Cryptography Reference
In-Depth Information
4.4.1 Photonic Switching for “Untrusted Networks''
Untrusted networks employ unamplified, all-optical paths through the net-
work mesh of fibers, photonic switches, and endpoints. Thus a photon from
its source QKD endpoint proceeds, without measurement, from switch to
switch across the optical QKD network until it reaches the destination end-
point at which point it is detected. The (A1, B3) path in Figure 4.4 pro-
vides an example, though in general a path may transit multiple photonic
switches.
Untrusted QKD networks support truly end-to-end key distribution —
QKD endpoints need not share any secrets with the key distribution network
or its operators. This feature could be extremely important for highly secure
networks. Unfortunately, though, untrusted switches cannot extend the ge-
ographic reach of a QKD network. In fact, they may significantly reduce it,
since each switch adds at least a fractional dB insertion loss along the photonic
path. In addition, it will also prove difficult in practice to employ a variety
of transmission media within an untrusted network, since a single frequency
or modulation technique may not work well along a composite path that
includes both fiber and free-space links.
4.4.2 Key Relay for “Trusted Networks''
After a set of QKD nodes have established pairwise agreed-to keys along an
end-to-end path between two QKD endpoints — e.g., (A1, A4) in Figure 4.4 —
they may employ these key pairs to relay securely a key “hop by hop” from
one endpoint to another, being one-time-pad encrypted and decrypted with
each pairwise key as it proceeds from one relay to the next. In this approach,
the end-to-end key will appear in the clear within the relays' memories proper
but will always be encrypted when passing across a link.
Key relays bring important benefits but are not a panacea. They can extend
the geographic reach of a network secured by quantum cryptography, since
wide-area networks can be created by a series of point-to-point links bridged
by active relays. Furthermore, links can employ heterogeneous transmission
media, i.e., some may be through fiber while others are free-space. Thus in the-
ory such a network could provide fully global coverage. However, QKD key
relays must be
trusted
. Since keying material and — directly or indirectly —
message traffic are available in the clear in the relays' memories, these relays
must not fall into an adversary's hands. They need to be in physically secured
locations and perhaps guarded if the traffic is truly important. In addition,
all users in the system must trust the network (and the network's operators)
with all keys to their message traffic.
4.4.3 The Major Benefits of QKD Networks
Table 4.2 summarizes the major benefits that QKD networks bring to tradi-
tional, stand-alone QKD links.
