Field test of quantum key distribution in the Tokyo QKD Network

A novel secure communication network with quantum key distribution in a metropolitan area is reported. Different QKD schemes are integrated to demonstrate secure TV conferencing over a distance of 45km, stable long-term operation, and application to secure mobile phones.Comment: 21 pages, 19 figure

Management and Control of Scalable and Resilient Next-Generation Optical Networks

Two research topics in next-generation optical networks with wavelength-division multiplexing (WDM) technologies were investigated: (1) scalability of network management and control, and (2) resilience/reliability of networks upon faults and attacks. In scalable network management, the scalability of management information for inter-domain light-path assessment was studied. The light-path assessment was formulated as a decision problem based on decision theory and probabilistic graphical models. It was found that partial information available can provide the desired performance, i.e., a small percentage of erroneous decisions can be traded off to achieve a large saving in the amount of management information. In network resilience under malicious attacks, the resilience of all-optical networks under in-band crosstalk attacks was investigated with probabilistic graphical models. Graphical models provide an explicit view of the spatial dependencies in attack propagation, as well as computationally efficient approaches, e.g., sum-product algorithm, for studying network resilience. With the proposed cross-layer model of attack propagation, key factors that affect the resilience of the network from the physical layer and the network layer were identified. In addition, analytical results on network resilience were obtained for typical topologies including ring, star, and mesh-torus networks. In network performance upon failures, traffic-based network reliability was systematically studied. First a uniform deterministic traffic at the network layer was adopted to analyze the impacts of network topology, failure dependency, and failure protection on network reliability. Then a random network layer traffic model with Poisson arrivals was applied to further investigate the effect of network layer traffic distributions on network reliability. Finally, asymptotic results of network reliability metrics with respect to arrival rate were obtained for typical network topologies under heavy load regime. The main contributions of the thesis include: (1) fundamental understandings of scalable management and resilience of next-generation optical networks with WDM technologies; and (2) the innovative application of probabilistic graphical models, an emerging approach in machine learning, to the research of communication networks.Ph.D.Committee Chair: Ji, Chuanyi; Committee Member: Chang, Gee-Kung; Committee Member: McLaughlin, Steven; Committee Member: Ralph, Stephen; Committee Member: Zegura, Elle

Field Test of Classical Symmetric Encryption with Continuous Variable Quantum Key Distribution

We report on the design and performance of a point-to-point classical symmetric encryption link with fast key renewal provided by a Continuous Variable Quantum Key Distribution (CVQKD) system. Our system was operational and able to encrypt point-to-point communications during more than six months, from the end of July 2010 until the beginning of February 2011. This field test was the first demonstration of the reliability of a CVQKD system over a long period of time in a server room environment. This strengthens the potential of CVQKD for information technology security infrastructure deployments

Automatic Intent-Based Secure Service Creation Through a Multilayer SDN Network Orchestration

Growing traffic demands and increasing security awareness are driving the need for secure services. Current solutions require manual configuration and deployment based on the customer's requirements. In this work, we present an architecture for an automatic intent-based provisioning of a secure service in a multilayer - IP, Ethernet, and optical - network while choosing the appropriate encryption layer using an open-source software-defined networking (SDN) orchestrator. The approach is experimentally evaluated in a testbed with commercial equipment. Results indicate that the processing impact of secure channel creation on a controller is negligible. As the time for setting up services over WDM varies between technologies, it needs to be taken into account in the decision-making process.Comment: Parts of the presented work has received funding from the European Commission within the H2020 Research and Innovation Programme, under grant agreeement n.645127, project ACIN

A green open access optical distribution network with incremental deployment support

This paper proposes an optical distribution network (ODN) architecture for open access networks. The proposed scheme ensures co-existence of multiple business partners (BPs) e.g., service, network equipment, and infrastructure providers at different levels of the distribution network, along with physicallayer security. Further, physical-layer isolation is provided to each subscriber, preventing network disruption by malicious subscribers. The proposed open access ODN supports BPs with different granularities (sizes) and discourages monopoly; thus, allowing multiple BPs to co-exist. It also supports incremental deployability (ID) which allows the BPs to cope with an expanding user base. Thus, small BPs can take up a market share with reasonable initial investment and grow with differential expenditures. ID further allows us to incrementally scale up the power consumption as a function of the network load, making the architecture green. The proposed ODN is based on a passive optical network (PON) architecture resulting in low operational expenditures (OpEx) and high availability. Besides a new ODN architecture, a novel architecture for the optical line terminal (OLT), based on hybrid time and wavelength-division multiplexing (TWDM), is proposed. The BPs can adopt typical TWDM, wavelength division multiplexing, or the TWDM-based OLT architecture (introduced in this paper) over the proposed ODN

Quantum-noise--randomized data-encryption for WDM fiber-optic networks

We demonstrate high-rate randomized data-encryption through optical fibers using the inherent quantum-measurement noise of coherent states of light. Specifically, we demonstrate 650Mbps data encryption through a 10Gbps data-bearing, in-line amplified 200km-long line. In our protocol, legitimate users (who share a short secret-key) communicate using an M-ry signal set while an attacker (who does not share the secret key) is forced to contend with the fundamental and irreducible quantum-measurement noise of coherent states. Implementations of our protocol using both polarization-encoded signal sets as well as polarization-insensitive phase-keyed signal sets are experimentally and theoretically evaluated. Different from the performance criteria for the cryptographic objective of key generation (quantum key-generation), one possible set of performance criteria for the cryptographic objective of data encryption is established and carefully considered.Comment: Version 2: Some errors have been corrected and arguments refined. To appear in Physical Review A. Version 3: Minor corrections to version