Improved Security of SDN based on Hybrid Quantum Key Distribution Protocol

Abstract

Network programming provides new security solutions for traditional networks. However, software-defined networking still suffers from security issues. An important one is the weaknesses related to the OpenFlow channel between network devices and controller, as the network can be attacked via the OpenFlow channel and exploit communications with the control plane. Our work proposes a solution to provide adequate security for OpenFlow messages in software-defined networks by using a hybrid key consisting of classical and quantum key distribution protocols to provide double security depending on the quantum's computational complexity and physical properties. To achieve this goal, the hybrid key is used with transport layer security protocol to provide confidentiality, integrity and quantum authentication to secure software-defined network connections between the control and data planes. We experimentally based on the SDN-testbed to show the workflow of exchanging quantum and classical keys between the control plane and network devices in the data plane, and our results showed the effectiveness of the hybrid key to enhance the security of the transport layer security protocol. Thereby achieving adequate security for controller communications with the data plane against classical and quantum computer attacks by conducting security analysis and clarifying the efficiency of the proposal in terms of the average required time.