Browse Prior Art Database

QUANTUM SAFE KEY DISTRIBUTION SYSTEM

IP.com Disclosure Number: IPCOM000245174D
Publication Date: 2016-Feb-16

Publishing Venue

The IP.com Prior Art Database

Related People

Robert P. Gooch: AUTHOR

Abstract

A system to provide quantum safe key distribution using a Trustworthy Read Once Memory Pair (TROMP) is described. A TROMP is similar to a USB drive, but with several novel security features to protect its large (gigabytes) random payload. The TROMP process protects that random payload beginning at the creation of the device by a trusted manufacturer, through payload loading by a trusted loading company, and on to a pair of end users. The end users then use their identical secret random payloads to generate quantum safe symmetric encryption keys.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 16% of the total text.

Page 01 of 11

QUANTUM SAFE KEY DISTRIBUTION SYSTEM

AUTHOR:

Robert P. Gooch

CISCO SYSTEMS, INC.

ABSTRACT

    A system to provide quantum safe key distribution using a Trustworthy Read Once Memory Pair (TROMP) is described. A TROMP is similar to a USB drive, but with several novel security features to protect its large (gigabytes) random payload. The TROMP process protects that random payload beginning at the creation of the device by a trusted manufacturer, through payload loading by a trusted loading company, and on to a pair of end users. The end users then use their identical secret random payloads to generate quantum safe symmetric encryption keys.

DETAILED DESCRIPTION

    The difficult problem of encryption key distribution is to get the same large secret random number to both end devices without compromise. Today this is done effectively using various methods of over the air keying such as Diffie Hellman, RSA, elliptic curves, etc. However, if and when sufficiently powerful quantum computers are available, perhaps in 10 years or less, these techniques will no longer be secure. If today's over the air key exchanges and subsequent traffic is recorded, that traffic will be decryptable as soon as quantum computers are available. Secrets that need to be kept secret for more than 10 years are put at risk using today's over the air key exchange techniques. A key distribution technique that is secure in a quantum computing environment is needed today.

    Today's over the air keying is fast and cheap. Researchers are trying to find quantum safe replacements for today's techniques. One technique, quantum key distribution, is theoretically secure, but requires a dark fiber between the end points, making it very expensive. Others techniques such as lattice based cryptology take

Copyright 2016 Cisco Systems, Inc.

1


Page 02 of 11

inordinate amounts of compute resources or bandwidth. Governments have long used physical distribution of keys using couriers, but that is slow and expensive.

    The key distribution system described herein is simple, secure, and inexpensive. Based on the notion of One-Time-Pads, it is impervious to computational attacks, whether quantum or algorithmic. It uses a physical device with novel, built in security mechanisms to safely transverse an untrusted physical delivery means. It delivers the same large random payload to two or more end users for use in generating symmetric encryption keys or for use as one-time-pads.

A Quantum Safe Key Distribution System

    This invention consists of a secure random number storage device, a secure manufacturing means, a secure loading means, and a secure delivery means. Together they provide the same large random number file to two or more end users such that they can be assured that no one else has a copy of that random number file. The device, the manufacturing, loading, and delivery means, and the safeguards against compromise are described below.

The TROMP device

    The device, a Trustworthy Read Once Memo...