ETSI GS QKD 014 V1.1.1
The present document specifies a communication protocol and data format for a quantum key distribution (QKD) network to supply cryptographic keys to an application.
The present document specifies a communication protocol and data format for a quantum key distribution (QKD) network to supply cryptographic keys to an application.
The present document describes the main communication resources involved in a QKD system and the possible architectures that can be adopted when performing a QKD deployment over an optical network infrastructure. The scope of the present document is restricted to QKD deployments over fibre optical networks. Architectural options are also restricted to point-to-point communication.
The present document gives specifications and procedures for the characterization of optical components for use in QKD systems. Examples of specific tests and procedures for performing such tests are given. Due to their importance in the security of a QKD system, particular attention is given to active optical components such as optical sources and single photon detectors.
The present document is intended to specify an Application Programming Interface (API) between a QKD key manager and applications. The function of a QKD key manager is to manage the secure keys produced by an implementation of a QKD protocol and to deliver the identical set of keys, via this API, to the associated applications at the communication end points.
The Use Cases Document shall provide an overview of possible application scenarios in which Quantum Key Distribution (QKD) systems ([i.1]) can be used as building blocks for high security Information and communication technology (ICT) systems.
The present document gives information on the long-term suitability of symmetric cryptographic primitives in the face of quantum computing.
The present document presents the results of a simplified threat assessment following the guidelines of ETSI TS 102 165-1 [i.3] for a number of use cases. The method and key results of the analysis is described in clause 4. The present document makes a number of assumptions regarding the timescale for the deployment of viable quantum computers, however the overriding assertion is that quantum computing will become viable in due course. This is examined in more detail in clause 5. The impact of quantum computing attacks on the cryptographic deployments used in a number of existing industrial deployment scenarios are considered in clause 7.
The present document examines a number of real-world uses cases for the deployment of quantum-safe cryptography (QSC). Specifically, it examines some typical applications where cryptographic primitives are deployed today and discusses some points for consideration by developers, highlighting features that may need change to accommodate quantum-safe cryptography. The main focus of the document is on options for upgrading public-key primitives for key establishment and authentication, although several alternative, non-public-key options are also discussed.
The present document gives an overview of the current understanding and best practice in academia and industry about quantum-safe cryptography (QSC). It focuses on identifying and assessing cryptographic primitives that have been proposed for efficient key establishment and authentication applications, and which may be suitable for standardization by ETSI and subsequent use by industry to develop quantum-safe solutions for real-world applications.
Information technology security techniques — Security requirements, test and evaluation methods for quantum key distribution — Part 2: Evaluation and testing methods
Information technology security techniques — Security requirements, test and evaluation methods for quantum key distribution — Part 1: Requirements
Recommendation ITU-T X.1714 describes key combination methods for quantum key distribution network (QKDN) and specifies security requirements for both the key combination and the key supply from QKDN to cryptographic applications.