QUantum-based ReSistant Architectures and Techniques
The QURSA project addresses the design and proof of concept of an architecture and algorithms for quantum key distribution (QKD) over complex networks, and their integration with the classical Internet core and distribution infrastructures by means of an improved post-processing layer. For achieving an effective, seamless integration and maximize the adoption of quantum-based physical security across a diverse range of domains, we also propose to develop a novel bridge QKD endpoints, i.e., a set of physical equipment, part of the QKD network themselves, but located near the network edge to which end-users (individuals or firms) can bring their own devices to download and take away secure uncorrelated keys generated and distributed through the QKD network. As a complement, we propose the use of truly random quantum-generated keys as sources for the first general implementation of post-quantum cryptographic (PQC) signing and encryption algorithms. These PQ techniques are presently at the final stages of the standardization started by NIST in 2016, and the resulting PQC primitives will thus be embedded into the universal Internet carrier and signaling protocols (e.g., TLS/DTLS, HTTP, DNSSEC) guaranteeing security for network applications and their pervasive traffic. With this approach, the reach of quantum-safe security is stretched out to the bulk of Internet traffic by means of an evolutionary roadmap.
QURSA will adopt the well-known design principles of software-defined networking (SDN) for separation of the control, data and management planes of the QKD network, as the emerging technical standards in this field issued by ETSI and IETF-ITU advocate. The proposed proof of concept to bind together and test all the technical challenges in the project will be a pilot for demonstrating and testing the hybridization of quantum-based and quantum-safe communications on a managed open network, since in addition to the benefits of making QKD usable as a service, it showcases most of the features that will be faced in this research agenda: the creation and management of ultra-secure channels, the engineering of the composite quantum-classical network, an instantiation of quantum-safe Internet protocols, and a flexible distributed management system based on SDN principles. In addition to our equipment and background, we have engaged CESGA, CCN and INCIBE for supporting us in building and testing a feasible pilot.
Grant TED2021-130369B-C31, TED2021-130369BC32, TED2021-130369B-C33 funded by MCIN/AEI/ 10.13039/501100011033 and by the “European Union NextGenerationEU/PRTR”.
Universidade de Vigo. AtlanTTic. Centro Coordinador. (UVIGO)
- Ana Fernández Vilas (PI 1)
- Manuel Fernández Veiga (PI 2)
- Rebeca Díaz Redondo
- Ignacio López Cabido
- Natalia Costas Lago
- Francisco Troncoso Pastoriza
Agencia Estatal Consejo Superior de Investigaciones Cientificas (CSIC)
- Verónica Fernández Mármol (PI 1)
- Luis Hernandez Encinas (PI 2)
- Agustín Martín Muñoz
- José Ignacio Sánchez García
- Alfonso Blanco Blanco
No posts found!
- D. Soler, C. Dafonte, F.J. Novoa, A. Fernández-Vilas, M. Fernández-Veiga, R. Díaz-Redondo. “Qerberos: A Protocol for Secure Distribution of QRNG Keys”. 2023 IEEE Int. Conf. on Cyber Security and Resilience, Venice (Italy), Jul. 2023.
- D. Soler, C. Dafonte Vázquez, M. Fernández-Veiga, A. Fernández-Vilas, F. Nóvoa de Manuel. “A zk-SNARK Scheme for Quantum Computers”. Quantum Information in Spain (ICE-8), Santiago de Compostela (Spain), Jun. 2023.
D. Soler, C. Dafonte, F.J. Novoa, A. Fernández-Vilas, M. Fernández-Veiga, R. Díaz-Redondo. "Qerberos:...
Universidade de Vigo