If anyone wants to build a [Matrix] stack, I’ve made a working stack publicly available. Feedback and contributions are welcome.
https://github.com/nean-and-i/matrix-stack
#DigitalSovereignty #DIDit #Matrix #Tuwunel #Caddy #LiveKit #Coturn
nean
@_nean
- 6 Followers
- 111 Following
- 3 Posts
Our paper “PQC‑Enhanced QKD Networks: A Layered Approach” from QCNC Kobe 🇯🇵 is now on arXiv: https://arxiv.org/abs/2604.05599
We show how WireGuard + QKD + PQC provide scalable end‑to‑end security over multi‑hop Quantum QKD networks – no trusted node, no key forwarding, no SDN,... needed – and introduce Arnika – Quantum secure VPN: https://github.com/arnika-project/arnika
#Quantum #Communication #QKD #PQC #WireGuard #ETSI014 #EUROQCI
PQC-Enhanced QKD Networks: A Layered Approach
We present a layered and modular network architecture that combines Quantum Key Distribution (QKD) and Post-Quantum Cryptography (PQC) to provide scalable end-to-end security across long distance multi-hop, trusted-node quantum networks. To ensure interoperability and efficient practical deployment, hop-wise tunnels between physically secured nodes are protected by WireGuard with periodically rotated pre-shared keys sourced via the ETSI GS QKD 014 interface. On top, Rosenpass performs a PQC key exchange to establish an end-to-end data channel without modifying deployed QKD devices or network protocols. This dual-layer composition yields post-quantum forward secrecy and authenticity under practical assumptions. We implement the design using open-source components and validate and evaluate it in simulated and lab test-beds. Experiments show uninterrupted operation over multi-hop paths, low resource footprint and fail-safe mechanisms. We further discuss the design's compositional security, wherein the security of each individual component is preserved under their combination and outline migration paths for operators integrating QKD-aware overlays in existing infrastructures.