Quantum-Safe Message Authentication for Industrial IOT using “QKDLite” with LPN

Quantum Key Distribution (QKD) can be used by communicating parties to exchange a random and secret key. While many projects have worked on using QKD to achieve data confidentiality, we design a novel usage of QKD to achieve secure user and message authentication. This is done by combining QKD with Learning Parity with Noise (LPN) into a simple and lightweight message authentication algorithm which is quantum-secure and not susceptible to tampering or man-in-the-middle attacks.

We implement this algorithm to provide quantum-safe data integrity and device authentication for an Industrial Internet of Things (IIoT) setup running over the MODBUS protocol. The QKD modules are further optimized for cost into a Spontaneous Parametric Down Conversion (SPDC) or "QKDLite" package by removing much of the unneeded polarization and error-correction circuitry. A demonstration of this IIoT setup is shown where a supervisory control and data acquisition (SCADA) system will communicate securely with a programmable logic controller (PLC) while connected to their respective QKDLite modules. We show that this setup costs less than 30% of a regular QKD implementation, while the communication and processing overheads is also reduced by 80% as compared to using post-quantum cryptographic techniques.

This setup can be further adapted to support new use-cases such as Remote User-Password Verification as well as Secure Broadcasting.

This poster is published at 10th ETSI/IQC Quantum-Safe Cryptography 2024.

Available here.