Open Access

ARTICLE

Hash-Based Signature Authentication for Scalable and Security-Consistent QKD Post-Processing

Chaokun Wang¹, Sijiang Xie^1,*, Yalong Yan², Hong Zhao²

1 Department of Cyberspace Security, Beijing Electronic Science and Technology Institute, Beijing, China
2 Institute of Information Security, Beijing Electronic Science and Technology Institute, Beijing, China

* Corresponding Author: Sijiang Xie. Email:

(This article belongs to the Special Issue: Next-Generation Cybersecurity: AI, Post-Quantum Cryptography, and Chaotic Innovations)

Computers, Materials & Continua 2026, 88(1), 55 https://doi.org/10.32604/cmc.2026.077994

Received 21 December 2025; Accepted 29 January 2026; Issue published 08 May 2026

Abstract

Quantum Key Distribution (QKD) ensures secure key establishment through the principles of quantum mechanics; however, its effectiveness in practice hinges on dependable identity verification via classical channels during the post-processing phase. Current QKD implementations typically depend on pre-existing symmetric-key authentication, which suffers from limited scalability and complicated key management in extensive networks. Authentication methods utilizing post-quantum cryptography (PQC) signatures, based on complex mathematical assumptions, introduce extra and uncertain security dependencies, potentially compromising the security model integrity that QKD aims to maintain. This paper explores the application of hash-based signatures (HBS) for identity verification in the post-processing of QKD. HBS methods derive their security from cryptographic hash functions, which are integral to QKD protocols, allowing for scalable public-key-style authentication without the need for new computational assumptions. A detailed authentication framework is proposed, incorporating HBS-based verification into all essential phases of QKD post-processing, such as mutual certificate validation, basis sifting, parameter estimation, error correction verification, and privacy amplification. Security assessments indicate that the suggested framework maintains the security model integrity of QKD by relying cryptographically solely on the collision resistance of hash functions—without introducing new computational assumptions. At the system deployment level, it adheres to standard PKI trust assumptions which are necessary for public-key-style authentication and consistent with practical QKD network operations. Additionally, system-level evaluations affirm the scalability and practical applicability of HBS-based authentication, while also addressing the operational trade-offs among various HBS approaches in realistic QKD deployment contexts.

---

Keywords

---