Experimental authentication of quantum key distribution with post-quantum cryptography

Quantum key distribution (QKD) can provide information theoretically secure key exchange even in the era of quantum computer. However, QKD requires the classical channel to be authenticated, and the current method is pre-sharing symmetric keys. For a QKD network of $n$ users, this method requires $C_n^2 = n(n-1)/2$ pairs of symmetric keys to realize pairwise interconnection. In contrast, with the help of mature public key infrastructure (PKI) and post-quantum cryptography (PQC) with quantum resistant security, each user only needs to apply for a digital certificate from certificate authority (CA) to achieve efficient and secure authentication for QKD. We only need to assume the short-term security of the PQC algorithm to achieve the long-term security of the distributed keys. Here, we experimentally verified the feasibility, efficiency and stability of the PQC algorithm in QKD authentication, and demonstrated the advantages when new users join the QKD network. Using PQC authentication we only need to believe the CA is safe, rather than all trusted relays. QKD combined with PQC authentication will greatly promote and extend the application prospects of quantum safe communication.
Comment: 8 pages, 6 figures