Design and Validation of Quantum Key Management System for Construction of KREONET Quantum Cryptography Communication
Keywords:Quantum Cryptography Communcation, Key Management System, KREONET, Post Quantum Cryprography, IPsec
As it has been recently proven that the public key-based RSA algorithms that are currently used in encryption can be unlocked by Shor’s algorithm of quantum computers in a short time, conventional security systems are facing new threats, and accordingly, studies have been actively conducted on new security systems. They are classified into two typical methods: Post Quantum Cryptography (PQC) and Quantum Key Distribution (QKD). PQC aims to design conventional cryptography systems in a more robust way so that they will not be decrypted by a quantum computer in a short time whereas QKD aims to make data tapping and interception physically impossible by using quantum mechanical characteristics. In this paper, we design a quantum key management system, which is most crucial for constructing a QKD network and analyze the design requirements to apply them to Korea Research Environment Open NETwork (KREONET). The quantum key management system not only manages the lifecycle, such as storage, management, derivation, allocation, and deletion of the symmetric key generated in QKD but also enables many-to-many communication in QKD communication based on the key relay function and P2P communication to overcome the limitation of distance, which is a disadvantage of QKD. We have validated the designed quantum key management system through simulations to supplement the parts that were not considered during the initial design.
Peter W. Shor. 1994. Algorithms for quantum computation: Discrete logarithms and factoring. In Proceedings of the 35th Annual Symposium on Foundations of Computer Science. IEEE Computer Society Press, 124–134. DOI: http://dx.doi.org/10.1109/SFCS.1994.365700
Frank Arute, et al 2019. Quantum supremacy using a programmable superconducting processor. Nature 574, 7779 (Oct. 2019), 505–510. DOI: http://dx.doi.org/10.1038/s41586-019-1666-5
Charles H. Bennett, Gilles Brassard et al. 1984. Quantum cryptography: Public key distribution and coin tossing. In Proceedings of the IEEE International Conference on Computers, Systems and Signal Processing, Vol. 175. 8. Retrieved from http://www.cs.ucsb.edu/chong/.
Masahide Sasaki. 2011. Tokyo QKD network and the evolution to secure photonic network. In Proceedings of the Conference on Laser Applications to Photonic Applications (CLEO’11), Vol. 1. OSA, Washington, D.C., JTuC1. DOI: http://dx.doi.org/10.1364/CLEO_AT.2011.JTuC1
Park, Man-Kyu, et al. “A Study of Future Internet Testbed Construction using NetFGA/OpenFlow Switch on KOREN/KREONET.” Journal of the Institute of Electronics Engineers of Korea TC 47.7 (2010): 109–117.
KREONET web site, Retrieved Aug., 6, 2021, from http://www.kreonet.net/
Kim, Dongkyun, et al. “KREONET-S: Software-defined wide area network design and deployment on KREONET.” IAENG International Journal of Computer Science 45.1 (2018): 27–33.
Ma, Xiongfeng, et al. “Quantum random number generation.” npj Quantum Information 2.1 (2016): 1–9.
Krawczyk, Hugo, and Pasi Eronen. “Hmac-based extract-and- expand key derivation function (hkdf).” RFC 5869, May, 2010.
Chip Elliott, David Pearson, and Gregory Troxel. 2003. “Quantum cryptography in practice”, In Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM’03). 227. DOI: http://dx.doi.org/10.1145/863981.863982
Chip Elliott and H. Yeh. 2007. “DARPA Quantum Network Testbed. Technical Report”, BBN Technologies Cambridge, New York, New York. Retrieved from http://oai.dtic.mil/oai/oai?verb=getRecord.
Alexander Sergienko. 2005. “Quantum Communications and Cryptography.” Vol. 2005. CRC Press. Retrieved from http://books.google.com/books?hl=en
Thomas Langer. 2013. “The Practical Application of Quantum Key Distribution”. Ph.D. Thesis. University of Lausanne.
M. Peev, C. Pacher, R. Alléaume, et al. 2009. “The SECOQC quantum key distribution network in Vienna”, New J. Phys. 11, 7 (July 2009), 75001. DOI: http://dx.doi.org/10.1088/1367-2630/11/7/075001
Shuang Wang, Wei Chen, et al. 2014. Field and long-term demonstration of a wide area quantum key distribution network. Opt. Expr. 22, 18 (Sept. 2014), 21739. DOI: http://dx.doi.org/10.1364/OE.22.021739
Qiang Zhang, Feihu Xu, Yu-Ao Chen, Cheng-Zhi Peng, and Jian-Wei Pan. 2018. Large scale quantum key distribution: Challenges and solutions [Invited]. Opt. Expr. 26, 18 (Sep. 2018), 24260. DOI: http://dx.doi.org/10.1364/oe.26.024260
Jane Qiu. 2014. Quantum communications leap out of the lab. Nature 508, 7497 (Apr. 2014), 441–442. DOI: http://dx.doi.org/10.1038/508441a
European Commission. 2017. China to launch world’s first quantum communication network. Retrieved from https://cordis.europa.eu/article/id/122516.trending-science-china-to-launch-worlds-first-quantum-communication-network/en.
ChinaDaily. 2017. Quantum tech to link Jinan governments. Retrieved from http://www.chinadaily.com.cn/china/2017-07/11/content_30065215.htm.
Martino Travagnin and Adam Lewis. 2019. Quantum key distribution in field implementations. pp. EUR 29865 EN. Retrieved from https://op.europa.eu/en/publicationdetail/-/publication/e93e5bf9-efc3-11e9-a32c-01aa75ed71a1/language-en.
Yong Zhao. 2019. The integration of QKD and security services. In Proceedings of the ITU QIT4N Workshop Shanghai. Retrieved from https://www.itu.int/en/ITU-T/Workshops-and-Seminars/2019060507/Documents/Yong.
Teng-Yun Chen, Hao Liang, Yang Liu, Wen-Qi Cai, Lei Ju, Wei-Yue Liu, Jian Wang, Hao Yin, Kai Chen, ZengBing Chen, Cheng-Zhi Peng, and Jian-Wei Pan. 2009. Field test of a practical secure communication network with decoy-state quantum cryptography. Opt. Expr. 17, 8 (Apr. 2009), 6540. DOI: http://dx.doi.org/10.1364/OE.17.006540arxiv:0810.1264.
F. X. Xu, W. Chen, S. Wang, Z. Q. Yin, Y. Zhang, Y. Liu, Z. Zhou, Y. B. Zhao, H. W. Li, D. Liu, Z. F. Han, and G. C. Guo. 2009. Field experiment on a robust hierarchical metropolitan quantum cryptography network. Chin. Sci. Bull. 54, 17 (2009), 2991–2997. DOI: http://dx.doi.org/10.1007/s11434-009-0526-3
Zheng-fu Han, Fang-Xing Xu, Wei Chen, Shuang Wang, Zhen-Qiang Yin, Yang Zhang, Yun Liu, Zheng Zhou, HongWei Li, Dong Liu, and Guang-Can Guo. 2010. An application-oriented hierarchical quantum cryptography network test bed. In Proceedings of the Optical Fiber Communication Conference. DOI: http://dx.doi.org/10.1364/OFC.2010.OTuK4
Shuang Wang, Wei Chen, Zhen-Qiang Yin, Yang Zhang, Tao Zhang, Hong-Wei Li, Fang-xing Xu, Zheng Zhou, Yang Yang, Da-Jun Huang, Li-Jun Zhang, Fang-Yi Li, Dong Liu, Yong-Gang Wang, Guang-Can Guo, and Zheng-Fu Han. 2010. Field test of wavelength-saving quantum key distribution network. Opt. Lett. 35, 14 (2010), 2454–2456. DOI: http://dx.doi.org/10.1364/OL.35.002454arxiv:1203.4321.
Kaoru Shimizu, Toshimori Honjo, Mikio Fujiwara, Toshiyuki Ito, Kiyoshi Tamaki, Shigehito Miki, Taro Yamashita, Hirotaka Terai, Zhen Wang, and Masahide Sasaki. 2014. Performance of long-distance quantum key distribution over 90-km optical links installed in a field environment of Tokyo metropolitan area. J. Lightw. Technol. 32, 1 (Jan. 2014), 141–151. DOI: http://dx.doi.org/10.1109/JLT.2013.2291391
Länger, Thomas, and Gaby Lenhart. ”Standardization of quantum key distribution and the ETSI standardization initiative ISG-QKD.” New Journal of Physics 11.5 (2009): 055051.
ETSI, “Quantum Key Distribution (QKD); Protocol and data format of key delivery API to Applications,” GS QKD 014, V1.1.1 (2018)
ETSI, “Quantum Key Distribution Control Interface for Software Defined Networks”, GS QKD 015 Quantum Key Distribution (QKD), V1.1.1 (2021).