6,706 research outputs found
Quantum Cryptography in Practice
BBN, Harvard, and Boston University are building the DARPA Quantum Network,
the world's first network that delivers end-to-end network security via
high-speed Quantum Key Distribution, and testing that Network against
sophisticated eavesdropping attacks. The first network link has been up and
steadily operational in our laboratory since December 2002. It provides a
Virtual Private Network between private enclaves, with user traffic protected
by a weak-coherent implementation of quantum cryptography. This prototype is
suitable for deployment in metro-size areas via standard telecom (dark) fiber.
In this paper, we introduce quantum cryptography, discuss its relation to
modern secure networks, and describe its unusual physical layer, its
specialized quantum cryptographic protocol suite (quite interesting in its own
right), and our extensions to IPsec to integrate it with quantum cryptography.Comment: Preprint of SIGCOMM 2003 pape
Metropolitan all-pass and inter-city quantum communication network
We have demonstrated a metropolitan all-pass quantum communication network in
field fiber for four nodes. Any two nodes of them can be connected in the
network to perform quantum key distribution (QKD). An optical switching module
is presented that enables arbitrary 2-connectivity among output ports.
Integrated QKD terminals are worked out, which can operate either as a
transmitter, a receiver, or even both at the same time. Furthermore, an
additional link in another city of 60 km fiber (up to 130 km) is seamless
integrated into this network based on a trusted relay architecture. On all the
links, we have implemented protocol of decoy state scheme. All of necessary
electrical hardware, synchronization, feedback control, network software,
execution of QKD protocols are made by tailored designing, which allow a
completely automatical and stable running. Our system has been put into
operation in Hefei in August 2009, and publicly demonstrated during an
evaluation conference on quantum network organized by the Chinese Academy of
Sciences on August 29, 2009. Real-time voice telephone with one-time pad
encoding between any two of the five nodes (four all-pass nodes plus one
additional node through relay) is successfully established in the network
within 60km.Comment: 9 pages, 2 figures, 2 table
ANCHOR: logically-centralized security for Software-Defined Networks
While the centralization of SDN brought advantages such as a faster pace of
innovation, it also disrupted some of the natural defenses of traditional
architectures against different threats. The literature on SDN has mostly been
concerned with the functional side, despite some specific works concerning
non-functional properties like 'security' or 'dependability'. Though addressing
the latter in an ad-hoc, piecemeal way, may work, it will most likely lead to
efficiency and effectiveness problems. We claim that the enforcement of
non-functional properties as a pillar of SDN robustness calls for a systemic
approach. As a general concept, we propose ANCHOR, a subsystem architecture
that promotes the logical centralization of non-functional properties. To show
the effectiveness of the concept, we focus on 'security' in this paper: we
identify the current security gaps in SDNs and we populate the architecture
middleware with the appropriate security mechanisms, in a global and consistent
manner. Essential security mechanisms provided by anchor include reliable
entropy and resilient pseudo-random generators, and protocols for secure
registration and association of SDN devices. We claim and justify in the paper
that centralizing such mechanisms is key for their effectiveness, by allowing
us to: define and enforce global policies for those properties; reduce the
complexity of controllers and forwarding devices; ensure higher levels of
robustness for critical services; foster interoperability of the non-functional
property enforcement mechanisms; and promote the security and resilience of the
architecture itself. We discuss design and implementation aspects, and we prove
and evaluate our algorithms and mechanisms, including the formalisation of the
main protocols and the verification of their core security properties using the
Tamarin prover.Comment: 42 pages, 4 figures, 3 tables, 5 algorithms, 139 reference
Field test of quantum key distribution in the Tokyo QKD Network
A novel secure communication network with quantum key distribution in a
metropolitan area is reported. Different QKD schemes are integrated to
demonstrate secure TV conferencing over a distance of 45km, stable long-term
operation, and application to secure mobile phones.Comment: 21 pages, 19 figure
- âŠ