Cryptography Reference
In-Depth Information
network, they can perform QKD protocols in order to derive key material,
and once they have agreed upon these keys, they can use the Internet to
communicate between themselves securely.
Figure 4.11(C) shows a path used for key relay from S to D, as darkened
lines across the key relay network, and the resultant pairs of QKD key material
at the right. One QKD-derived key is shared between S and R1; this key is
denoted K(S,R1). Likewise K(R1,R2) denotes the pairwise key shared between
relay nodes R1 and R2, and so forth. Once all these pairwise keys are in place,
S and D can easily derive their own end-to-end shared secret key by key relay.
One obvious means is for node S to create a new random number R, protect
this number R by K(S,R1), and transmit the result to R1. Node R1 can then
decrypt this message to obtain R itself and re-encrypt it by K(R1, R2) to send
it onwards to R2, who can in turn repeat the process, and so forth, until it
has been relayed all the way to D. At this point, both S and D know the same
secret random sequence, R, and can use this shared value as key material.
Finally, Figure 4.11(D) shows that the BBN key relay protocols can au-
tomatically discover failures along the key relay path — whether due to cut
fiber or eavesdropping — and route the key material around these failures.
4.9 Future Plans
Our near-term plans call for augmenting the DARPA Quantum Network with
four new QKD nodes, one pair based on entangled photons in fiber and the
other on polarized photons in a free-space channel.
The entangled link's optical subsystem has been designed and shaken
down by Boston University and is now resident at BBN's laboratory. All
electronics and software have been built. Once the entangled system is
fully operational, we will tie it via key relay into the overall DARPA
Quantum Network.
The free-space link will be based on polarization modulation of faint laser
pulses at visible wavelengths. The transmitter will contain four lasers,
one for each polarization basis and value, which pulse according to
externally supplied random signals; the receiver will perform passive
random splitting via a 50/50 coupler. This link will also be woven into
the DARPA Quantum Network when operational.
4.10 Summary
The DARPA Quantum Network has married a variety of QKD techniques
to well-established Internet technology in order to build a secure key dis-
tribution system that can be employed in conjunction with the public
Internet or, more likely, with private networks based on the Internet pro-
tocol suite. Such private networks are currently in widespread use around
the world with customers who desire secure and private communications,
