The Engineering of a Scalable Multi-Site Communications System Utilizing …€¦ · ·...
Transcript of The Engineering of a Scalable Multi-Site Communications System Utilizing …€¦ · ·...
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
Presented by: Dr. Piotr (Peter) Tysowski E-mail: [email protected]
September 15, 2017 ETSI / IQC Quantum Safe Workshop London, England
2
We have been researching how to practically enable quantum-safe and scalable communication in a real-world context
Project Background
• Overall goal is to show the feasibility of integrating Quantum Key Distribution (QKD) technology with a classical enterprise-level communication network
• Engaged multidisciplinary team of researchers at IQC since 2016
In collaboration with:
Dr. Piotr (Peter) Tysowski Dr. Xinhua (Frank) Ling Prof. Norbert Lütkenhaus Prof. Michele Mosca
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
Design Project Team
National Research Council Canada
There is a real need for a quantum-safe multi-site secure communications network for use by industry and government
3
Requirements of a Secure Multi-Site Communications Network
• A metropolitan network requires highly scalability and reliability:
• Must permit quantum-safe communication between arbitrary users of any connected sites
• A metropolitan network may consist of dozens of sites, with each containing thousands of hosts
• Sites may not be fully connected
Multi-Site Network
Sites
Fibre-Optic Links
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
QKD is effective at countering the threat of quantum computers, but QKD in itself is only a point-to-point technology
4
Basic Principles of QKD
• Establishes information-theoretically secure keys based on laws of quantum physics
• Resistant to attack even by quantum computers
• Key generation rate dependent on length of channel
Alice BobQuantum Channel
Authenticated Classical Channel
QKD Transmitter QKD Receiver
QKD Setup
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
Dedicatedfibre
channelSwitch
Multiplexer
Hosts
Pairwise Site Communication
• High user populations • Heterogeneous hosts • Constantly-changing demand • Multiplexed fibre channel
Integrate into Pairwise Sites
We have designed a system for enterprise-level sites to securely communicate in a large metropolitan network
5
Network Model
• Multiple communicating sites comprise a metropolitan network
• Key generation occurs using QKD technology over quantum channels connecting pairs of sites
• A scalable Key Management Service (KMS) issues session keys from generated quantum key material to communicating hosts
• Hosts can securely communicate over a conventional network using TCP/IP channels
Multi-Site Network
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
Quantum network
Classical network
6
relies onrelies on
supp
orts
supp
orts
QKD Link Layer(QLL)
QKD Network Layer (QNL)
Key Mgmt. ServiceLayer(KMS)
Host Layer*
We have designed a scalable enterprise-level QKD-based system that enables secure multi-site communication
Key Contributions from Our Work
• System design that is compatible with various QKD technologies
• Scalable service to support enterprise-level secure traffic
• Full protocol stack in layered architectural style with well-defined interfaces across layers
• Technology-independent design • Compatible with standards
(including TLS, Kerberos, KMIP) • Quantum key generation system
that dynamically adapts to changes in demand and infrastructure
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
Full Protocol Stack
The Service Layer contains a KMS (Key Management Service) that issues quantum-generated keys to hosts on request
7
KMS Functions and Interfaces
Host Interface
QKD Network Layer Interface
Key Management
Quantum Key Pool
Policy Engine
Session Key Construction Key Database Policy
Database
KMS Peer Interface
Key Status Policy InjectionSession Key Assignment
Key Request Error Handling
Remote Pool Sync.
Policy Enforcement
Remote KMS Coordination
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
SiteA SiteB
HostinApplication
Layer
HostinApplication
Layer
QKDNetworkLayer
• Session request• Keyhint• Secureuserdata
• Setupofpools• Synchronization
QKDNetworkLayer
KMS
QuantumKeyPool
KMS
QuantumKeyPool
Detailed view
• Quantum-generatedkeymaterial
• Session keyissuance
Alice Bob
The KMS issues session keys from the key pool. As dictated by the policy, it makes an appropriate
response when it is nearly exhausted.
The KMS issues keys to hosts using a generic protocol or one that is fully integrated with TLS or Kerberos
8
Site AAlice KMS Policy
EngineSite BPolicy
Engine KMS Bob
Local Session Key Request Check Policy
Policy ConstraintsLocal Session Key Grant
Remote Session Key Negotiation (Host-to-Host)
Remote Session Key RequestCheck Policy
Policy Constraints Remote Session Key Grant
Remote Session Key Confirmation
Encrypted Communication using Session Key
1
2
3
4
5
6
7 7
Alice obtains the quantum key from pool
Key Negotiation
Protocol
Bob obtains the quantum key from pool
Alice sends key selection info to Bob
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
The QNL (QKD Network Layer) provides quantum key material to the KMS based on optimized key generation in the network
9
QKD Network Layer Functions
Extends QKD from point-to-point links to a network • Generates quantum key material for every pair of nodes • Routes and relays key material via trusted nodes • Responds to demand dynamics with scheduling
InterfacetoKMS
KeyGenMsgFunction
QKDRoutingFunction
SchedulingFunction
InterfacetoQKDLinkLayer
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
QKD
QKD QKD
QKD
QKD
A
B C
D
E
CAB
CBC
CCD
CDECAE
Link Capacities
Trusted Sites (Nodes) Network Flow Optimization
• Based on pairwise key needs, allocates key generation workloads in the system to best utilize available capacity and constrain costs
• Routes along multiple paths of trusted nodes if needed
Encrypted pairwise keys
The QLL (QKD Link Layer) produces raw quantum key bits over each link by executing a QKD key generation protocol
10
Main QKD Link Layer Functions
Establish quantum key material between connected node pairs and provide it to the QNL: • Expose switching/addressing functionality to the QNL • Utilize existing infrastructure and shared resources
(multiplexing QKD and classical traffic, optical switching)
Multiple Useful QKD Link Technologies
A plethora of protocols and platforms: • Different complexities, key rates, robustness • Metropolitan distances over fibre, free-space links • Long distances over quantum repeaters, satellites
Fibre-link QKD Free-space QKD (ground, aircraft, satellite)
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
Interface
11
QKD augments the conventional QRA (Quantum Resistant Algorithms) ecosystem to provide robust security for users
QKD
QRACombined (QKD+QRA)session key
2
1
A Possible Key Construction Strategy in the KMS
• Theoretically most secure but requires special hardware and has limited key rate over long distance
• Not suitable as one-time pad in enterprise setting, but can contribute to creation of session keys
QKD (Quantum Key Distribution)
• Produces keys inexpensively with new algorithms, requires no new infrastructure, works with public keys
• Active research area and long road ahead to build confidence in primitives and implementations
QRA (Quantum Resistant Algorithms)
QRA authenticates the QKD channel viaPKI (Public Key Infrastructure)
QRA generates a session key, and QKD generates another
The QRA and QKD keys are combined; the attacker needs to break both
2
21
Key generation
Key generation
Authentication
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
We have demonstrated host-to-host secure communication using QKD over a multiplexed (shared) fibre-optic link
12
Overview of Demonstration
• ID Quantique (IDQ) Clavis 3 QKD devices • QKD @1310nm multiplexed with classical @1550 nm over 13 km fibre optic lines • Classical traffic produced/managed by enterprise-scale Cisco15454 equipment • QKD generated keys were used to secure a TLS session
Alice Bob
Fibre spools
Clavis 3 QKD devices
Cisco 15454
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
Dr. Brendon Higgins, Dr. Jean-Philippe Bourgoin, Shravan Mishra, Prof. Thomas Jennewein Demo Project Team
We have identified lessons and success factors for designing and implementing a QKD-based system in the future
13
Myriad of still-evolving technologies
Challenges Lessons Learned
• Generic technology-agnostic framework • Run the system as services with plug-and-play layers
Limited key generation rate • Security levels dictate key consumption • Dynamic key pool sizing to satisfy peak demand
Communication across entire network • Intermediate nodes assist with key generation • Real-time network monitoring and intelligence
Constantly-changing demand for keys • Real-time monitoring of host demand • Continuous and on-demand key generation
Switching cost to QKD technology• Integrate with existing security protocols and standards • Share resources with existing infrastructure
The Engineering of a Scalable Multi-Site Communications System Utilizing QKD
1
2
3
4
5