networks. This blended architecture not only safeguards against current threats but also provides a pathway to long-term security, ensuring data remains protected as quantum computing capabilities advance and evolve.

A recent 500km testbed deployment showcases the tangible progress in quantum communication, achieving key rates of 2-3 kb/s alongside delays of 100-700ms – figures that, while representing an early stage, demonstrate the feasibility of secure data transmission over significant distances. This investment isn’t merely a technological exercise; it’s a strategic move to future-proof critical infrastructure against evolving cyber threats, particularly those anticipated with the advent of quantum computing. The successful operation of this testbed acts as a catalyst, fostering innovation in related fields like cryptography and network engineering, and establishing a foundation for a secure, pan-European quantum communication network expected to safeguard sensitive data and maintain digital sovereignty for decades to come.

The presented work emphasizes a holistic approach to secure communication, acknowledging that interconnected systems are more than the sum of their parts. This mirrors Robert Tarjan’s insight: “A good program is not just correct; it is elegant and efficient.” The federated Key Management System detailed in this paper, designed to bridge geographically disparate Quantum Key Distribution networks, demonstrates this principle. By integrating quantum and post-quantum cryptographic methods, the system doesn’t simply address the limitations of direct fiber links – it creates a resilient, adaptable structure where each component’s behavior influences the whole network’s security. The design prioritizes a cohesive system, recognizing that structural choices, like the hybrid key transport, define the network’s overall robustness and scalability.

The Road Ahead

The presented work addresses a practical, if somewhat inevitable, challenge: the extension of quantum key distribution beyond the reach of direct fiber links. One cannot simply lay a quantum channel across a continent; the system demands a more nuanced architecture. This federation of quantum domains, reliant on hybrid key transport, feels less like a solution and more like a necessary compromise. It is akin to reinforcing a bridge with materials other than the original stone – structurally sound, perhaps, but altering the fundamental character of the crossing.

The true limitations, however, lie not in the cryptography itself, but in the management of trust. A federated system merely shifts the point of vulnerability. One cannot replace a single, heavily guarded node with a network of cooperating entities without a corresponding increase in systemic complexity. The architecture demands a rigorous formalization of trust relationships, and an ongoing audit of adherence to protocol – a task that feels, at present, more aspirational than achievable.

Future work must therefore focus not simply on bolstering the cryptographic layers, but on developing the meta-layers of governance and accountability. The elegance of quantum mechanics deserves an equally elegant system of control. Without it, the promise of secure communication risks becoming another example of a beautifully designed component failing within a poorly understood machine.

Original article: https://arxiv.org/pdf/2604.20376.pdf

Contact the author: https://www.linkedin.com/in/avetisyan/

See also:

2026-04-23 07:39