Resource Allocation in Optical Networks Secured by Quantum Key Distribution

Optical network security is attracting increasing research attention, as loss of confidentiality of data transferred through an optical network could impact a huge number of users and services. Data encryption is an effective way to enhance optical network security. In particular, QKD is being investigated as a secure mechanism to provide keys for data encryption at the endpoints of an optical network. In a QKD-enabled optical network, apart from TDChs, two additional channels, called QSChs and PIChs, are required to support secure key synchronization. How to allocate network resources to QSChs, PIChs, and TDChs is emerging as a novel problem for the design of a security-guaranteed optical network. This article addresses the resource allocation problem in optical networks secured by QKD. We first discuss a possible architecture for a QKD-enabled optical network, where an SDN controller is in charge of allocating the three types of channels (TDCh, QSCh, and PICh) over different wavelengths exploiting WDM. To save wavelength resources, we propose to adopt OTDM to allocate multiple QSChs and PIChs over the same wavelength. An RWTA algorithm is designed to allocate wavelength and time slot resources for the three types of channels. Different security levels are included in the RWTA algorithm by considering different key updating periods (i.e., the period after which the secure key between two endpoints has to be updated). Illustrative simulation results show the effects of different security-level configuration schemes on resource allocation

Multi-Tenant Provisioning for Quantum Key Distribution Networks with Heuristics and Reinforcement Learning: A Comparative Study

Quantum key distribution (QKD) networks are potential to be widely deployed in the immediate future to provide long-term security for data communications. Given the high price and complexity, multi-tenancy has become a cost-effective pattern for QKD network operations. In this work, we concentrate on addressing the online multi-tenant provisioning (On-MTP) problem for QKD networks, where multiple tenant requests (TRs) arrive dynamically. On-MTP involves scheduling multiple TRs and assigning non-reusable secret keys derived from a QKD network to multiple TRs, where each TR can be regarded as a high-security-demand organization with the dedicated secret-key demand. The quantum key pools (QKPs) are constructed over QKD network infrastructure to improve management efficiency for secret keys. We model the secret-key resources for QKPs and the secret-key demands of TRs using distinct images. To realize efficient On-MTP, we perform a comparative study of heuristics and reinforcement learning (RL) based On-MTP solutions, where three heuristics (i.e., random, fit, and best-fit based On-MTP algorithms) are presented and a RL framework is introduced to realize automatic training of an On-MTP algorithm. The comparative results indicate that with sufficient training iterations the RL-based On-MTP algorithm significantly outperforms the presented heuristics in terms of tenant-request blocking probability and secret-key resource utilization

Multipoint-Interconnected Quantum Communication Networks

As quantum computers with sufficient computational power are becoming mature, the security of classical communication and cryptography may compromise, which is based on the mathematical complexity. Quantum communication technology is a promising solution to secure communication based on quantum mechanics. To meet the secure communication requirements of multiple users, multipoint-interconnected quantum communication networks are specified, including quantum key distribution networks and quantum teleportation networks. The enabling technologies for quantum communication are the important bases for multipoint-interconnected quantum communication networks. To achieve the better connection, resource utilization, and resilience of multipoint-interconnected quantum communication networks, the efficient network architecture and optimization methods are summarized, and open issues in quantum communication networks are discussed

End-to-end Quantum Secured Inter-Domain 5G Service Orchestration Over Dynamically Switched Flex-Grid Optical Networks Enabled by a q-ROADM

Dynamic and flexible optical networking enabled by NFV and SDN are the key technology enablers for supporting the dynamicity and bandwidth requirements of emerging 5G network services. To achieve the objective of 5G, Network Services (NSes) must be often deployed transparently over multiple administrative and technological domains. Such case often presents security risks since a typical NS may comprise a chain of network functions, each executed in different remote locations, and tampering within the network infrastructure may compromise their communication. To avoid such threats, QKD has been identified and proposed as a future-proof method immune to any algorithmic cryptanalysis based on quantum-physics mechanisms. The maturity of QKD has enabled the R&D of quantum networks coexisting with optical networks using telecom equipment. This makes the QKD a suitable candidate for the security of distributed and virtualised network services. In this paper, for the first time, we propose a dynamic quantum-secured optical network for supporting network services that are dynamically created by chaining VNF over multiple network domains. This work includes a new quantum-ROADM, extensions to SDN-enabled optical control plane, and extensions to NFV orchestration to achieve quantum-aware, on-demand chaining of VNFs. The experimental results verify the capability of routing quantum and classical data channels both individually and dynamically over shared fibre links. Moreover, quantum secured chaining of VNFs in 5G networks is experimentally demonstrated via interconnecting four autonomous 5G islands simultaneously through the q-ROADM with eight optical channels using the 5GUK Exchange orchestration platform. The experimental scenarios and results confirm the benefit of the proposed data plane architecture and control/management plane framework

Quantum key distribution: A networking perspective

The convergence of quantum cryptography with applications used in everyday life is a topic drawing attention from the industrial and academic worlds. The development of quantum electronics has led to the practical achievement of quantum devices that are already available on the market and waiting for their first application on a broader scale. A major aspect of quantum cryptography is the methodology of Quantum Key Distribution (QKD), which is used to generate and distribute symmetric cryptographic keys between two geographically separate users using the principles of quantum physics. In previous years, several successful QKD networks have been created to test the implementation and interoperability of different practical solutions. This article surveys previously applied methods, showing techniques for deploying QKD networks and current challenges of QKD networking. Unlike studies focusing on optical channels and optical equipment, this survey focuses on the network aspect by considering network organization, routing and signaling protocols, simulation techniques, and a software-defined QKD networking approach.Web of Science535art. no. 9

Quantum Computing and Communications

This book explains the concepts and basic mathematics of quantum computing and communication. Chapters cover such topics as quantum algorithms, photonic implementations of discrete-time quantum walks, how to build a quantum computer, and quantum key distribution and teleportation, among others