{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,6]],"date-time":"2026-04-06T22:30:03Z","timestamp":1775514603501,"version":"3.50.1"},"reference-count":73,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2023,10,20]],"date-time":"2023-10-20T00:00:00Z","timestamp":1697760000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Union-PON Ricerca e Innovazione 2014\u20132020 FESR \/FSC","award":["ARS01 00734 QUANCOM"],"award-info":[{"award-number":["ARS01 00734 QUANCOM"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"<jats:p>The main purpose of a quantum key distribution network is to provide secret keys to any users or applications requiring a high level of security, ideally such as to offer the best protection against any computational attack, even of a quantum nature. The keys shared through a point-to-point link between a source and a detector using a quantum key distribution protocol can be proven information-theoretically secure based on the quantum information theory. However, evaluating the security of a quantum key distribution network, especially if it is based on relay nodes, goes far beyond the quantum security of its single quantum links, involving aspects of conventional security for devices and their communication channels. In this contribution, we perform a rigorous threat analysis based on the most recent recommendations and practical network deployment security issues. We show that, at least in the current state of our understanding of quantum cryptography, quantum key distribution networks can only offer computational security and that their security in practical implementations in the shorter term requires resorting to post-quantum cryptography.<\/jats:p>","DOI":"10.3390\/cryptography7040053","type":"journal-article","created":{"date-parts":[[2023,10,20]],"date-time":"2023-10-20T07:25:22Z","timestamp":1697786722000},"page":"53","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["On the Security of Quantum Key Distribution Networks"],"prefix":"10.3390","volume":"7","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6137-328X","authenticated-orcid":false,"given":"Eufemia","family":"Lella","sequence":"first","affiliation":[{"name":"Innovation & Technology-Innovation Lab, EXPRIVIA S.p.A, 70056 Molfetta, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7901-6464","authenticated-orcid":false,"given":"Giovanni","family":"Schmid","sequence":"additional","affiliation":[{"name":"Consiglio Nazionale delle Ricerche, Istituto di Calcolo e Reti ad Alte Prestazioni, 80131 Naples, Italy"}]}],"member":"1968","published-online":{"date-parts":[[2023,10,20]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"351","DOI":"10.1145\/382780.382781","article-title":"Unconditional security in quantum cryptography","volume":"48","author":"Mayers","year":"2001","journal-title":"J. ACM (JACM)"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"1012","DOI":"10.1364\/AOP.361502","article-title":"Advances in quantum cryptography","volume":"12","author":"Pirandola","year":"2020","journal-title":"Adv. Opt. Photonics"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"441","DOI":"10.1038\/508441a","article-title":"Quantum communications leap out of the lab","volume":"508","author":"Qiu","year":"2014","journal-title":"Nature"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"138","DOI":"10.1117\/12.606489","article-title":"Current status of the DARPA quantum network","volume":"Volume 5815","author":"Elliott","year":"2005","journal-title":"Proceedings of the Quantum Information and Computation III"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"214","DOI":"10.1038\/s41586-020-03093-8","article-title":"An integrated space-to-ground quantum communication network over 4600 kilometres","volume":"589","author":"Chen","year":"2021","journal-title":"Nature"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1038\/s41534-019-0221-4","article-title":"Cambridge quantum network","volume":"5","author":"Dynes","year":"2019","journal-title":"NPJ Quantum Inf."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Choi, T., Yoon, S., Kim, T.Y., and Kim, H. (2021, January 20\u201322). Design and Implementation of Quantum Key Distribution Network Control and Management. Proceedings of the 2021 International Conference on Information and Communication Technology Convergence (ICTC), Jeju Island, Republic of Korea.","DOI":"10.1109\/ICTC52510.2021.9621170"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Lella, E., Gatto, A., Pazienza, A., Romano, D., Noviello, P., Vitulano, F., and Schmid, G. (2022, January 6\u20139). Cryptography in the Quantum Era. Proceedings of the 2022 IEEE 15th Workshop on Low Temperature Electronics (WOLTE), Matera, Italy.","DOI":"10.1109\/WOLTE55422.2022.9882585"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"120","DOI":"10.1145\/359340.359342","article-title":"A method for obtaining digital signatures and public-key cryptosystems","volume":"21","author":"Rivest","year":"1978","journal-title":"Commun. ACM"},{"key":"ref_10","unstructured":"Diffie, W., and Hellman, M.E. (2019). Secure Communications and Asymmetric Cryptosystems, Routledge."},{"key":"ref_11","unstructured":"Shor, P.W. (1994, January 20\u201322). Algorithms for quantum computation: Discrete logarithms and factoring. Proceedings of the Proceedings 35th Annual Symposium on Foundations of Computer Science, Santa Fe, NM, USA."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Blake, I., Seroussi, G., Seroussi, G., and Smart, N. (1999). Elliptic Curves in Cryptography, Cambridge University Press.","DOI":"10.1017\/CBO9781107360211"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"8","DOI":"10.1016\/S1353-4858(10)70006-4","article-title":"Advanced encryption standard (AES)","volume":"2009","author":"Heron","year":"2009","journal-title":"Netw. Secur."},{"key":"ref_14","unstructured":"Krawczyk, H., Bellare, M., and Canetti, R. (2023, October 18). HMAC: Keyed-Hashing for Message Authentication. Available online: https:\/\/datatracker.ietf.org\/doc\/html\/rfc2104."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Grover, L.K. (1996, January 22\u201324). A fast quantum mechanical algorithm for database search. Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, Philadelphia, PA, USA.","DOI":"10.1145\/237814.237866"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"2049","DOI":"10.1109\/OJCOMS.2021.3106659","article-title":"Quantum key distribution secured optical networks: A survey","volume":"2","author":"Sharma","year":"2021","journal-title":"IEEE Open J. Commun. Soc."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Abushgra, A.A. (2022). Variations of QKD protocols based on conventional system measurements: A literature review. Cryptography, 6.","DOI":"10.3390\/cryptography6010012"},{"key":"ref_18","unstructured":"Mangipudi, G.M., Eswaran, S., and Honnavalli, P.B. (2023, October 18). Quantum Cryptography and Quantum Key Distribution Protocols: A Survey on the Concepts, Protocols, Current Trends and Open Challenges. Protoc. Curr. Trends Open Challenges 2022. Available online: https:\/\/ssrn.com\/abstract=4069541."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1103\/PhysRevLett.94.230504","article-title":"Decoy State Quantum Key Distribution","volume":"94","author":"Lo","year":"2005","journal-title":"Phys. Rev. Lett."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1103\/PhysRevLett.108.130503","article-title":"Measurement-Device-Independent Quantum Key Distribution","volume":"108","author":"Lo","year":"2012","journal-title":"Phys. Rev. Lett."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"459","DOI":"10.1038\/s41467-017-02307-4","article-title":"Practical device-independent quantum cryptography via entropy accumulation","volume":"9","author":"Dupuis","year":"2018","journal-title":"Nat. Commun."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"075001","DOI":"10.1088\/1367-2630\/11\/7\/075001","article-title":"The SECOQC quantum key distribution network in Vienna","volume":"11","author":"Peev","year":"2009","journal-title":"New J. Phys."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"123001","DOI":"10.1088\/1367-2630\/13\/12\/123001","article-title":"Long-term performance of the SwissQuantum quantum key distribution network in a field environment","volume":"13","author":"Stucki","year":"2011","journal-title":"New J. Phys."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"10387","DOI":"10.1364\/OE.19.010387","article-title":"Field test of quantum key distribution in the Tokyo QKD Network","volume":"19","author":"Sasaki","year":"2011","journal-title":"Opt. Express"},{"key":"ref_25","unstructured":"Martin, V., Aguado, A., Salas, P., Sanz, A., Brito, J., Lopez, D.R., L\u00f3pez, V., Pastor, A., Folgueira, J., and Brunner, H. (2019). Photonic Networks and Devices, Optica Publishing Group."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"3511","DOI":"10.1364\/OL.41.003511","article-title":"Field demonstration of a continuous-variable quantum key distribution network","volume":"41","author":"Huang","year":"2016","journal-title":"Opt. Lett."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Tessinari, R.S., Bravalheri, A., Hugues-Salas, E., Collins, R., Aktas, D., Guimaraes, R.S., Alia, O., Rarity, J., Kanellos, G.T., and Nejabati, R. (2019, January 22\u201326). Field trial of dynamic DV-QKD networking in the SDN-controlled fully-meshed optical metro network of the Bristol city 5GUK test network. Proceedings of the 45th European Conference on Optical Communication (ECOC 2019), Dublin, Ireland.","DOI":"10.1049\/cp.2019.1033"},{"key":"ref_28","unstructured":"Pfleeger, C.P., and Pfleeger, S.L. (2015). Security in Computing\u2014Fifth Edition, Prentice Hall."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Tsai, C.W., Yang, C.W., Lin, J., Chang, Y.C., and Chang, R.S. (2021). Quantum key distribution networks: Challenges and future research issues in security. Appl. Sci., 11.","DOI":"10.3390\/app11093767"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"656","DOI":"10.1002\/j.1538-7305.1949.tb00928.x","article-title":"Communication theory of secrecy systems","volume":"28","author":"Shannon","year":"1949","journal-title":"Bell Syst. Tech. J."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Hua, X., Hu, M., and Guo, B. (2022). Multi-User Measurement-Device-Independent Quantum Key Distribution Based on GHZ Entangled State. Entropy, 24.","DOI":"10.3390\/e24060841"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1186\/s43074-022-00048-2","article-title":"40-user fully connected entanglement-based quantum key distribution network without trusted node","volume":"3","author":"Liu","year":"2022","journal-title":"PhotoniX"},{"key":"ref_33","unstructured":"NIST-CSRS (2023, October 18). Post-Quantum Cryptography Standardization, Available online: https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography\/selected-algorithms-2022."},{"key":"ref_34","unstructured":"ITU-T (2022). Study Group (SG) 13: Future Networks and Emerging Network Technologies, ITU-T. Available online: https:\/\/www.itu.int\/en\/ITU-T\/studygroups\/2022-2024\/13\/Pages\/default.aspx."},{"key":"ref_35","unstructured":"ITU-T (2022). Study Group (SG) 17: Security, ITU-T. Available online: https:\/\/www.itu.int\/en\/ITU-T\/studygroups\/2022-2024\/17\/Pages\/default.aspx."},{"key":"ref_36","unstructured":"(2022). Information Security, Cybersecurity and Privacy Protection (Standard No. Standard ISO\/IEC JTC 1\/SC 27)."},{"key":"ref_37","unstructured":"ETSI (2022). Industry Specification Group (ISG) on Quantum Key Distribution (QKD), ETSI. Available online: https:\/\/www.etsi.org\/committee\/1430-qkd."},{"key":"ref_38","unstructured":"ETSI (2022). Technical Committee (TC) Cyber (Cybersecurity), ETSI. Available online: https:\/\/www.etsi.org\/committee\/cyber."},{"key":"ref_39","unstructured":"(2020). Quantum Key Distribution Networks\u2014Functional Architecture (Standard No. ITU-T SG 13 Standard itu-t y.3802)."},{"key":"ref_40","unstructured":"(2020). Overview on Networks Supporting Quantum Key Distribution (Standard No. ITU-T SG 13 Standard itu-t y.3800 corrigendum 1)."},{"key":"ref_41","unstructured":"(2020). Security Framework for Quantum Key Distribution Networks (Standard No. ITU-T SG 17 Standard itu-t x.1710)."},{"key":"ref_42","unstructured":"(2022). Corrigendum 1\u2014Security Requirements and Measures for Quantum Key Distribution Networks\u2014Key Management. Standard itu-t x.1712 (Standard No. ITU-T SG 17)."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Sun, S., and Huang, A. (2022). A review of security evaluation of practical quantum key distribution system. Entropy, 24.","DOI":"10.3390\/e24020260"},{"key":"ref_44","unstructured":"(2023, October 18). ID Quantique. XG Series. Available online: https:\/\/www.idquantique.com\/quantum-safe-security\/xg-series-qkd\/."},{"key":"ref_45","unstructured":"Toshiba (2022). Digital Solutions\u2014Quantum Key Distribution, Toshiba."},{"key":"ref_46","doi-asserted-by":"crossref","first-page":"60","DOI":"10.1103\/RevModPhys.92.025002","article-title":"Secure quantum key distribution with realistic devices","volume":"92","author":"Xu","year":"2020","journal-title":"Rev. Mod. Phys."},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Garcia-Escartin, J.C., Sajeed, S., and Makarov, V. (2020). Attacking quantum key distribution by light injection via ventilation openings. PLoS ONE, 15.","DOI":"10.1371\/journal.pone.0236630"},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"9564","DOI":"10.1038\/s41598-021-87574-4","article-title":"Experimental vulnerability analysis of QKD based on attack ratings","volume":"11","author":"Kumar","year":"2021","journal-title":"Sci. Rep."},{"key":"ref_49","unstructured":"(2010). Security Proofs (Standard No. Standard gs qkd 005 v1.1.1)."},{"key":"ref_50","unstructured":"(2010). QKD Module Security Specification (Standard No. Standard gs qkd 008 v1.1.1)."},{"key":"ref_51","unstructured":"Shostack, A. (2014). Threat Modeling: Designing for Security, John Wiley & Sons."},{"key":"ref_52","unstructured":"CCRA (2022). The Common Criteria, CCRA."},{"key":"ref_53","first-page":"284","article-title":"Unforgeable encryption and adaptively secure modes of operation","volume":"LNCS vol","author":"Katz","year":"2000","journal-title":"Fast Softw. Encryption\u201900"},{"key":"ref_54","doi-asserted-by":"crossref","unstructured":"Canvel, B., Hiltgen, A., Vaudenay, S., and Vuagnoux, M. (2003, January 17\u201321). Password interception in a SSL\/TLS channel. Proceedings of the Annual International Cryptology Conference, Santa Barbara, CA, USA.","DOI":"10.1007\/978-3-540-45146-4_34"},{"key":"ref_55","unstructured":"Mull, T. (2023, October 18). Measuring the Performance Impact of TLS Encryption Using TPC-C. Available online: https:\/\/www.yugabyte.com\/blog\/measuring-the-performance-impact-of-tls-encryption-using-tpcc\/."},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"400","DOI":"10.1038\/s41586-018-0066-6","article-title":"Overcoming the rate\u2013distance limit of quantum key distribution without quantum repeaters","volume":"557","author":"Lucamarini","year":"2018","journal-title":"Nature"},{"key":"ref_57","doi-asserted-by":"crossref","first-page":"070501","DOI":"10.1103\/PhysRevLett.124.070501","article-title":"Sending-or-Not-Sending with Independent Lasers: Secure Twin-Field Quantum Key Distribution over 509 km","volume":"124","author":"Chen","year":"2020","journal-title":"Phys. Rev. Lett."},{"key":"ref_58","unstructured":"Beullens, W., D\u2019Anvers, J.P., Hulsing, A., Tania, L., Panny, L., de Saint Guilhem, C., and Smart, N. (2021). Post-Quantum Cryptography Current State and Quantum Mitigation, European Union Agency for Cybersecurity. Technical Report (v.2)."},{"key":"ref_59","unstructured":"(2020). Quantum Key Distribution networks\u2014Key Management (Standard No. ITU-T SG 13 Standard itu-t y.3803)."},{"key":"ref_60","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the security of public key protocols","volume":"29","author":"Dolev","year":"1983","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_61","unstructured":"Stallings, W. (2020). Cryptography and Network Security: Principles and Practices\u2014Eighth Edition, Pearson Education, Inc."},{"key":"ref_62","doi-asserted-by":"crossref","first-page":"143","DOI":"10.1016\/0022-0000(79)90044-8","article-title":"Universal classes of hash functions","volume":"18","author":"Carter","year":"1979","journal-title":"J. Comput. Syst. Sci."},{"key":"ref_63","doi-asserted-by":"crossref","first-page":"265","DOI":"10.1016\/0022-0000(81)90033-7","article-title":"New hash functions and their use in authentication and set equality","volume":"22","author":"Wegman","year":"1981","journal-title":"J. Comput. Syst. Sci."},{"key":"ref_64","doi-asserted-by":"crossref","first-page":"505","DOI":"10.1137\/S0097539701386216","article-title":"On universal classes of extremely random constant-time hash functions","volume":"33","author":"Siegel","year":"2004","journal-title":"SIAM J. Comput."},{"key":"ref_65","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1516539.1516541","article-title":"On the state of IP spoofing defense","volume":"9","author":"Ehrenkranz","year":"2009","journal-title":"ACM Trans. Internet Technol. (TOIT)"},{"key":"ref_66","doi-asserted-by":"crossref","first-page":"2027","DOI":"10.1109\/COMST.2016.2548426","article-title":"A survey of man in the middle attacks","volume":"18","author":"Conti","year":"2016","journal-title":"IEEE Commun. Surv. Tutorials"},{"key":"ref_67","unstructured":"ETSI SG CYBER (2021). Quantum-Safe Public-Key Encryption and Key Encapsulation, European Telecommunications Standards Institute. Technical Report tr 103 823 v1.1.2."},{"key":"ref_68","unstructured":"ETSI SG CYBER (2021). Quantum-Safe Signatures, European Telecommunications Standards Institute. Technical Report tr 103 616 v1.1.1."},{"key":"ref_69","unstructured":"Schwabe, P. (2023, October 18). Kyber Home. Available online: https:\/\/datatracker.ietf.org\/doc\/draft-cfrg-schwabe-kyber\/03\/."},{"key":"ref_70","unstructured":"Ducas, L., Kiltz, E., Lepoint, T., Lyubashevsky, V., Schwabe, P., Seiler, G., and Stehl\u00e9, D. (2023, October 18). CRYSTALS-Dilithium\u2013Algorithm Specifications and Supporting Documentation (Version 3.1). Available online: https:\/\/pq-crystals.org\/dilithium\/data\/dilithium-specification-round3-20210208.pdf."},{"key":"ref_71","unstructured":"Fouque, P.A., Hoffstein, J., Kirchner, P., Lyubashevsky, V., Pornin, T., Prest, T., Ricosset, T., Seiler, G., Whyte, W., and Zhang, Z. (2018). Falcon: Fast-Fourier lattice-based compact signatures over NTRU. Submission to the NIST\u2019s Post-Quantum Cryptography Standardization Process."},{"key":"ref_72","doi-asserted-by":"crossref","unstructured":"Bernstein, D.J., Hopwood, D., H\u00fclsing, A., Lange, T., Niederhagen, R., Papachristodoulou, L., Schneider, M., Schwabe, P., and Wilcox-O\u2019Hearn, Z. (2015, January 26\u201330). SPHINCS: Practical stateless hash-based signatures. Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria.","DOI":"10.1007\/978-3-662-46800-5_15"},{"key":"ref_73","unstructured":"Castryck, W., and Decru, T. (2023). Annual International Conference on the Theory and Applications of Cryptographic Techniques, Springer."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/7\/4\/53\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T21:10:19Z","timestamp":1760130619000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/7\/4\/53"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,20]]},"references-count":73,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2023,12]]}},"alternative-id":["cryptography7040053"],"URL":"https:\/\/doi.org\/10.3390\/cryptography7040053","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,10,20]]}}}