In the future, our society and our lives will become even more reliant on networks, so it will be vital that information is transmitted quickly and safely. However, the rise of quantum computers, with their overwhelming computational capabilities, will pose a threat to the security of cryptographic communications. Hopes are high for quantum key distribution as a method of secure encrypted communication. According to information theory, quantum key distribution, which uses the principles of quantum mechanics, is an unbreakable form of encryption. Toshiba is leading the world in developing unique technologies for accelerating and stabilizing quantum key distribution.

In this running feature, we'll explain this technology over the course of several articles.

In part 3, we'll learn about quantum key distribution networks, which are essential technologies for the real-world deployment of quantum cryptographic communication. We'll also look at the standardization of these networks.

Quantum key distribution networks, essential for the real-world deployment of quantum cryptographic communication

As we explained in part 1, quantum cryptographic communication is cryptographic communication using keys shared through quantum key distribution. Quantum key distribution devices (transmitters or receivers), connected by optic fibers, are installed in two sites where quantum cryptographic communication will be used, and keys are shared using these devices. Quantum key distribution systems are created, centered on these pairs of quantum key distribution devices.

The problem is that the sites that wish to engage in quantum cryptographic communication must be directly connected by a quantum key distribution system.
Widespread real-world deployment of quantum cryptographic communications would require the installation of a prodigious number of quantum key distribution systems directly connecting every site. This is simply not practical. Furthermore, the greater the distance between sites, the lower the speed with which quantum keys can be delivered, and the less stable that transmission becomes. In part 2, we discussed technologies for accelerating and stabilizing transmission. However, if the distance between sites is so great that it exceeds the capabilities of these technologies, practical implementation of quantum key distribution becomes difficult.

One technology that can be used to address this problem is quantum key distribution network technology. Toshiba has focused on quantum key distribution networks, seeing them as vital to the real-world deployment of quantum cryptographic communication, and has been at the forefront of their development and standardization.

Quantum key distribution networks and key relay mechanisms

The fundamental concept of quantum key distribution networks is the mutual connection and networking of multiple quantum key distribution systems (shown in the "Quantum Layer" in Figure 1). The storage and management of keys generated with quantum key distribution systems are done by key managers, which are installed in each site. These key managers are also interconnected in a network (shown in the "Key Management Layer" in Figure 1). This design makes it possible for two sites that are not directly connected by a quantum key distribution system, like sites X and Z in the figure, to share keys via other sites, such as site Y, controlled by coordinated key managers.

Furthermore, quantum key distribution networks provide keys when requested by applications that use quantum cryptographic communication. The key managers are also responsible for providing keys to applications (shown in "Key supply" in Figure 1).

The sharing of keys between sites that are not directly connected by a quantum key distribution system by relaying them through other sites is called a "key relay."

Let's look at how keys are relayed using the three sites of X, Y, and Z in Figure 1. Sites X and Y are directly connected by a quantum key distribution system, as are sites Y and Z, so these connected sites can share keys using quantum key distribution. However, sites X and Z are not directly connected by quantum key distribution systems, so they cannot share keys directly. Sharing is therefore performed using the following procedure (Figure 2).

① Site X generates a key, KXZ, to be shared by sites X and Z.

② Quantum cryptographic communication is used between sites X and Y to send key KXZ from site X to site Y. This means that site X uses key KXY, shared between sites X and Y using quantum key distribution, to encrypt key KXZ, and the encrypted text, KXY⊕KXZ, is sent to site Y.

③ Site Y uses key KXY to decrypt the encrypted text, KXY⊕KXZ, and acquires key KXZ.

④ Quantum cryptographic communication is used between sites Y and Z to send key KXZ from site Y to site Z.

⑤ Site Z decrypts the encrypted text, KYZ⊕KXZ, and acquires key KXZ.

Transmission ②, between sites X and Y, and transmission ④, between sites Y and Z, are performed using quantum cryptographic communication, ensuring that key KXZ is safe from eavesdropping. Key KXZ is handled in unencrypted form within sites, such as in site Y during step ③, so measures need to be taken to prevent the key from being stolen through an attack on a site.

This approach is predicated on the sites connected by quantum key distribution networks being trusted nodes that have implemented countermeasures to prevent this key theft. Research and development is underway on the requirements and technologies of trusted nodes, which are important elements of quantum key distribution network technology. These countermeasures include not only the use of appropriate encryption technologies for processing performed within sites, such as in step ③, but also encompasses things like the physical protection of quantum key distribution devices themselves and the wiring and lines connected to them, and the management of the buildings where the equipment is located.

Quantum key distribution network standardization trends

As explained here, building a quantum key distribution network eliminates the need to use quantum key distribution systems to connect every pair of sites that use quantum cryptographic communication. It also makes it possible to avoid the limitations on distance between sites by relaying keys through appropriate intermediary sites.

Worldwide, quantum key distribution network technology R&D is gaining momentum, and hopes are high for various countries, regions, communications providers, and device vendors to lead the real-world deployment of these networks. To achieve this, it will be vital to have agreed-upon standards regarding important aspects of quantum key distribution network technology, such as its structure, functional requirements, and security.

Toshiba is participating in global efforts to standardize quantum key distribution networks. Our approach has three key points.

① Standardization of quantum key distribution network systems

② Standardization of key supply interfaces for quantum cryptographic communication applications

③ Standardization related to the security of the devices that make up quantum key distribution networks

Standardization of quantum key distribution network systems

The standardization of quantum key distribution network systems is primarily being led by the International Telecommunication Union Telecommunication Standardization Sector (ITU-T).

The National Institute of Information and Communications Technology (NICT), NEC Corporation, and Toshiba proposed ITU-T with a joint the basic configuration for the quantum key distribution network models and key relay processing explained so far. Based on this, in July 2019, ITU-T issued its ITU-T Y.3800 recommendation. (*1)

Following the adoption of Y.3800, recommendations with more detailed stipulations regarding quantum key distribution network systems have been created based on the framework put forth by Y.3800.

These recommendations, and the reference relationships between them, are shown in Figure 4.

Y.3801 stipulates functional requirements for quantum key distribution networks. Y3802 stipulates a detailed architecture for the framework introduced in Y.3800. Based on the architecture from Y.3802, Y.3803 presents key management requirements and processing methods, and Y.3804 presents requirements and processing methods related to the control and management of quantum key distribution networks.

Several other recommendations regarding quantum key distribution network security, such as X.1710, have been issued or are in the process of being formulated.

Standardization of key supply interfaces

As mentioned earlier, quantum key distribution networks provide keys upon request by applications that use quantum cryptographic communication.

In order to improve the interoperability of applications that use key supply services, the interfaces used to request and supply keys should be standardized.

This is why Toshiba issued a specification proposal to the European Telecommunications Standards Institute (ETSI) to assist with the formulation of standards for key supply interfaces. Following internal deliberation, in February 2019, ETSI issued the ETSI GS QKD 014 standard based on Toshiba's proposal.

This standard defines three Application Programming Interfaces (APIs) and applications can use these APIs as shown in Figure 5 in order to share keys. The APIs use Hypertext Transfer Protocol Secure (HTTPS) as their transmission protocol and JavaScript Object Notation (JSON) for their data structure, so there is a high degree of affinity between them and network applications as a whole.

Standardization of device security

Last, let's look at trends in the standardization of device security.

Device security standards cover security requirements related to device security and methods for evaluating implemented devices to check that they meet these requirements. The standards form the foundation of design and implementation requirements for the vendors that manufacture the devices. They are also used as procurement standards by companies that use the devices to supply quantum cryptographic communication services.

ISO/IEC JTC1* and ETSI are standardizing security specifications and evaluation methods for quantum key distribution devices, which are the most fundamental and important devices used in creating quantum key distribution networks. Toshiba, together with NICT and NEC, is participating in projects by both organizations to assist with this standardization process.

* ISO/IEC JTC1: A joint technical committee of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC)

In conjunction with this standardization, certification authorities in different countries are expected to create systems for evaluating and certifying quantum key distribution devices based on formulated standards, and device vendors are expected to use these systems.

In part 3 of this running feature, we have introduced quantum key distribution networks, essential for the real-world deployment of quantum cryptographic communication, and measures being taken to standardize these technologies. In the next issue, we will talk about the future of quantum cryptographic communication technology.

Reference materials
*1 ITU-T International Standards Organization Issues First Recommendation Regarding Quantum Key Distribution Networks

Some of this research and development was performed as part of the Cabinet Office's "Photonics and Quantum Technology for Society 5.0" SIP Program (managed by QST).
This research and development includes the results of research and development project of Ministry of Internal Affairs and Communications ICT priority technology (JPMI00316) ‘Research and Development for Building a Global Quantum Cryptography Communication Network’

Fujiyoshi Yasuhiro

Computer and Network Systems Laboratory
Corporate Research & Development Center
Toshiba Corporation

Since joining Toshiba, Yasuhiro Fujiyoshi has been involved in the research and development of digital broadcast receiver systems. After taking part in standardization activities for the related technologies and content protection technologies, since 2020 he has been engaged in researching, developing, and standardizing quantum key distribution network technologies.

  • The corporate names, organization names, job titles and other names and titles appearing in this article are those as of April 2022.

>> Related information

Related articles