Data Origin Authentication And The Classical Data Plane of A Quantum Network Link

More Info
expand_more

Abstract

Quantum networks allow multiple devices to exchange information encoded within quantum systems.
Such quantum networks use classical control messages to coordinate entanglement between nodes.
Third parties which can forge such control messages may interfere with the workings of quantum links, however:
They may either perform fraudulent requests for entanglement, destroying local quantum memory of nodes as a result, or interfere with the inner workings of protocols within the quantum stack targeting the availability of the link(s).
We, therefore, conclude that all link and physical layer control messages must be transmitted via authenticated channels.
Typically one uses a Message Authentication Code (MAC) to do so, which takes as input a message and outputs a tag which is transmitted alongside the message.
Additionally, it takes as input a unique number each time (nonce) to prevent replay-type attacks.
In this work, we first investigate the use of information-theoretic MACs combined with quantum key distribution (QKD) to authenticate control messages. We find that the fastest QKD solutions provide key material at a rate that is sufficient to not become a bottleneck in current quantum links.
Second, we survey multiple computationally secure MAC solutions and benchmarks to get an indication of their performance when authenticating short messages.
While not information-theoretically secure, their latency is generally speaking greater than or equal to that of information-theoretic solutions.
Finally, we augment the existing simulation of a single quantum link by Dahlberg et al. by inserting delays based on the performance of these MACs.
The performance of the link is evaluated using the mean throughput:
The rate at which successfully entangled pairs are delivered.
We find that the introduction of transmission time overhead, without any authentication, causes a noticeable decrease in throughput of the link.
When considering an authenticated channel that uses SipHash (a popular MAC) we find that throughput decreases even further, though less significantly.
Therefore, the overall decrease in throughput appears to not be detrimental to the working of the quantum link, which remains functional even when the classical channel is authenticated.

Files

Unknown license