Quantum Cryptography
Quantum cryptography develops cryptographic schemes whose theoretical security is based on physical principles. For example, quantum cryptography provides key agreement protocols that are resistant to attacks by quantum computers and whose security, in contrast to post-quantum cryptography, is not dependent on the assumed difficulty of certain mathematical problems. These key agreement protocols are known as Quantum Key Distribution (QKD). For general background information on QKD, please see the BSI report “Quantum-safe cryptography”.
Position Paper on Quantum Key Distribution
Together with European partner agencies from France, the Netherlands and Sweden, the BSI has published a Position Paper on QKD. The paper concludes that QKD can only be used in niche use cases due to its technological limitations and that QKD is not yet sufficiently mature from a security perspective. Therefore, in light of the necessary migration to quantum-safe schemes, the clear priority should be the migration to post-quantum cryptography.
Report on implementation attacks against QKD systems
The implementation of QKD protocols requires specialized hardware such as single-photon sources or detectors. By now, the scientific literature contains a significant number of publications on attacks against QKD systems which exploit weaknesses or properties of the hardware of a QKD system. The BSI has published a report which provides a structured and coherent overview of all currently known QKD-specific implementation attacks against QKD systems. It also points towards further works which are necessary in order to obtain assurance about the implementation security of QKD systems.
Protection Profile for Prepare-and-Measure QKD
The BSI has initiated the creation of the first Common Criteria Protection Profile for Prepare-and-Measure QKD in collaboration with ETSI. The Protection Profile was certified by BSI in January 2024. In order to use the Protection Profile for certification of products, more standards need to be developed within international standards organizations.
Additional projects on Quantum Key Distribution
The BSI is a member of the advisory board of the QuNET project, a research project on QKD funded by the BMBF. In addition, the BSI, together with other national security authorities, is involved in the EuroQCI project led by the European Commission, which aims to establish a quantum communication infrastructure in Europe. In close cooperation with the Physikalisch-Technische Bundesanstalt (PTB), the BSI also coordinates the Coordination Project Quantum Communication Germany (SQuaD).