Open-QKD-Network
Motivation
Modern technological advances are making quantum computing more accessible and, by extension, are bringing larger-scale quantum computing systems and networks closer to reality. While this new era of computing stands to offer a great deal of benefit to society at large, quantum computers will also be able to undermine all conventional cybersecurity systems of the present. Therefore, it is crucial that “quantum-safe” cybersecurity systems are developed and refined before quantum computing becomes commonplace.
The collective effort towards creating quantum-safe systems requires planning and collaboration amongst many stakeholders. This new quantum-safe cryptography includes conventional “post-quantum” cryptography (PQC) algorithms (sometimes referred to as “quantum-resistant” algorithms (QRA)) and quantum key distribution (QKD). The PQC algorithms are used to generate keys and encrypt information in a way that is safe against quantum computers, while the QKD systems manage and distribute said keys among a network in a secure way.
OpenQKDNetwork, in particular, contributes to the development of quantum-safe systems by establishing a robust and modular framework for key distribution. This architecture consists of four layers whose implementations are completely customizable independently of each other. The flexibility of OpenQKDNetwork makes it an extremely promising framework for QKD systems going forward - many use cases are already being developed, demonstrating the potential for OpenQKDNetwork as the basis of key distribution for quantum-safe cybersecurity systems globally.
OVERVIEW
OpenQKDNetwork is an open-source project which seeks to facilitate the transition of current cyber-security systems towards becoming quantum-resistant. In particular, it aims to develop a modular and robust quantum key distribution (QKD) architecture adaptable to current conventional communication systems. This framework involves four layers (the hosts layer, the key management service layer, the quantum network layer, and the quantum link layer) that can be modified independently of each other, accommodating a variety of implementations as well as costs by extension.
The Hosts Layer
The Hosts layer consists of user devices and applications, which make key requests to the Key Management Service (KMS) layer. These devices and applications use these keys to encrypt data to share between each other in a confidential manner.
The Key Management Service Layer
The KMS layer maintains a quantum key pool, issuing keys to the Hosts layer and obtaining keys from the QKD Network Layer (QNL). The KMS layer issues keys to their designated hosts and must ensure the integrity of the key pool, preventing the keys in the key pool from being known to eavesdroppers. This layer must also deal out key’s based on the key lengths and lifetimes dictated by its policy engine, as well as the key pool size. In addition, this key pool must be synchronized between nodes.
The Quantum Network Layer
The QNL layer coordinates key routing between nodes in a QKD network and assembles key bits, which are generated in the Quantum Link Layer (QLL) and provided directly to the local KMS. The QNL is flexible and can adapt to any network topology, using a control plane technology suite with optimized pathfinding to manage and synchronize key generation behaviour across different nodes in a network. The key bit assembly, on the other hand, is done using a data plane technology suite.
The Quantum Link Layer
The QLL layer links physical QKD hardware devices. These devices are responsible for producing the keys which are used by the rest of the system. After a key is produced, it is passed to the QNL where it is processed as described above. The QLL layer also shares information about its links with the QNL, such as its rate of key generation, so that the rest of system can respond accordingly.
The KMS and QNL layers as well as a simulator of the QLL layer have been implemented in software, for which the source code and documentation are both publicly available here. This software is under active development and maintenance.
Those conducting research on QKD technology are welcome to download and integrate this system with their QKD devices to perform demonstrations to promote their work. Developers and researchers of applications that may benefit from quantum key agreement are also welcome to download and use the software system (with our QLL simulator and/or other quantum hardware links they may have available) to prepare for and test the integration of QKD keys into their applications.
It is important to note that the design and software testing of the OpenQKDNetwork framework may be done even without QKD hardware at this point.
Team Leads
Professor Michele Mosca - Principal Investigator
michele.mosca@uwaterloo.ca
Dr. Michele Mosca is a professor at the University of Waterloo in the Department of Combinatorics and Optimization, where his research focuses on future-proofing modern technologies and networks to be quantum-safe. In addition to co-founding evolutionQ Inc. and softwareQ Inc., which support organizations in upgrading their communication systems for the quantum era, he has also co-founded the University of Waterloo’s Institute for Quantum for Computing, out of which the Waterloo side of this project runs. Dr. Mosca completed his PhD in Quantum Computer Algorithms at the University of Oxford and is recognized internationally in his field, with honours such as the Queen Elizabeth II Diamond Jubilee Medal and a Knighthood (Cavaliere) in the Order of Merit of the Italian Republic.
Professor Norbert Lütkenhaus, co-Investigator
lutkenhaus.office@uwaterloo.ca
Dr. Norbert Lütkenhaus is a professor at the University of Waterloo in the Department of Physics and Astronomy, where his Emmy-Noether research group studies quantum communication theory and how it applies to optical implementations. He is most well known for his work on security proofs for optical QKD systems, and in particular, he runs the Optical Quantum Communication Theory Group, which focuses on the theory of practical QKD as well as their protocols. Dr. Lütkenhaus is also a co-founder of evolution Q Inc, with previous experience at MagiQ Technologies where he sought to commercially realize QKD systems. He received his PhD in Quantum Optics and Cryptography at the University of Strathclyde and is currently a Fellow of the American Physical Society.
Team Members
Current
Patrick Davies
Software Developer
Dr. Xinhua Ling
System Architect/QNL Designer/Project Manager
Sarah McCarthy
Project Manager
Brian Neill
Project Manager
Zhengmao Ouyang
Software Developer
Kaiduan Xie
Software Developer
Past
Dr. Jean-Phillipe Bourgoin
QLL Researcher
Dr. Brendon Higgins
QLL Researcher
Shravan Mishra
Software Developer
Dr. Peter Tysowski
KMS Designer
Sponsors
Resources
1.
“Quantum Key Distribution Integration Scope and Requirements Study”, NRC Report, Aug. 2016
2.
“Quantum Key Distribution Integration Project”, NRC Report, May 2017, June 2018
3.
“The Engineering of a Scalable Multi-Site Communications System Utilizing Quantum Key Distribution (QKD)”, Quantum Science and Technology 3, no. 2 (2018): 024001, arXiv:1712.02617v1