Security x Comms Protocols x Impact of QKD and PQC

[[Payment Protocols x PQC x QKD Impact x Cryptoagility]] | **OSI Layer** | **Common Protocols** | **Security Protocols** | **Impact of QKD** | **Impact of PQC** | | -------------------- | ------------------------------------ | ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | | **Application (7)** | HTTP, HTTPS, FTP, SMTP, SNMP | TLS/SSL, PGP, OAuth | QKD enhances encryption key exchange for protocols like TLS, ensuring a higher level of security during key distribution between end users and servers. | PQC can replace classical cryptography algorithms in TLS and PGP, ensuring resistance to quantum attacks on encrypted data. | | **Presentation (6)** | SSL/TLS, MIME, X.509 certificates | SSL/TLS, S/MIME | QKD can ensure secure key exchanges for TLS, but implementation at this layer is complex for diverse data types. | PQC algorithms can be integrated into SSL/TLS, providing future-proof encryption against quantum threats. | | **Session (5)** | NetBIOS, RPC, PPTP, SIP | TLS/SSL, Kerberos | QKD could provide secure key exchanges, protecting session encryption protocols. | PQC algorithms can replace RSA-based session key exchanges, protecting data from quantum decryption. | | **Transport (4)** | TCP, UDP, SCTP | TLS/SSL, IPSec, DTLS | QKD can strengthen IPSec by providing quantum-resistant key exchange, enhancing security for encrypted transport. | PQC can replace vulnerable algorithms like RSA within TLS/SSL, making transport layer encryption secure against quantum attacks. | | **Network (3)** | IP, ICMP, OSPF, BGP | IPSec, SSL VPN, IKE | QKD can provide quantum-safe key exchanges for IPSec and VPNs, essential for secure routing in large networks. | PQC integration into IPSec and IKE ensures secure VPN and routing protocol encryption against future quantum attacks. | | **Data Link (2)** | Ethernet, PPP, Frame Relay, ARP | MACsec, PPP encryption | QKD's utility is less direct here, but it can secure links in high-security networks using hardware-based solutions. | PQC at this layer focuses on enhancing key exchange methods, though practical implementation may be challenging. | | **Physical (1)** | Fiber optics, Ethernet cables, Wi-Fi | Physical layer encryption, Quantum cryptography | QKD operates directly at this layer, enabling secure key distribution using quantum properties like entanglement over fiber optic cables. | PQC has minimal impact at this layer, as it focuses on cryptographic algorithms rather than hardware-based security. |