Search for a command to run...
• The first functional implementation that integrates SDN, QKD, and IPsec technologies within a unified architecture, enabling dynamic establishment of IPsec tunnels protected with Quantum Key Distribution. • The proposed solution is based on the implementation of IPsec in accordance with QKD-related standards defined by ETSI, specifically adhering to the specifications ETSI GS QKD 004 and ETSI GS QKD 015. This approach ensures interoperability and alignment with current best practices for quantum secure network deployments. • Experimental results were obtained from a field-deployed QKD network operating over a hybrid quantum-classical infrastructure, providing empirical validation of the proposed approach in a production-grade environment laying a solid foundation for future large-scale deployments. The importance of digital communications makes protecting data in transit a critical priority. Internet Protocol Security (IPsec) plays a central role in this protection, by ensuring data confidentiality, integrity, and authenticity. However, quantum computing threatens the foundations of IPsec. Its ability to efficiently solve mathematical problems such as factoring and discrete logarithms could break the public-key cryptography used for IPsec key exchange. Quantum Key Distribution (QKD) is one of the most promising solutions to this problem, offering a security layer immune to both classical and quantum computational attacks. This work proposes a solution that integrates emerging quantum technologies into existing security and communication infrastructures to ensure long-term protection. We combine IPsec with Software-Defined Networking and QKD to build a novel network security infrastructure. It is designed to resist both classical and quantum threats. It is based on recent standardization efforts and operational tools for QKD integration. We demonstrate advanced capabilities such as rekeying and secure key transport on a field deployed QKD network operating within a shared quantum-classical production infrastructure.