Daniel Sobral Blanco

@conference{javierblanco005,

title = {QKD-KEM: Hybrid QKD Integration into TLS with OpenSSL Providers},

author = {Javier Blanco-Romero and Pedro Otero-Garcia and Daniel Sobral-Blanco and Florina Almenares-Mendoza and Ana Fernandez-Vilas and Rebeca Diaz-Redondo},

doi = { https://doi.org/10.48550/arXiv.2503.07196},

year  = {2025},

date = {2025-03-10},

urldate = {2025-03-10},

abstract = {Quantum Key Distribution (QKD) promises information-theoretic security, yet integrating QKD into existing protocols like TLS remains challenging due to its fundamentally different operational model. In this paper, we propose a hybrid QKD-KEM protocol with two distinct integration approaches: a client-initiated flow compatible with both ETSI 004 and 014 specifications, and a server-initiated flow similar to existing work but limited to stateless ETSI 014 APIs. Unlike previous implementations, our work specifically addresses the integration of stateful QKD key exchange protocols (ETSI 004) which is essential for production QKD networks but has remained largely unexplored. By adapting OpenSSL’s provider infrastructure to accommodate QKD’s pre-distributed key model, we maintain compatibility with current TLS implementations while offering dual layers of security. Performance evaluations demonstrate the feasibility of our hybrid scheme with acceptable overhead, showing that robust security against quantum threats is achievable while addressing the unique requirements of different QKD API specifications.},

keywords = {},

pubstate = {published},

tppubtype = {conference}

}