QKD and high-speed classical data hybrid metropolitan network

Quantum Key Distribution (QKD) is currently receiving much attention as it provides a secure source of encryption keys. Discrete-Variable QKD (DV-QKD) is possible for single photon transmission in QKD to-coexist with and encode classical wavelength division multiplexed (WDM) data with appropriate system design. Nevertheless, previous QKD field trials adopted either or both of key relay via trusted nodes and transparent link via optical switching. The former requires guaranteed physical security of the relay nodes, but can expand key distribution distance arbitrarily. The latter can realize key establishment for more users with less complexity of key management over an untrusted network. To realise the adaption of the QKD system for future high speed and long distance metropolitan world exploitation at lower cost, there has to be investigations on existing fibre infrastructures. Prior to this work, previous researches over similar distances feature extremely low secure key rates. For example, the Swiss Quantum Network between three sites displayed secure bit rates of 2.5 kbps at a fibre length of 17km. Quantum Key distribution within the 25km Cambridge Quantum Network have demonstrated the highest long-term secure key rates yet demonstrated in a field trial of at least 2.5Mb/s which is the fastest and much higher than 0.8 kbps which was reached over the similar channel loss field trial up to date. Additional field trials have been performed on the UK Quantum Network using a 66km path having 16dB loss. Combined wavelength division multiplexed 2 x 100 Gb/s traffic encrypted using QKD co-existing on the same fibres has operated for several months, with a long-term key rate of 80kb/s that is also faster than any other similar long-term QKD trial systems. In addition to this advanced commercial QKD system, there have been secure key rate analysis comparisons between laboratory fibre coils and practical field trials more than field trials only conducted before.These comparisons help to identify factors that limit future QKD network scale in both quantity and quality aspects. Also, the limit for the highest secure key rate at longest fibre length QKD in the multiplexing environment is discussed and determined in this research thesis. Nevertheless, in this thesis, improvements have been made to minimise the corresponding negative effects by investigations on the dependence of temperature have been done in order to ensure system operation environment effects. It was found from the trial results that there exists a relationship between temperature and secure key rate and further study has been done to evaluate the system sensitivity to operating temperature. Although the conventional DV-QKD system, original BB84 coding scheme, was designed to exploit the quantum properties of single photon polarization states, the trial equipment operates based upon the phase coding schemes. These coding schemes are based on the properties of interferometers and the coding is implemented by changing the relative optical path lengths or phase between the internal arms of the interferometer, while in the real transmission environment, temperature or polarization variation happens unpredictably. The existing polarisation controllers operate at relative low speed align within the interferometer, which slows to operation environment such as a punch to fibre causing phase difference. Therefore, in this project, there has been an improvement in the QKD-WDM system performance by adding an external polarization controller to minimize the Raman noise and increase the secure key rate at the longest fibre length up to date. In Summary, transmitting quantum keys over a coil of fibre in the lab differs a lot from actually putting it in the ground. This work contrasts the world fastest QKD system at the longest distance in field trials with lab fibre reels and then characterises and identifies two of the key factors, temperature and polarizations, influencing performance in practical wavelength-multiplexed secure communication systems. This is a significant step towards the coexistence of the quantum and conventional data channels on the same fibre for metropolitan networks and paves a way for an information-secure communication infrastructure

How Physicality Enables Trust: A New Era of Trust-Centered Cyberphysical Systems

Multi-agent cyberphysical systems enable new capabilities in efficiency, resilience, and security. The unique characteristics of these systems prompt a reevaluation of their security concepts, including their vulnerabilities, and mechanisms to mitigate these vulnerabilities. This survey paper examines how advancement in wireless networking, coupled with the sensing and computing in cyberphysical systems, can foster novel security capabilities. This study delves into three main themes related to securing multi-agent cyberphysical systems. First, we discuss the threats that are particularly relevant to multi-agent cyberphysical systems given the potential lack of trust between agents. Second, we present prospects for sensing, contextual awareness, and authentication, enabling the inference and measurement of ``inter-agent trust" for these systems. Third, we elaborate on the application of quantifiable trust notions to enable ``resilient coordination," where ``resilient" signifies sustained functionality amid attacks on multiagent cyberphysical systems. We refer to the capability of cyberphysical systems to self-organize, and coordinate to achieve a task as autonomy. This survey unveils the cyberphysical character of future interconnected systems as a pivotal catalyst for realizing robust, trust-centered autonomy in tomorrow's world

Asioiden Internetin tietoturva: ratkaisuja, standardeja ja avoimia ongelmia

Internet of Things (IoT) extends the Internet to our everyday objects, which enables new kind of applications and services. These IoT applications face demanding technical challenges: the number of ‘things’ or objects can be very large, they can be very con-strained devices, and may need to operate on challenging and dynamic environments. However, the architecture of today’s Internet is based on many legacy protocols and technology that were not originally designed to support features like mobility or the huge and growing number of objects the Internet consists of today. Similarly, many security features of today’s Internet are additional layers built to fill up flaws in the un-derlying design. Fulfilling new technical requirements set by IoT applications requires efficient solutions designed for the IoT use from the ground up. Moreover, the imple-mentation of this new IoT technology requires interoperability and integration with tra-ditional Internet. Due to considerable technical challenges, the security is an often over-looked aspect in the emerging new IoT technology. This thesis surveys general security requirements for the entire field of IoT applica-tions. Out of the large amount of potential applications, this thesis focuses on two major IoT application fields: wireless sensor networks and vehicular ad-hoc networks. The thesis introduces example scenarios and presents major security challenges related to these areas. The common standards related to the areas are examined in the security perspective. The thesis also examines research work beyond the area of standardization in an attempt to find solutions to unanswered security challenges. The thesis aims to give an introduction to the security challenges in the IoT world and review the state of the security research through these two major IoT areas

Unmanned Aerial Vehicle (UAV)-Enabled Wireless Communications and Networking

The emerging massive density of human-held and machine-type nodes implies larger traffic deviatiolns in the future than we are facing today. In the future, the network will be characterized by a high degree of flexibility, allowing it to adapt smoothly, autonomously, and efficiently to the quickly changing traffic demands both in time and space. This flexibility cannot be achieved when the network’s infrastructure remains static. To this end, the topic of UAVs (unmanned aerial vehicles) have enabled wireless communications, and networking has received increased attention. As mentioned above, the network must serve a massive density of nodes that can be either human-held (user devices) or machine-type nodes (sensors). If we wish to properly serve these nodes and optimize their data, a proper wireless connection is fundamental. This can be achieved by using UAV-enabled communication and networks. This Special Issue addresses the many existing issues that still exist to allow UAV-enabled wireless communications and networking to be properly rolled out

Towards Physical Layer Security for Internet of Vehicles: Interference Aware Modelling

The physical-layer security (PLS) of wireless networks has witnessed significant attention in next-generation communication systems due to its potential toward enabling protection at the signal level in dense network environments. The growing trends toward smart mobility via sensor-enabled vehicles are transforming today’s traffic environment into Internet of Vehicles (IoVs). Enabling PLS for IoVs would be a significant development considering the dense vehicular network environment in the near future. In this context, this article presents a PLS framework for a vehicular network consisting a legitimate receiver and an eavesdropper, both under the effect of interfering vehicles. The double-Rayleigh fading channel is used to capture the effect of mobility within the communication channel. The performance is analyzed in terms of the average secrecy capacity (ASC) and secrecy outage probability (SOP). We present the standard expressions for the ASC and SOP in alternative forms, to facilitate analysis in terms of the respective moment generating function (MGF) and characteristic function of the joint fading and interferer statistics. Closed-form expressions for the MGFs and characteristic functions were obtained and Monte Carlo simulations were provided to validate the results. Approximate expressions for the ASC and SOP were also provided, for easier analysis and insight into the effect of the network parameters. The results attest that the performance of the considered system was affected by the number of interfering vehicles as well as their distances. It was also demonstrated that the system performance closely correlates with the uncertainty in the eavesdropper’s vehicle location

Physical-Layer Security, Quantum Key Distribution and Post-quantum Cryptography

The growth of data-driven technologies, 5G, and the Internet place enormous pressure on underlying information infrastructure. There exist numerous proposals on how to deal with the possible capacity crunch. However, the security of both optical and wireless networks lags behind reliable and spectrally efficient transmission. Significant achievements have been made recently in the quantum computing arena. Because most conventional cryptography systems rely on computational security, which guarantees the security against an efficient eavesdropper for a limited time, with the advancement in quantum computing this security can be compromised. To solve these problems, various schemes providing perfect/unconditional security have been proposed including physical-layer security (PLS), quantum key distribution (QKD), and post-quantum cryptography. Unfortunately, it is still not clear how to integrate those different proposals with higher level cryptography schemes. So the purpose of the Special Issue entitled “Physical-Layer Security, Quantum Key Distribution and Post-quantum Cryptography” was to integrate these various approaches and enable the next generation of cryptography systems whose security cannot be broken by quantum computers. This book represents the reprint of the papers accepted for publication in the Special Issue

A Novel Cooperative Intrusion Detection System for Mobile Ad Hoc Networks

Mobile ad hoc networks (MANETs) have experienced rapid growth in their use for various military, medical, and commercial scenarios. This is due to their dynamic nature that enables the deployment of such networks, in any target environment, without the need for a pre-existing infrastructure. On the other hand, the unique characteristics of MANETs, such as the lack of central networking points, limited wireless range, and constrained resources, have made the quest for securing such networks a challenging task. A large number of studies have focused on intrusion detection systems (IDSs) as a solid line of defense against various attacks targeting the vulnerable nature of MANETs. Since cooperation between nodes is mandatory to detect complex attacks in real time, various solutions have been proposed to provide cooperative IDSs (CIDSs) in efforts to improve detection efficiency. However, all of these solutions suffer from high rates of false alarms, and they violate the constrained-bandwidth nature of MANETs. To overcome these two problems, this research presented a novel CIDS utilizing the concept of social communities and the Dempster-Shafer theory (DST) of evidence. The concept of social communities was intended to establish reliable cooperative detection reporting while consuming minimal bandwidth. On the other hand, DST targeted decreasing false accusations through honoring partial/lack of evidence obtained solely from reliable sources. Experimental evaluation of the proposed CIDS resulted in consistently high detection rates, low false alarms rates, and low bandwidth consumption. The results of this research demonstrated the viability of applying the social communities concept combined with DST in achieving high detection accuracy and minimized bandwidth consumption throughout the detection process