Toshiba Digital Solutions and SoftBank Corp.
Successfully Complete Field Experiment of IPsec QKD-VPN

September 20, 2023
Toshiba Digital Solutions Corporation
SoftBank Corp.

Toshiba Digital Solutions Corporation (“Toshiba Digital Solutions”) and SoftBank Corp. (“SoftBank”) announced they started collaborating to realize a Quantum Secure Network for Beyond5G/6G, and successfully completed a field experiment for inter-site communication with a QKD (Quantum Key Distribution) and VPN (Virtual Private Network) connection. 

■Background
In the era of Beyond 5G/6G, communication networks are evolving to become an integral part of social infrastructure, requiring even stronger security measures than ever before. The cryptographic technologies currently used in the Internet undergo generational changes approximately every 10 years, and by the end of 2030, it is expected that some of the current cryptographic technologies, such as RSA2048, will reach the end of their security lifespan. Consequently, research on securing communication is underway globally, and SoftBank has been actively engaging in efforts toward the practical implementation of Post Quantum Cryptography (PQC), a new cryptographic technology that is resistant to decryption even by quantum computers.

In addition to PQC, there is another future technology called QKD, which is a quantum cryptographic technology. QKD applies principles based on quantum mechanics to establish a shared secret key (referred to as the "symmetric key") between the transmitting and receiving ends of a communication. The information required to generate the symmetric key is transmitted on photons (particles of light). By encrypting data using the symmetric key generated through QKD and utilizing the One Time Pad (OTP) method, which uses the symmetric key only once, it is possible to achieve information-theoretically secure communication. However, when using the OTP method with QKD, there is a challenge of depleting the symmetric key when conducting large-scale data communication.

Furthermore, for end-to-end communication to be encrypted using QKD, all devices need to be QKD compatible. However, rather than making all devices QKD compatible, SoftBank expects encrypting inter-site communications with QKD using a VPN would accelerate social implementation.

For more information about SoftBank's research efforts on PQC, please visit our website at
“https://www.softbank.jp/en/corp/news/press/sbkk/2023/20230228_01/”.


■Field Experiment
SoftBank and Toshiba Digital Solutions successfully built an inter-site QKD-VPN in a real-world environment by implementing a QKD system that utilizes Toshiba's proprietary technology for accelerated key generation, along with a QKD-compatible VPN router developed by Fortinet on SoftBank's network.

In the experiment, SoftBank connected its headquarters with one of its data centers in Tokyo (approximately 16km fiber distance) using existing optical fibers. QKD systems and QKD-compatible VPN routers were installed at each site to configure an IPsec (Security Architecture for Internet Protocol) VPN using quantum cryptographic technology.

In a typical configuration, where the QKD system connects sites, each of the devices (servers, computers, etc.) that perform encrypted communication has to obtain a cryptographic key from the QKD system. However, this proof-of-concept setup conceals the QKD system within the VPN, enabling devices connected to routers to use QKD for encrypted communications without directly detecting the system. In addition, using keys generated through QKD as symmetric keys for the Advanced Encryption Standard (AES) used in iPsec achieved high-speed encrypted communications. 

This field experiment was conducted using the QKD-compatible VPN router, FortiGate.

“We are delighted that SoftBank and Toshiba Digital Solutions, have achieved success using our FortiGate in their QKD communication proof-of-concept experiment,” said Kazunori Yozawa, Japan Country Manager, Fortinet Japan G.K. “As the rise of quantum computing increases the risks of using public-key cryptography like RSA, we recognize QKD as a technology in which we, as a cybersecurity company, should take an active interest. We believe the Beyond 5G/6G era will give rise to new smart infrastructure and means of production that will need protection against cyberattack, so we at Fortinet stand behind and together with SoftBank and Toshiba Digital Solutions as they work to bring QKD to market and cyberattack-proof the society of tomorrow.”

SoftBank and Toshiba Digital Solutions aim to further improve and develop quantum cryptographic technologies based on the insights gained from this successful proof-of-concept experiment.

■Key Highlights
・Compromise of RSA2048
Many of today's communication networks rely on cryptographic techniques such as public-key cryptography (such as RSA and elliptic curve cryptography) and symmetric-key cryptography (such as AES and DES) to ensure high levels of security and confidentiality for communication. However, cryptographic technologies undergo generational changes approximately every 10 years, and it is predicted that by the end of 2030, some of the currently used cryptographic technologies, including RSA2048, will reach the end of their security lifespan. 

In addition, the development of quantum computers, which is progressing worldwide, poses a potential threat to public-key cryptography. Quantum computers have the capability to break commonly used public-key cryptosystems, such as RSA and elliptic curve cryptography, jeopardizing the confidentiality of communication. The development of post-quantum cryptographic technologies, such as Post Quantum Cryptography (PQC), is crucial to ensure secure communication in the face of these emerging threats.

・About QKD
QKD is a technology for generating shared cryptographic keys by applying the principles of quantum mechanics. Light, when its intensity is weakened, exhibits not only wave-like properties but also "particle-like" behavior. These particles of light are called "photons." According to the "uncertainty principle" ^*1 and the "no-cloning theorem," ^*2 it is impossible to duplicate photons no matter how the technology progress.
Utilizing this principle, the information for generating shared cryptographic keys is transmitted on these photons to the intended recipient during communication, eavesdropping along the communication path must be detected ^*3. The shared cryptographic keys generated based on this protocol are guaranteed to be secure, as they have not been intercepted by anyone.

1. The principle in quantum mechanics states that it is impossible to simultaneously determine with complete precision certain pairs of physical properties, such as position and momentum, or time and energy, for a single particle.
2. The theorem in quantum mechanics states that it is impossible to create an exact copy of an unknown quantum state.
3. When someone eavesdropped, the photon state changes and eventually detected error.

・About OTP（One Time Pad）
One-Time Pad (OTP) is a stream cipher that consumes a key of the same size as the data being encrypted. Therefore, the speed of generating shared keys becomes crucial. If all data communication is encrypted using only the OTP method, there is a possibility that the key generation through QKD may not keep pace.

・About AES（Advanced Encryption Standard）
The currently widely used symmetric-key encryption method globally is considered to have a certain level of resilience against quantum computers. SoftBank adopts AES to QKD and implements measures such as increasing the frequency of updating the symmetric keys used by AES to enhance security. By doing so, it enables encrypted communication of large volumes of data while still harnessing the advantages of QKD. SoftBank believes this approach allows for broader implementation of the technology while maximizing its benefits.

・Toshiba's proprietary technology
The Toshiba Group has significantly improved the key generation speed by employing its proprietary photon detection method and accelerating large-scale computations for shared key generation.
For more information about Toshiba's technology, please visit the website at
” https://www.global.toshiba/jp/products-solutions/security-ict/qkd/why.html”

• SoftBank, the SoftBank name and logo are registered trademarks or trademarks of SoftBank Group Corp. in Japan and other countries.
•  Other company, product and service names in this press release are registered trademarks or trademarks of the respective companies.