Search papers, labs, and topics across Lattice.
This review surveys the cryptographic task of authentication in quantum communication, distinguishing between classical message authentication, quantum message authentication, and entity authentication. By comparing various protocols based on security assumptions, scalability, and composability, the authors recommend suitable candidates for different applications, including a detailed case study on authentication in quantum key distribution (QKD). The findings emphasize that while authentication is essential for secure quantum networks, it is not a fundamental limitation, as numerous quantum-secure schemes exist that can be tailored to specific requirements and contexts.
Authentication isn't a barrier in quantum networks; it's a nuanced requirement that can be met with existing quantum-secure schemes tailored to specific applications.
In this review, we survey the cryptographic task of authentication from the perspective of quantum communication. We review three main flavours of authentication that are often conflated in the literature: authentication of classical messages, authentication of quantum messages, and entity authentication, also covering recent hardware-assisted approaches. We compare representative protocols for each functionality in terms of their security assumptions, set-up requirements, composability, and scalability in large or dynamic networks, and use these criteria to identify and recommend suitable candidates. Finally, applications are surveyed: we provide a detailed case study of authentication and quantum key distribution (QKD), then extend the discussion to protocols beyond QKD, where the role of authentication is more complex. Our take-home message is that an authentication requirement is not an intrinsic limitation of quantum networks: as with all secure communication, each protocol relies on a particular authentication resource, and the security claim of that protocol is meaningful only once the authentication resource and its deployment assumptions are made explicit. At the same time, the existing classical and quantum literature already offers a range of quantum-secure authentication schemes, which can support different applications when carefully matched to the required functionality, assumptions, and security guarantees.