TY  - EJOU
AU  - Wang, Chaokun 
AU  - Xie, Sijiang 
AU  - Yan, Yalong 
AU  - Zhao, Hong 

TI  - Hash-Based Signature Authentication for Scalable and Security-Consistent QKD Post-Processing
T2  - Computers, Materials \& Continua

PY  - 
VL  - 
IS  - 
SN  - 1546-2226

AB  - Quantum Key Distribution (QKD) ensures secure key establishment through the principles of quantum mechanics; however, its effectiveness in practice hinges on dependable identity verification via classical channels during the post-processing phase. Current QKD implementations typically depend on pre-existing symmetric-key authentication, which suffers from limited scalability and complicated key management in extensive networks. Authentication methods utilizing post-quantum cryptography (PQC) signatures, based on complex mathematical assumptions, introduce extra and uncertain security dependencies, potentially compromising the security model integrity that QKD aims to maintain. This paper explores the application of hash-based signatures (HBS) for identity verification in the post-processing of QKD. HBS methods derive their security from cryptographic hash functions, which are integral to QKD protocols, allowing for scalable public-key-style authentication without the need for new computational assumptions. A detailed authentication framework is proposed, incorporating HBS-based verification into all essential phases of QKD post-processing, such as mutual certificate validation, basis sifting, parameter estimation, error correction verification, and privacy amplification. Security assessments indicate that the suggested framework maintains the security model integrity of QKD by relying cryptographically solely on the collision resistance of hash functions—without introducing new computational assumptions. At the system deployment level, it adheres to standard PKI trust assumptions which are necessary for public-key-style authentication and consistent with practical QKD network operations. Additionally, system-level evaluations affirm the scalability and practical applicability of HBS-based authentication, while also addressing the operational trade-offs among various HBS approaches in realistic QKD deployment contexts.
KW  - Quantum key distribution; identity authentication; hash-based signatures; post-processing security; security-model consistency; post-quantum cryptography

DO  - 10.32604/cmc.2026.077994