Extending quantum key distribution through proxy re-encryption

Abstract

Modern quantum key distribution (QKD) network designs are based on sending photons from one node to another and require free-space or dedicated fiber optic cables between nodes. The purpose of this is to co-generate secret key material on both sides of the quantum channel. In addition to this quantum link, there are several insecure classical channels that allow QKD algorithms to exchange book-keeping information and send symmetrically encrypted data. The attenuation of photons transmitted through fiber becomes too high to practically generate key material over fiber at distances of more than 100 km. Free-space transmission through the atmosphere or the vacuum of space can reduce attenuation, but at the cost of system complexity and sensitivity to other impairments, such as weather. To extend the effective range of QKD networks, we present a method that combines QKD algorithms with post-quantum, homomorphic key-switching to allow multiple parties to effectively share secret key material over longer distances through semi-trusted relay nodes. We define how such a system should work for arbitrary network topologies and provide proofs that our scheme is both correct and secure. We assess the feasibility of this solution by building and evaluating two implementations based on lattice-based cryptography: learning with errors.