An approach to integrate quantum key distribution technology into standard secure communication applications

摘要

Quantum Key Distribution (QKD) technology provides unconditional secure cryptography key sharing between two separate sites based on the laws of physics. With the shared keys, applications are able to communicate with each other in an information theoretically secure manner. We propose a method for providing secure communication that selects between QKD-based security and standard cryptography-based security automatically according to the current amount of QKD keys stored by QKD. The proposed method provides a QKD-based secure communication function. However, in the case of a shortage of QKD keys stored, the method alternatively provides a standard cryptography-based secure communication function to avoid a communication delay. Since the method has an OpenSSL-compatible interface, that is, a de facto standard cryptography library for secure communication, it makes it easy to port existing secure communication applications developed with the OpenSSL library to QKD-ready applications. It could also make it possible to phase QKD technology into existing secure communication applications. The quantitative performance evaluation showed the secure session establishment delay. Although the result reveals that the proposed method increases the session establishment delay, the delay overhead of the proposed cryptography method selection is 7 msec., which is acceptable for some practical applications. In addition, the result also shows that the delay difference from the standard cryptography can be reduced when the standard cryptography uses a larger key.