To address the security bottleneck wherein compromise of a single QKD network renders long-term keys insecure, this paper proposes MULTISS—a protocol enabling information-theoretically secure long-term key storage across multiple heterogeneous QKD networks. MULTISS introduces a novel hierarchical secret sharing scheme that distributes key shares across distinct QKD networks, integrating Shamir’s secret sharing with quantum key distribution infrastructure. Crucially, it supports incremental key updates without global reconstruction, significantly enhancing maintainability. Theoretical analysis proves that confidentiality remains perfectly secure—under information-theoretic guarantees—as long as the number of uncompromised QKD networks meets a predefined threshold. Compared to single-network approaches such as LINCOS, MULTISS achieves substantial advances in both security robustness (resilience against partial network compromise) and update efficiency (eliminating costly full-key re-sharing).

This paper presents MULTISS, a new protocol for long-term storage distributed across multiple Quantum Key Distribution (QKD) networks. This protocol is an extension of LINCOS, a secure storage protocol that uses Shamir secret sharing for secret storage on a single QKD network. Our protocol uses hierarchical secret sharing to distribute a secret across multiple QKD networks while ensuring perfect security. Our protocol further allows for sharing updates without having to reconstruct the entire secret. We also prove that MULTISS is strictly more secure than LINCOS, which remains vulnerable when its QKD network is compromised.