Sebastian Ramacher

Paul Spooren, Andreas Neuhold, Sebastian Ramacher et al.

We present a layered and modular network architecture that combines Quantum Key Distribution (QKD) and Post-Quantum Cryptography (PQC) to provide scalable end-to-end security across long distance multi-hop, trusted-node quantum networks. To ensure interoperability and efficient practical deployment, hop-wise tunnels between physically secured nodes are protected by WireGuard with periodically rotated pre-shared keys sourced via the ETSI GS QKD 014 interface. On top, Rosenpass performs a PQC key exchange to establish an end-to-end data channel without modifying deployed QKD devices or network protocols. This dual-layer composition yields post-quantum forward secrecy and authenticity under practical assumptions. We implement the design using open-source components and validate and evaluate it in simulated and lab test-beds. Experiments show uninterrupted operation over multi-hop paths, low resource footprint and fail-safe mechanisms. We further discuss the design's compositional security, wherein the security of each individual component is preserved under their combination and outline migration paths for operators integrating QKD-aware overlays in existing infrastructures.

Stephan Krenn, Doryan Lesaignoux, Sebastian Ramacher

Electronic identities (eIDs) are crucial in an increasingly digitalized environment. Pseudonyms, as offered by Austria's governmental sector-specific personal identifiers (bPks), can significantly improve privacy by ensuring that personal data is not universally traceable across public services and private companies. However, the current architecture comes with several challenges regarding availability, privacy, and authenticity, due to a fully centralized design. This paper proposes bPk#, a distributed architecture to address these issues, reducing reliance on the central authority, while still providing all functional requirements to the existing bPk system. In particular, users are delegated the rights to compute their own pseudonyms, thereby minimizing metadata revealed to the central authority, while (subsets of) service providers may receive the right to compute pseudonyms only within their own domain, thereby reducing the availability needs of the central authority. To the best of our knowledge, we provide the first formal framework for such delegatable pseudonym systems, together with a generic construction for which we provide formal security proofs. Furthermore, we propose a concrete instantiation of our construction, together with a reference implementation demonstrating the practical efficiency.

Stephan Krenn, Omid Mir, Thomas Lorünser et al.

Secure long-distance communication in quantum key distribution (QKD) networks depends on trusted repeater nodes along the entire transmission path. Consequently, these nodes will be subject to strict auditing and certification in future large-scale QKD deployments. However, trust must also extend to the network operator, who is responsible for fulfilling contractual obligations -- such as ensuring certified devices are used and transmission paths remain disjoint where required. In this work, we present a path validation protocol specifically designed for QKD networks. It enables the receiver to verify compliance with agreed-upon policies. At the same time, the protocol preserves the operator's confidentiality by ensuring that no sensitive information about the network topology is revealed to users. We provide a formal model and a provably secure generic construction of the protocol, along with a concrete instantiation. For long-distance communication involving 100 nodes, the protocol has a computational cost of 1-2.5s depending on the machine, and a communication overhead of less than 70kB - demonstrating the efficiency of our approach.

Sebastian Raubitzek, Werner Strasser, Sebastian Ramacher et al.

The European Union is developing the European Quantum Communication Infrastructure (EuroQCI) as a pan-European network to provide secure communication capabilities across Member States, including governmental and critical-infrastructure domains. While the strategic objective is defined at EU level, the required scale and structure of national quantum key distribution (QKD) networks remain largely unspecified. This work addresses the question of how to plan and size national terrestrial QKD networks to support critical infrastructure and public authorities. We propose a reproducible planning methodology that estimates network size, total fiber length, and the number of required QKD components based on a small set of explicit assumptions. The approach is demonstrated for Austria, where a synthetic but structured network model is constructed and evaluated using Monte Carlo simulation. The model focuses on terrestrial QKD infrastructure and explicitly excludes space-based segments. It estimates endpoint counts, trusted repeater node requirements, and hop-length distributions under realistic operational constraints. The Austrian case is then used as a baseline to derive scaling rules for other EU Member States based on population and geographic extent. The results provide first-order planning estimates for national QKD backbone sizes across Europe. These estimates are not intended as deployment designs but as planning-level references that support early-stage cost assessment and infrastructure dimensioning under the EuroQCI framework.

Karl Koch, Stephan Krenn, Donato Pellegrino et al.

Data markets have the potential to foster new data-driven applications and help growing data-driven businesses. When building and deploying such markets in practice, regulations such as the European Union's General Data Protection Regulation (GDPR) impose constraints and restrictions on these markets especially when dealing with personal or privacy-sensitive data. In this paper, we present a candidate architecture for a privacy-preserving personal data market, relying on cryptographic primitives such as multi-party computation (MPC) capable of performing privacy-preserving computations on the data. Besides specifying the architecture of such a data market, we also present a privacy-risk analysis of the market following the LINDDUN methodology.

Lukas Alber, Stefan More, Sebastian Ramacher

On today's Internet, combining the end-to-end security of TLS with Content Delivery Networks (CDNs) while ensuring the authenticity of connections results in a challenging delegation problem. When CDN servers provide content, they have to authenticate themselves as the origin server to establish a valid end-to-end TLS connection with the client. In standard TLS, the latter requires access to the secret key of the server. To curb this problem, multiple workarounds exist to realize a delegation of the authentication. In this paper, we present a solution that renders key sharing unnecessary and reduces the need for workarounds. By adapting identity-based signatures to this setting, our solution offers short-lived delegations. Additionally, by enabling forward-security, existing delegations remain valid even if the server's secret key leaks. We provide an implementation of the scheme and discuss integration into a TLS stack. In our evaluation, we show that an efficient implementation incurs less overhead than a typical network round trip. Thereby, we propose an alternative approach to current delegation practices on the web.