Quantum Key Distribution for enterprise, government and telco production environments
Quantum Key Distribution (QKD) is a technology that exploits a principle of quantum physics – observation causes perturbation – to exchange cryptographic keys over optical fibre networks with provable security.
The principle of QKD is quite straightforward. According to quantum physics, the mere fact of observing a quantum object perturbs it in an irreparable way. Therefore, if one encodes the value of a digital bit on a single quantum object, a qubit, its interception will necessarily translate into a perturbation. This perturbation causes errors in the sequence of bits exchanged by the sender and recipient. By checking for the presence of such errors, the two parties can verify whether an eavesdropper was able to gain information on their key. QKD is used to generate two identical secure keys on the two ends of the channel. A Quantum Random Number Generator (QRNG) embedded in the QKD system guarantees that keys are produced in an absolute random way. Once the key exchange is validated, the keys can be used to encrypt data.
QKD – Also known as quantum cryptography – is the only known cryptographic technique, which can ensure quantum-safe security today. With QKD, encrypted messages will remain confidential against the power of a quantum computer. The design and realisation of a multipurpose quantum computer, which will be able to break existing public-key cryptography, remains a challenge. However, recent progress in this field means that governments, standards bodies and industries are starting to mandate quantum-safe encryption methods. The era of post-quantum cryptography, where cryptographic methods will have to be resilient to quantum computer, has already begun.
The Cerberis XG is IDQ’s 4th generation of QKD systems, based on 20 years of experience in the development and commercialization of quantum-based products. It can interface with link encryptors from major vendors. The Cerberis XG meets all requirements for an easy integration in any data center. Its compact 19’’ rackmount 1U size offers the highest integration of QKD technology available in the market today. All the necessary key management, monitoring and administration functions are embedded in the chassis to perform quantum key generation and distribution over a quantum channel with a transmitter (Alice) on one end and a receiver (Bob) on the other end. It answers high availability requirements thanks to dual redundant power supply, hot swap battery and fans module, key buffering, and alerting and monitoring functions.
Quantum communications are done over a standard optical fiber leading to easy installation and maintenance and minimized total cost-of-ownership. All optical channels are compatible with the ITU recommendation for Dense-Wavelength-Division-Multiplexing (DWDM). To maximize the distance between nodes, operation of the quantum channel over a dark fiber is recommended. However, channel multiplexing over a single core can be performed with quantum channel around 1310 nm (O-band) whenever fiber resources are scarce.
Cerberis XG systems can be deployed in any network configurations including point-to-point, relay for longer distances, ring or star topologies. At each QKD network node, an embedded Key Management System (KMS) software arbitrates the key distribution between QKD and key consumers and performs add/drop or forward functions depending on the recipient’s location.
In addition, our Quantum Management System (QMS) provides a single Management and Monitoring platform for all QKD products and components. It reduces the time and effort to manage large and complex QKD Network.