How to Achieve End-to-end Key Distribution for QKD Networks in the Presence of Untrusted Nodes

Quantum key distribution (QKD) networks are expected to enable information-theoretical secure (ITS) communication over a large-scale network. Most researches on relay-based QKD network assume that all relays are completely trustworthy, but the assumption is unrealistic in a complex network. The current study only analyzes the case of passive attacks by untrusted relays (e.g. eavesdropping). However, active attacks by untrusted relays (e.g. spoofing or interfering with the cooperation between honest nodes) are more serious threats and should not be ignored. Taking both passive and active attacks into account, we propose the ITSBFT-QKD networks to defend against untrusted nodes and achieve end-to-end key distribution. In end-to-end key distribution, multiple participating nodes are required to establish trust relationships and cooperate with each other. To prevent attackers from breaking trust relationship and gaining an unreasonable advantage, we incorporate a byzantine consensus scheme to establish and transmit trust relationships in a global QKD network perspective. Moreover, since the security of traditional consensus schemes is lower than the security requirement of QKD networks, we devise a byzantine fault tolerance (BFT) signature scheme to ensure the information-theoretic security of consensus. It provides a new way to construct signature schemes with point-to-point QKD keys in the presence of untrusted relays or nodes. The security of our scheme is analyzed thoroughly from multiple aspects. Our scheme can accommodate up to $ MIN\left( C-1,\lfloor \frac{N-1}{3} \rfloor \right) $ untrusted nodes, where $C$ is the node connectivity of the network and $N$ is the number of nodes in the network. Our scheme provides the highest level of security in currently relay-based QKD networks and will significantly promote the application of QKD networks.
Comment: 13 pages,7 figures