Cryptography Reference
In-Depth Information
Cost
. Use of quantum key establishment requires expensive hardware devices
and suitable quantum channels. Although the associated costs will doubtless
reduce over time, most conventional key establishment techniques do not
require such special technology.
The need for conventional authentication
. Quantum key establishment requires
a conventional means of authentication to be used. For example, in the BB84
protocol it is important that Alice and Bob establish an authenticated channel.
How will they do this? One way is, of course, to use symmetric cryptography.
So how do they establish the key used for authentication? If a conventional
key establishment technique is used then the security of the quantum key
establishment relies on the security of conventional key establishment. It could
be argued that very little has been gained.
However, the biggest issue with quantum key establishment is really
whether it
is needed at all
. Most of the other key establishment mechanisms that we have
discussed are all very effective when used with strong cryptographic algorithms
such as AES to support them. Are the costs of quantum key establishment really
justifiable?
It is worth noting, however, that quantum key establishment does permit
the continuous establishment of randomly generated keys. Quantum key
establishment is probably best considered as a technique that has potential for
high-security applications where it is felt that use of a one-time pad is merited.
While it does rely on conventional authentication, it could be argued that this is
not a big problem since the authenticated channel is only required for a relatively
short period of time. In comparison, data protected using the resulting key may
be kept secure for a long time. Nonetheless, it would seem unlikely that we will
see widespread adoption of quantum key establishment.
Secret keys need to be protected from exposure to parties other than the intended
'owners'. It is thus very important that they are stored securely. In this section we
consider how to store keys. We will also discuss how to manage the potential loss
or unavailability of keys.
10.5.1
Avoiding key storage
The best solution of all would be not to store cryptographic keys anywhere and
just generate them on the fly whenever they are required. This is possible in some
applications. Since the same key must be generated on the fly every time we need
to use it, we require a deterministic key generator (see Section 8.1.4) to generate
the key. Recall from Section 8.1.4 that deterministic generators require a seed,
