Quantum key distribution (QKD) can provide information theoretically secure key exchange even in the era of quantum computers. However, QKD requires the classical channel to be authenticated, the current method for which is pre-sharing symmetric keys. For a QKD network of n users, this method requires \({C}_{n}^{2}=n(n-1)/2\) pairs of symmetric keys to realize pairwise interconnection. In contrast, with the help of a mature public key infrastructure (PKI) and post-quantum cryptography (PQC) with quantum-resistant security, each user only needs to apply for one digital certificate from a certificate authority (CA) to achieve efficient and secure authentication for QKD. We need to assume only the short-term security of the PQC algorithm to achieve long-term security of the distributed keys. Here, we experimentally verified the feasibility, efficiency, and stability of the PQC algorithm in QKD authentication, and demonstrated the advantages when new users join the QKD network. Using the PQC public-key infrastructure, the nodes need to mutually trust only the CA to authenticate each other. QKD combined with PQC authentication will greatly promote and extend the application prospects of quantum-safe communication.

即使在量子计算机时代，量子密钥分配（QKD）仍可提供理论上安全的密钥交换信息。但是，QKD需要对经典通道进行身份验证，当前的方法是预共享对称密钥。对于n个用户的QKD网络，此方法需要\（{C} _ {n} ^ {2} = n（n-1）/ 2 \）一对对称密钥，以实现成对互连。相比之下，借助成熟的公钥基础结构（PKI）和具有抗量子安全性的后量子密码（PQC），每个用户只需向证书颁发机构（CA）申请一个数字证书即可实现高效且高效的认证。 QKD的安全身份验证。我们只需要假设PQC算法的短期安全性就可以实现分布式密钥的长期安全性。在这里，我们通过实验验证了PQC算法在QKD身份验证中的可行性，效率和稳定性，并展示了新用户加入QKD网络时的优势。使用PQC公钥基础结构，节点仅需相互信任CA即可相互认证。