Distributed information-theoretical secure protocols for quantum key distribution networks against malicious nodes

Abstract

Quantum key distribution (QKD) networks are expected to enable information-theoretical secure (ITS) communication over a large-scale network. Most research on relay-based QKD networks assumes all relays or nodes are completely trustworthy. However, this assumption is unreasonable because the malicious behavior of even a single node can undermine the security of the entire network. Currently, there is no method to directly distinguish between honest nodes and malicious nodes. Moreover, the status of nodes as honest or malicious can be dynamic. Therefore, a solution is needed that can withstand a certain proportion of malicious nodes in QKD networks. We propose a novel paradigm, inspired by distributed systems, to address the active and passive attacks by collaborating with malicious nodes in QKD networks. First, regarding security, we propose the ITS distributed authentication scheme, which additionally ensures two crucial security properties to QKD networks: identity unforgeability and non-repudiation. Second, concerning correctness, we propose an ITS fault-tolerant consensus scheme based on our ITS distributed authentication to ensure global consistency. This enables participating nodes to collaborate correctly and complete end-to-end key distribution within a constant number of communication rounds. Through our simulation, we have shown that our scheme exhibits a significantly lower growth trend in key consumption compared to the original end-to-end pre-shared keys scheme. For instance, in larger networks, such as when the number of nodes is 80, our scheme’s key consumption is only 13.1% of the pre-shared keys scheme.