Schemes of IPsec integrated with quantum key distribution

doi:10.1088/1674-1056/ae3301

中国物理B ›› 2026, Vol. 35 ›› Issue (4): 40305-040305.doi: 10.1088/1674-1056/ae3301

Schemes of IPsec integrated with quantum key distribution

Chun-Hui Zhang(张春辉)^1,2,3, Wen-Xuan Zhang(张文轩)^1,2,3, Xing-Yu Zhou(周星宇)^1,2,3, Yuan Cao(曹原)^1,2,3, Jun Wang(汪军)⁴, Jian Li(李剑)^1,2,3, and Qin Wang(王琴)^1,2,3,†

1 Institute of Quantum Information and Technology, Nanjing University of Posts and Telecommunications, Nanjing 210003, China;
2 Key Laboratory of Broadband Wireless Communication and Sensor Network Technology, Ministry of Education, Nanjing University of Posts and Telecommunications, Nanjing 210003, China;
3 Telecommunication and Networks, National Engineering Research Center, Nanjing University of Posts and Telecommunications, Nanjing 210003, China;
4 E-Quantum Information Technology Co., Ltd., Nanjing 211112, China

收稿日期:2025-10-16 修回日期:2025-11-18 接受日期:2026-01-04 发布日期:2026-04-01
通讯作者: Qin Wang E-mail:qinw@njupt.edu.cn
基金资助:
This work was supported by the Jiangsu Provincial Key R&D Program for Industrialization Prospects and Key Core Technology Project (Grant No. BE2022071), and the National Natural Science Foundation of China (NSFC) (Grant Nos. 62471248, 62201276, and 12074194).

Schemes of IPsec integrated with quantum key distribution

Chun-Hui Zhang(张春辉)^1,2,3, Wen-Xuan Zhang(张文轩)^1,2,3, Xing-Yu Zhou(周星宇)^1,2,3, Yuan Cao(曹原)^1,2,3, Jun Wang(汪军)⁴, Jian Li(李剑)^1,2,3, and Qin Wang(王琴)^1,2,3,†

1 Institute of Quantum Information and Technology, Nanjing University of Posts and Telecommunications, Nanjing 210003, China;
2 Key Laboratory of Broadband Wireless Communication and Sensor Network Technology, Ministry of Education, Nanjing University of Posts and Telecommunications, Nanjing 210003, China;
3 Telecommunication and Networks, National Engineering Research Center, Nanjing University of Posts and Telecommunications, Nanjing 210003, China;
4 E-Quantum Information Technology Co., Ltd., Nanjing 211112, China

Received:2025-10-16 Revised:2025-11-18 Accepted:2026-01-04 Published:2026-04-01
Contact: Qin Wang E-mail:qinw@njupt.edu.cn
Supported by:
This work was supported by the Jiangsu Provincial Key R&D Program for Industrialization Prospects and Key Core Technology Project (Grant No. BE2022071), and the National Natural Science Foundation of China (NSFC) (Grant Nos. 62471248, 62201276, and 12074194).

摘要/Abstract

摘要： With the rapid advancement of quantum computing, traditional security protocols based on classical encryption algorithms are increasingly vulnerable to potential quantum attacks. The current IPsec protocol, which relies on classical cryptographic methods, is insufficient to withstand such threats, thereby compromising the security of long-term data transmission. To address this issue, we propose integrating quantum key distribution (QKD) into the internet protocol security (IPsec) protocol, thereby enhancing its resilience against quantum computing attacks. Here, two schemes that merge QKD-generated keys with classical cryptographic keys are designed to enhance both security and stability. Furthermore, we conduct a comprehensive evaluation of the performance of various QKD protocols implemented with the scheme, along with an assessment of its overall efficacy across a topological network configuration. This approach not only ensures secure data transmission in the era of quantum computing but also highlights the potential application value of integrating QKD with IPsec, providing valuable insights for the design and implementation of future quantum-secure communication systems.

关键词: quantum key distribution, internet protocol security, internet key exchange

Abstract: With the rapid advancement of quantum computing, traditional security protocols based on classical encryption algorithms are increasingly vulnerable to potential quantum attacks. The current IPsec protocol, which relies on classical cryptographic methods, is insufficient to withstand such threats, thereby compromising the security of long-term data transmission. To address this issue, we propose integrating quantum key distribution (QKD) into the internet protocol security (IPsec) protocol, thereby enhancing its resilience against quantum computing attacks. Here, two schemes that merge QKD-generated keys with classical cryptographic keys are designed to enhance both security and stability. Furthermore, we conduct a comprehensive evaluation of the performance of various QKD protocols implemented with the scheme, along with an assessment of its overall efficacy across a topological network configuration. This approach not only ensures secure data transmission in the era of quantum computing but also highlights the potential application value of integrating QKD with IPsec, providing valuable insights for the design and implementation of future quantum-secure communication systems.

Key words: quantum key distribution, internet protocol security, internet key exchange

中图分类号: (Quantum cryptography and communication security)

03.67.Dd

03.67.Hk (Quantum communication)

Chun-Hui Zhang(张春辉), Wen-Xuan Zhang(张文轩), Xing-Yu Zhou(周星宇), Yuan Cao(曹原), Jun Wang(汪军), Jian Li(李剑), and Qin Wang(王琴). Schemes of IPsec integrated with quantum key distribution[J]. 中国物理B, 2026, 35(4): 40305-040305.

参考文献

[1] Shor P W 1999 SIAM Rev. 41, 303
[2] Rivest R L, Shamir A and Adleman L 1978 Commun. ACM 21, 120
[3] Diffie W and Hellman M E 2022 Democratizing Cryptography: The Work of Whitfield Diffie and Martin Hellman pp. 365
[4] Arute F, Arya K, Babbush R, et al. 2019 Nature 574, 505
[5] Kent S and Seo K 2005 Security Architecture for the Internet Protocol (IETF)
[6] Bennett C H and Brassard G 1984 Quantum Cryptography: Public Key Distribution and Coin Tossing, in IEEE Int. Conf. Computers, Systems and Signal Processing, pp. 175
[7] Bernstein D J 2025 Encyclopedia of Cryptography, Security and Privacy (Springer) pp. 1846
[8] Wootters W K and Zurek W H 1982 Nature 299, 802
[9] Vernam G S 1926 J. AIEE 45, 109
[10] Lo H K, Curty M and Qi B 2012 Phys. Rev. Lett. 108, 130503
[11] Pirandola S, Laurenza R, Ottaviani C and Banchi L 2017 Nat. Commun. 8, 1
[12] Lucamarini M, Yuan Z L, Dynes J F and Shields A J 2018 Nature 557, 400
[13] Wang X B, Yu Z W and Hu X L 2018 Phys. Rev. A 98, 062323
[14] Ma X, Zeng P and Zhou H 2018 Phys. Rev. X 8, 031043
[15] Cui C, Yin Z Q,Wang R, ChenW,Wang S, Guo G C and Han Z F 2019 Phys. Rev. Appl. 11, 034053
[16] Liu J, Jiang Q, Ding H, Ma X, Sun M, Xu J, Zhang C H, Xie S, Li J and Zeng G 2023 Sci. China Inf. Sci. 66, 189402
[17] Li W, Zhang L, Lu Y, Li Z P, Jiang C, Liu Y, Huang J, Li H, Wang Z and Wang X B 2023 Phys. Rev. Lett. 130, 250802
[18] Zeng P, Zhou H, Wu W and Ma X 2022 Nat. Commun. 13, 3903
[19] Xie Y M, Lu Y S, Weng C X, Cao X Y, Jia Z Y, Bao Y, Wang Y, Fu Y, Yin H L and Chen Z B 2022 PRX Quantum 3, 020315
[20] Zhu H T, Huang Y, Liu H, Zeng P, Zou M, Dai Y, Tang S, Li H, You L and Wang Z 2023 Phys. Rev. Lett. 130, 030801
[21] Zhou L, Lin J, Xie Y M, Lu Y S, Jing Y, Yin H L and Yuan Z 2023 Phys. Rev. Lett. 130, 250801
[22] Zhu H T, Huang Y, Pan W X, Zhou C W, Tang J, He H, Cheng M, Jin X, Zou M and Tang S 2024 Optica 11, 883
[23] Luo D, Liu X, Qin K, Zhang Z and Wei K 2024 Phys. Rev. A 110, 022605
[24] Liu X, Luo D, Zhang Z and Wei K 2023 Phys. Rev. A 107, 062613
[25] Guo M, Cao Y, Zhu J, Zhou X, Zhang C, Yu X, Zhao Y, Zhang J and Wang Q 2023 J. Opt. Commun. Netw. 15, 700
[26] Cao Y, Zhao Y, Wang Q, Zhang J, Ng S X and Hanzo L 2022 IEEE Commun. Surv. Tut. 24, 839
[27] Cao Y, Zhao Y, Zhang J andWang Q 2022 IEEE Commun. Mag. 60, 38
[28] Cao Y, Zhao Y, Zhang J, Wang Q, Niyato D and Hanzo L 2022 IEEE Netw. 36, 14
[29] Cao Y, Zhao Y, Li J, Lin R, Zhang J and Chen J 2021 IEEE J. Sel. Areas Commun. 39, 2701
[30] Huang C, Chen Y, Luo T, He W, Liu X, Zhang Z and Wei K 2024 Sci. China Phys. Mech. Astron. 67, 240312
[31] Wei K, Li W, Tan H, et al. 2020 Phys. Rev. X 10, 031030
[32] Elliott C, Pearson D and Troxel G 2003 Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications pp. 227
[33] Berzanskis A, Hakkarainen H, Lee K and Hussain M R 2009 Method of Integrating QKD with IPsec, U.S. Patent 7,602,919
[34] Zhang P, Chen N, Shen S, Yu S, Wu S and Kumar N 2022 IEEE Wireless Communications 31, 141
[35] Marksteiner S and Maurhart O 2015 9th Int. Conf. Quantum, Nano/Bio, and Micro Technologies, pp. 35
[36] Cano A, Garcia C R, Frantz R, Monroy I T, Imaña J L and Vegas J J 2024 2024 IEEE 32nd International Conference on Network Protocols (ICNP) pp. 1
[37] Li J, Zheng P, Li Z, Xue K, Xie Z, Yu N, Sun Q and Lu J 2025 IEEE Network 39, 180
[38] Sibson P, Kennard J, Crabtree T, Wright P, White C, Salas E H, Lord A, Grammel G, Mead B and Radev R 2024 Optical Fiber Communication Conference (Optica Publishing Group) pp. Th3B-4
[39] Alia O, Huang A, Luo H, Amer O, Pistoia M and Lim C 2024 Optical Fiber Communication Conference (Optica Publishing Group) pp. Th3B-5
[40] Lawo D C, Abu Bakar R, Cano Aguilera A, Cugini F, Imaña J L, Tafur Monroy I and Vegas Olmos J J 2024 Future Internet 16, 300
[41] Gao X, Xue K, Li J, Li Z, Wu J, Yu N, Sun Q and Lu J 2025 IEEE Comm. Mag. 63 148
[42] Cao Y, Yu X, Zhao Y, Zhang C, Zhou X, Zhang J and Wang Q 2025 Chin. Phys. B 34, 010310
[43] Garcia C R, Cano A, Olmos J V, Rommel S and Monroy I T 2025 Optical Fiber Communications Conference and Exhibition (OFC) (IEEE), pp. 1
[44] Fluhrer S, Kampanakis P, McGrew D and Smyslov V 2020 RFC 8784
[45] Harkins D and Carrel D 1998 RFC 2409: The Internet Key Exchange (IKE)
[46] Kaufman C 2005 RFC 4306: Internet Key Exchange (IKEv2) Protocol (RFC Editor)
[47] Joan D and Vincent R 2002 Information Security and Cryptography (Springer)
[48] Huttner B, Imoto N, Gisin N and Mor T 1995 Phys. Rev. A 51, 1863
[49] Hwang W Y 2003 Phys. Rev. Lett. 91, 057901
[50] Wang X B 2005 Phys. Rev. Lett. 94, 230503
[51] Lo H K, Ma X and Chen K 2005 Phys. Rev. Lett. 94, 230504
[52] Ma X, Qi B, Zhao Y and Lo H K 2005 Phys. Rev. A 72, 012326
[53] Gottesman D, Lo H K, Lutkenhaus N and Preskill J 2004 Security of Quantum Key Distribution with Imperfect Devices, International Symposium on Information Theory
[54] Jiang C, Yu Z W, Hu X L and Wang X B 2019 Phys. Rev. Appl. 12, 024061
[55] Wang Z H, Wang R, Yin Z Q, Wang S, Lu F Y, Chen W, He D Y, Guo G C and Han Z F 2023 Commun. Phys. 6, 265
[56] Chernoff H 1952 Ann. Math. Stat. 23, 493-507
[57] Alia O, Huang A, Luo H, Amer O, Pistoia M and Lim C 2024 arXiv:2405.04415 [quant-ph]
[58] Fan-Yuan G J, Lu F Y, Wang S, Yin Z Q, He D Y, Chen W, Zhou Z, Wang Z H, Teng J and Guo G C 2022 Optica 9, 812

Schemes of IPsec integrated with quantum key distribution

Schemes of IPsec integrated with quantum key distribution

PDF (PC)

赞

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

Metrics

本文评价

推荐阅读 0

[1]	Cheng Zhang(张诚), Cheng Liu(刘成), Jiawei Ying(应佳伟), Shipu Gu(顾世浦), Lan Zhou(周澜), Yin Ma(马寅), Kang Gao(高亢), Hai Wei(魏海), Kai Wen(文凯), and Yubo Sheng(盛宇波). Measurement-device-independent quantum key distribution with entanglement-assisted linear Bell state measurement[J]. 中国物理B, 2026, 35(4): 40310-040310.
[2]	Zhigang Shen(沈志冈), Yuting Lu(鲁雨婷), Yang Yu(余杨), and Shengmei Zhao(赵生妹). Mode-pairing quantum key distribution based on heralded pair-coherent source with passive decoy-states[J]. 中国物理B, 2025, 34(9): 90304-090304.
[3]	Li Liu(刘力), Shengtong Zhai(翟晟童), Yao Pu(蒲瑶), and Xu Zhang(张旭). Protection path and security-metric-based resource allocation algorithm in quantum key distribution optical networks[J]. 中国物理B, 2025, 34(9): 90306-090306.
[4]	Shizhuo Li(李世卓), Xin Liu(刘馨), Zhenrong Zhang(张振荣), and Kejin Wei(韦克金). Mode-pairing quantum key distribution with multi-step advantage distillation[J]. 中国物理B, 2025, 34(9): 90307-090307.
[5]	Yan-Mei Zhao(赵燕美), Chun Zhou(周淳), Xiao-Lei Jiang(姜晓磊), Yi-Fei Lu(陆宜飞), Yu Zhou(周雨), Hai-Tao Wang(汪海涛), Yang Wang(汪洋), Jia-Ji Li(李家骥), Yan-Yang Zhou(周砚扬), Hong-Wei Li(李宏伟), and Wan-Su Bao(鲍皖苏). Improving the performance of reference-frame-independent measurement-device-independent quantum key distribution in hybrid channels[J]. 中国物理B, 2025, 34(5): 50302-050302.
[6]	Chun-Xue Zhang(张春雪), Jian-Guang Li(李建光), Yue Wang(王玥), Wei Chen(陈巍), Jia-Shun Zhang(张家顺), and Jun-Ming An(安俊明). Multi-protocol quantum key distribution decoding chip[J]. 中国物理B, 2025, 34(5): 50303-050303.
[7]	Hai-Tao Wang(汪海涛), Chun Zhou(周淳), Yi-Fei Lu(陆宜飞), Chen-Peng Hao(郝辰鹏), Yan-Mei Zhao(赵燕美), Yan-Yang Zhou(周砚扬), Hong-Wei Li(李宏伟), and Wan-Su Bao(鲍皖苏). Asymmetric mode-pairing quantum key distribution with advantage distillation[J]. 中国物理B, 2025, 34(4): 40305-040305.
[8]	Xiao-Liang Yang(杨晓亮), Yu-Qing Li(李毓擎), and Hong-Wei Li(李宏伟). Effect of pseudo-random number on the security of quantum key distribution protocol[J]. 中国物理B, 2025, 34(2): 20301-020301.
[9]	Zi-Qi Chen(陈子骐), Hao-Bing Sun(孙昊冰), Ming-Shuo Sun(孙铭烁), and Qin Wang(王琴). Improved reference-frame-independent quantum key distribution with intensity fluctuations[J]. 中国物理B, 2025, 34(2): 20302-020302.
[10]	Chun Zhou(周淳), Yan-Mei Zhao(赵燕美), Xiao-Liang Yang(杨晓亮), Yi-Fei Lu(陆宜飞), Yu Zhou(周雨), Xiao-Lei Jiang(姜晓磊), Hai-Tao Wang(汪海涛), Yang Wang(汪洋), Jia-Ji Li(李家骥), Mu-Sheng Jiang(江木生), Xiang Wang(汪翔), Hai-Long Zhang(张海龙), Hong-Wei Li(李宏伟), and Wan-Su Bao(鲍皖苏). Security analysis of satellite-to-ground reference-frame-independent quantum key distribution with beam wandering[J]. 中国物理B, 2024, 33(8): 80306-080306.
[11]	Lin Bi(毕琳), Xiaotong Yuan(袁晓同), Weijie Wu(吴炜杰), and Shengxi Lin(林升熙). A new quantum key distribution resource allocation and routing optimization scheme[J]. 中国物理B, 2024, 33(3): 30309-030309.
[12]	Le-Chen Xu(徐乐辰), Chun-Hui Zhang(张春辉), Xing-Yu Zhou(周星宇), and Qin Wang(王琴). Improved decoy-state quantum key distribution with uncharacterized heralded single-photon sources[J]. 中国物理B, 2024, 33(2): 20313-020313.
[13]	Mingshuo Sun(孙铭烁), Chun-Hui Zhang(张春辉), Rui Zhang(章睿), Xing-Yu Zhou(周星宇), Jian Li(李剑), and Qin Wang(王琴). Improved model on asynchronous measurement-device-independent quantum key distribution with realistic devices[J]. 中国物理B, 2024, 33(11): 110302-110302.
[14]	Chun Zhou(周淳), Hai-Tao Wang(汪海涛), Yi-Fei Lu(陆宜飞), Xiao-Lei Jiang(姜晓磊), Yan-Mei Zhao(赵燕美), Yu Zhou(周雨), Yang Wang(汪洋), Jia-Ji Li(李家骥), Yan-Yang Zhou(周砚扬), Xiang Wang(汪翔), Hong-Wei Li(李宏伟), and Wan-Su Bao(鲍皖苏). Reference-frame-independent quantum key distribution with two-way classical communication[J]. 中国物理B, 2024, 33(10): 100302-100302.
[15]	Jiang-Ping Zhou(周江平), Yuan-Yuan Zhou(周媛媛), Xue-Jun Zhou(周学军), and Xuan Bao(暴轩). Improved statistical fluctuation analysis for two decoy-states phase-matching quantum key distribution[J]. 中国物理B, 2023, 32(8): 80306-080306.