Cryptography Reference
In-Depth Information
system and provide key material to its indigenous Internet key exchange (IKE)
daemon for use in cryptographically protecting Internet traffic via standard
IPSec protocols and algorithms. See [7] for a more detailed discussion of this
implementation and how QKD interacts with IKE and IPsec.
BBN's QKD protocol stack is an industrial-strength implementation writ-
ten in the C programming language for ready portability to embedded real-
time systems. At present, all protocol control messages are conveyed in IP
datagrams so that control traffic can be conveyed via the Internet. However,
the control messages could be ported to use other forms of communications
quite easily, e.g., ATM networks or dedicated channels.
Two aspects of BBN's QKD protocol stack deserve special mention. First,
it implements a complete suite of QKD protocols. In fact, it implements mul-
tiple “plug compatible” versions of some functions, as shown in Figure 4.8;
for instance, it provides both the traditional sifting protocol and the newer
Geneva-style sifting [4].
∗
It also provides a choice of entropy estimation func-
tions. We expect to add additional options and variants as they are developed.
Second, BBN's QKD protocols have been carefully designed to make it as easy
as possible to plug in other QKD systems, i.e., to facilitate the introduction
of QKD links from other research teams into the overall DARPA Quantum
Network.
4.7 Photonic Switching for Untrusted
Networks
The DARPA Quantum Network currently consists of two transmitters, Al-
ice and Anna, and two compatible receivers, Bob and Boris, interconnected
through their key transmission link by a 2
2 optical switch. In this config-
uration, either transmitter can directly negotiate a mutual key with either
receiver. The switch must be optically passive so that the quantum state of
the photons that encode key bits is not disturbed.
Figure 4.9 depicts the fiber-based portion of the current network dia-
gram. Here all four QKD endpoints are connected through a conventional
2
×
2 optical switch. At one switch position, Alice is connected to Bob, and
Anna to Boris. At the other, Alice is connected to Boris, and Anna to
Bob. At present the switch controller changes this connectivity on a
periodic basis, e.g., every 15 minutes. Immediately after the switch setting
is changed, the receivers autonomously discover that they are receiving pho-
tons from a new transmitter, and they realign their Mach-Zehnder interfer-
ometers to match the transmitter's interferometer. Then they begin to de-
velop new key material by performing the BBN QKD protocols with this new
transmitter.
×
∗
For some time, we ran traditional sifting during weekdays and Geneva sifting over
the weekends to gain realistic experience with both.
