KaaS: Key as a Service over Quantum Key Distribution Integrated Optical Networks

In the Internet Age, optical networks are vulnerable to numerous cyberattacks, and conventional key distribution methods suffer from the increased computational power. QKD can distribute information-theoretically secure secret keys between two parties based on the principles of quantum mechanics. Integrating QKD into optical networks can leverage existing fiber infrastructures with wavelength division multiplexing for the practical deployment of secret keys, and accordingly employ the secret keys for optical-layer security enhancement. Then, how to efficiently deploy and employ secret keys over QKD-integrated optical networks are emerging as two challenges. This article proposes a framework of key as a service (KaaS, i.e., providing secret keys as a service in a timely and accurate manner to satisfy the security requirements) to jointly overcome these two challenges. To enable the typical functions (i.e., secret-key deployment and employment) in KaaS, two secret-key virtualization steps, that is, key pool (KP) assembly and virtual key pool (VKP) assembly, are introduced. Also, we illustrate a new QKD-integrated optical network architecture from a holistic view, where the control layer is implemented by software defined networking for efficient network management. A time-shared KP assembly strategy and an on-demand VKP assembly strategy are presented for KaaS implementation. The success probabilities of KP assembly and VKP assembly are defined to evaluate the benefits of KaaS for efficiently deploying and employing secret keys as well as for security enhancement over QKD-integrated optical networks.

[1]  Yongli Zhao,et al.  Time-Scheduled Quantum Key Distribution (QKD) Over WDM Networks , 2018, Journal of Lightwave Technology.

[2]  Andrew J. Shields,et al.  Long-distance quantum key distribution secure against coherent attacks , 2017 .

[3]  Yongli Zhao,et al.  Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD). , 2017, Optics express.

[4]  M. Curty,et al.  Secure quantum key distribution , 2014, Nature Photonics.

[5]  Qiang Zhang,et al.  Integrating quantum key distribution with classical communications in backbone fiber network. , 2017, Optics express.

[6]  Maxim Kuschnerov,et al.  Toward the Integration of CV Quantum Key Distribution in Deployed Optical Networks , 2018, IEEE Photonics Technology Letters.

[7]  Zsigmond Szilárd,et al.  Physical-layer security in evolving optical networks , 2016, IEEE Communications Magazine.

[8]  John G. Rarity,et al.  Secure NFV Orchestration Over an SDN-Controlled Optical Network With Time-Shared Quantum Key Distribution Resources , 2016, Journal of Lightwave Technology.

[9]  Hung Viet Nguyen,et al.  A Survey on Quantum Channel Capacities , 2018, IEEE Communications Surveys & Tutorials.

[10]  Siya Xu,et al.  Fiber-Wireless Network Virtual Resource Embedding Method Based on Load Balancing and Priority , 2018, IEEE Access.

[11]  J. F. Dynes,et al.  Overcoming the rate–distance limit of quantum key distribution without quantum repeaters , 2018, Nature.

[12]  H. Weinfurter,et al.  The SECOQC quantum key distribution network in Vienna , 2009, 2009 35th European Conference on Optical Communication.

[13]  Jian-Wei Pan,et al.  Long-distance copropagation of quantum key distribution and terabit classical optical data channels , 2016, 1610.04475.

[14]  Florian Hipp,et al.  Perspectives and limitations of QKD integration in metropolitan area networks. , 2015, Optics express.