Quantum Security - Evaluating PQC and QKD for Infrastructure

The Issue

In the realm of cybersecurity, the conversation around quantum readiness is becoming increasingly critical. The white paper titled "Entangled Migrations: PQC, QKD, and US–PRC Risk Postures for Critical Infrastructure" by Dr. David Mussington argues that the current framing of quantum security strategies is inadequate. The paper emphasizes the need for a coupled approach to post-quantum cryptography (PQC) and quantum key distribution (QKD). As both the United States and China navigate their quantum security strategies, the choices they make could have significant implications for their critical infrastructure.

The paper highlights a crucial question: Is it wise for the U.S. to focus solely on PQC without considering the benefits of QKD? The U.S. currently relies heavily on PQC for its critical infrastructure, which raises concerns about its resilience against potential future quantum threats. In contrast, China is investing in both PQC and QKD, effectively hedging its bets against the uncertainties of quantum computing.

Who's Behind It

The divergence in national approaches to quantum cryptographic resilience is striking. China has established the China Quantum Communication Network (CN-QCN), which spans over 10,000 kilometers and connects multiple metropolitan areas. This network is operational and integrated into sensitive sectors like banking and power control. Meanwhile, the U.S. lacks a national QKD deployment program and remains skeptical about its application in national security systems.

This difference in posture reflects a broader strategy: while China is building a layered defense with both mathematical and physics-based solutions, the U.S. is concentrating its efforts on a single assumption, which could be risky in the long run. The European Union is also pursuing a complementary approach, deploying both PQC and QKD for high-value institutions.

Tactics & Techniques

The paper outlines five critical coupling mechanisms that demonstrate why PQC and QKD should not be viewed as independent alternatives:

1. Authentication Dependency: QKD relies on classical channels for authentication, making it vulnerable if those channels aren't quantum-resistant.
2. Partial-Deployment Downgrade: Both PQC and QKD can fall back to classical cryptography under certain conditions, increasing exposure to risks during the transition.
3. Hardware Maturity Gaps: The transition to PQC and QKD is hindered by hardware limitations, which may not keep pace with evolving standards.
4. Concentrated-Node Vulnerability: QKD backbones that depend on trusted nodes create chokepoints, making them prime targets for attacks.
5. Interaction Effects: The simultaneous migration of both technologies can compound vulnerabilities, increasing the risk during the transition period.

Defensive Measures

For decision-makers in critical infrastructure, the paper offers practical recommendations. Organizations should not dismiss QKD as a distant possibility; it is becoming integral to the global critical infrastructure landscape. Evaluating Tier-1 links explicitly is essential, focusing on those with long-term consequences. If a PQC-only strategy is deemed acceptable, it should be a deliberate choice, accompanied by measures to mitigate known risks. Conversely, if layered hedging is necessary, organizations must clearly define what that entails, ensuring robust defenses against potential vulnerabilities.

In conclusion, as we approach the quantum era, understanding the interplay between PQC and QKD is vital for safeguarding critical infrastructure. The decisions made today will shape the security landscape for decades to come.