Multipurpose entanglement-based quantum networks are integrated with existing classical networks for Quantum Secure Communication. This article discusses integration of these networks at the physical layer. For more detailed information on integrating quantum and classical networks at the physical layer, application layer, and the control / management / orchestration layers please see the on-demand webinar How to Integrate a Quantum Network with Your Existing Network.
Quantum networks can be used for a variety of applications: clustered quantum computing, distributed quantum computing (also known as the quantum Internet), distributed quantum sensing, and Quantum Secure Communications.
The most well-known application of quantum networks is Quantum Secure Communications, and this use case is the focus throughout this article. Quantum Secure Communication addresses the problem posed by Q-Day, in which existing encryption protocols such as RSA and Diffie Hellman will be broken by quantum computers capable of implementing Shor's algorithm. Quantum Secure Communication (QSC) refers to the entanglement-based successor to Quantum Key Distribution (QKD) that addresses the weaknesses of QKD.
Quantum Secure Communication uses entanglement-based protocols such as E91 and BBM92 that have been studied for many decades, are well understood, and that have security proofs. However, instead of using unsecure trusted relay nodes as QKD does, Quantum Secure Communication uses secure quantum repeaters. Once a quantum network makes use of quantum repeaters, it becomes a general-purpose quantum network, capable of running other applications on the same quantum network, including the other use cases mentioned above.
In some ways, quantum networking is a technology that is quite mature. It is actually more mature than quantum computing. Several companies have been offering commercial QKD products for over 10 years now, and these products have been deployed in operational networks. The components required for the next generation of general-purpose entanglement-based quantum networks are only now being commercialized. This includes hardware like quantum memories, transducers, and quantum repeaters. The range, speed, and cost of quantum networks will improve over time as a result of further innovations into multi-mode quantum memories, quantum error correction, and integrated photonics, and other technologies.
Quantum networks augment classical networks
One of the questions Aliro is frequently asked is, "Will quantum networks replace classical networks?”
The answer is no. We will never watch Netflix or do a Zoom call over a quantum network. Instead, quantum networks will be used in conjunction with classical networks. We can understand this better by looking at what happened with the development of classical computers.
Classical computers have been using co-processors to perform specialized tasks for a long time. Graphical processing units, or GPUs, are used to offload graphics rendering. Tensor processing units, or TPUs, are used to offload machine learning. Data processing units, or DPUs, are used to offload networking tasks. These GPUs, TPUs, and DPUs do not replace the general-purpose CPUs; instead, they augment CPUs by off-loading very specific, specialized tasks.
Similarly, quantum processing units, or QPUs, will not replace classical computers. Just like GPUs, TPUs, and DPUs, quantum processing units will be used to offload very specific tasks that quantum computers are particularly suited for. This includes things like drug design, material design, optimization, simulation, and cryptanalysis. Although quantum computers are much better at certain tasks than classical computers, there are plenty of tasks quantum computers are just not suited for. No one would dream of using a quantum computer to edit an Excel spreadsheet or play a video game. Hence, quantum computers will never fully replace classical computers.
The same is true for quantum networks. Quantum networks will never replace classical networks. Instead, quantum networks will augment classical networks. There are some specific applications that quantum networks are very good at, including secure communications and connecting quantum computers or quantum sensors to each other. Quantum networks are not just better at these applications; some of these applications are simply not possible on classical networks. For example, a clustered quantum computer data center cannot be created using a classical network. It is only possible with a quantum network because it must transfer qubits, which is not possible on a classical network.
Combining a quantum network with a classical network
Below is a concrete example of how a classical network and a quantum network work together. This article focuses on the Quantum Secure Communications use case, as it is the application that is the furthest developed. Similar diagrams could be drawn for clustered and distributed quantum computing and sensing.
At the top, in blue, is the classical network. There are two parties that want to exchange encrypted data over this classical network. Companies including Cisco, Juniper, Fortinet and many others offer hardware encryption devices that do encryption at various layers in the networking stack. The bulk encryption of the data can take place at multiple gigabits or even terabits per second and uses symmetrical encryption protocols such as the advanced encryption standard (AES).
The symmetrical encryption protocols need both parties to agree on a session encryption key. In today's networks, this is typically implemented using asymmetrical encryption protocols such as RSA, Diffie Helman or Elliptic Curve Diffie Helman. These existing session key establishment protocols are expected to be broken by quantum computers through implementation of Shor's algorithm, and must be replaced by a new key establishment protocol that is safe against attack by quantum computers. The terms Quantum Secure Communications and post-quantum security specifically refer to this safety from quantum attacks.
One possible way to implement quantum secure key establishment is to use a quantum network. In this diagram the quantum network is shown in red at the bottom. The quantum network uses the special properties of quantum physics to establish an encryption key between the two parties in a secure manner. The basic principle behind this security is that the laws of physics guarantee that it is impossible to steal the key without being detected. Thus, the term physics-based security is sometimes used for this approach.
There are two important things to notice in this diagram. The first observation is that the quantum network is not responsible for high-speed bulk data encryption at multiple gigabits per second. The high-speed bulk encryption still happens on the classical side of the network. The quantum network is only responsible for producing the encryption key. Even if the encryption key is rolled over very frequently, the quantum network is more than fast enough to produce the necessary session encryption keys. The quantum network hands over the encryption keys to the classical encryptors using a well-defined interface. The second observation is that the quantum network does not replace the classical network. A forklift upgrade of the classical equipment is not necessary. The quantum network augments the classical network to offload a specific function: in this case, encryption key establishment.
Physical connections in quantum networks
There are three layers to the integration between classical networks and quantum networks: the physical layer, the control layer, and the orchestration and management layer. This article will focus on the physical layer. For additional information, please see the on-demand webinar How to Integrate a Quantum Network with Your Existing Network.
At the physical layer, devices in a quantum network are connected to each other using multiple channels. Here, the term quantum network device is used in a very general way which could refer to Quantum Secure Communication devices, quantum computers, quantum repeaters, quantum routers, quantum sensors, or any other type of device that might be found in a quantum network.
There are three channels: the quantum channel, the real-time classical channel, and the non-real-time classical channel. Each of these channels can be implemented using optical fiber connections or using free-space connections subject to certain restrictions. When optical fibers are used, each channel can be assigned to a separate optical fiber strand, or multiple channels can be multiplexed onto a single fiber using dense wavelength division multiplexing, or DWDM, once again subject to certain restrictions.
The first channel is the quantum channel. This is the channel that carries the qubits, which encode the quantum information typically in the form of individual photons. There are multiple different encoding schemes, including polarization encoding and time-bin encoding, each with their own advantages and disadvantages.
The quantum channel is typically carried over optical fibers. It is possible to use typical telco fiber that is already deployed for the quantum channel. It is not necessary to deploy a new kind of special fiber for the quantum channel. However, the optical path used for the quantum channel must not contain any active components. Passive components such as patch panels and optical cross-connects are compatible, but active components such as classical routers or classical switches or even simple classical amplifiers are not compatible with the quantum channel.
It is also possible to carry the quantum channel over a free-space connection. This may be a terrestrial point-to-point free-space connection, or it may be a ground-station to satellite free-space connection. Either way, the free-space connection must be implemented using a point-to-point laser. Radio networks such as Wifi networks or cellular networks are currently not suitable for the quantum channel, and neither are copper links such as DSL links.
Non-real-time classical channel
The second channel is the non-real-time classical channel. This channel is used to carry orchestration, management, and non-real-time control protocols. The orchestration protocols are used to orchestrate the end-to-end service delivery to the end-user. The management protocols are used to configure and monitor the quantum network devices. Orchestration and management protocols typically use YANG and NETCONF, which are protocols that are also widely used in classical networks.
The control protocols are used to control various aspects of the quantum network. A small subset of these control protocols are extremely hard real-time, in the sense that they must be synchronized down to the nanosecond level. However, most of the control protocols are not hard real-time. Examples of non-hard real-time control protocols include key post-processing (such as information reconciliation and privacy amplification), key delivery, topology discovery, resource discovery, session establishment signaling, and many more.
These non-real-time control protocols can be carried over the non-real-time classical channel along with the orchestration and management protocols. The non-real-time classical channel uses completely normal TCP/IP and Ethernet networks, and thus it is possible to use an existing classical network with existing classical routers and switches.
In practice, there are often multiple non-real-time classical channels using separate ports on the device for security reasons. For example there might be separate physical ports for key delivery and network management.
Real-time classical channel
The third channel is the real-time classical channel. This channel is known by many different names including the service channel or the synchronization channel. Examples of hard-real-time control protocols include synchronization, calibration, key sifting, elementary entanglement generation, entanglement swapping, entanglement distribution, and teleportation. These hard-real-time control protocols are carried over a dedicated channel.
Above is one possible mechanism for implementing elementary entanglement generation. In this example, the source on the left and the source on the right generate photons that need to arrive at the bell state analyzer in the middle at exactly the same time, down to the nanosecond level. This requires extremely precise clock synchronization protocols. The entanglement generation protocol is non-deterministic in the sense that multiple attempts are needed to get a successful entanglement. For this, a real-time control protocol is needed to track the attempts and retry until success is achieved.
Because of the sheer volume of control messages and because of the very precise timing requirements, these real-time control protocols typically do not use TCP/IP or even Ethernet. Instead, these protocols often use proprietary framing and are usually implemented in FPGAs. Due to this proprietary framing, the optical path for the real-time classical channel must not contain any IP routers or Ethernet switches. However, DWDM and amplifiers are still compatible with the real-time classical channel.
Maximum link distance
One of the challenges in quantum networking is the limited maximum distance for point-to-point links. As a general rule of thumb the maximum loss on a point-to-point quantum link is around 20 decibels, which translates into a maximum distance of roughly 100 kilometers. The exact limit depends on various technical details - for example what type of sources and what type of detectors are used. The actual distance limit may be higher or lower; but 100 kilometers is typical and this is the number used in examples throughout this article.
Beyond 100 kilometers, a kind of relay mechanism is necessary. This might be a trusted relay node, a quantum repeater, a quantum router, or a satellite. In many real-world deployments it is desirable to use dense wavelength division multiplexing, or DWDM, to multiplex classical and quantum channels onto the same fiber. This greatly reduces the cost of the network because fewer fibers are deployed.
It is customary to put the quantum channels in the O-band and the classical channels in the C-band to minimize interference between the quantum and the classical channel. When the quantum channel is in the O-band, the maximum distance is reduced by about 40% because the optical fiber has more loss in the O-band than in the C-band.
Extending the distance of quantum links
There are several options for relay nodes to extend the distance of a point-to-point quantum link exceeding 100 kilometers.
In current Quantum Key Distribution networks, so-called "trusted relay nodes” are used. The way they work is that they first establish a point-to-point encryption key on each link, then the end-to-end encryption key is forwarded hop-by-hop through this series of encrypted point-to-point links. This method has a critical disadvantage: the end-to-end key is exposed in the clear inside each of the trusted relay nodes. The name trusted relay node is somewhat misleading. It is not that the node is trustworthy. It is that trust is forced: the node must be trusted to not leak the exposed key. This need for trusted relay nodes is one of the most important criticisms of current first generation quantum key distribution networks. Another important drawback is that QKD networks are single-purpose: they can only ever be utilized for key distribution alone.
A better method to extend the distance of quantum links is to use quantum repeaters in place of trusted relay nodes. Quantum repeaters offer two important benefits. The first benefit is that the keys are not exposed at the quantum repeaters. The second benefit is that a quantum network built with quantum repeaters is a general-purpose quantum network. It can be used not only for quantum secure communications, but also for other applications such as clustered and distributed quantum computing and sensing.
The current first generation of QKD networks are similar to the telephone networks of the 1980s: they can only run one single application. Quantum repeater-based networks are like the Internet of today, in the sense that they can run any application.
The challenge with quantum repeaters, however, is that they are an emerging technology. The components that are needed to build quantum repeaters (notably quantum memories) are only just now becoming commercially available. Aliro expects quantum repeaters to become a viable option to replace trusted relay nodes over the next few years.
Finally, for intercontinental distances, there is the option to use satellites and ground stations connected by free-space lasers. Because the loss in the vacuum of space is much lower than in fiber, they can cover large distances of up to several thousands of kilometers. The downside to using this method is that satellites and ground stations are expensive to deploy.
Towards universal entanglement-based quantum networks
We have discussed physical interfaces in the context of quantum secure communications. The next step is to generalize these interfaces, as well as the protocols and standards, to multi-purpose entanglement-based quantum networks.
At the physical layer, quantum repeaters and quantum routers will need to be introduced to the network. At the control layer, entanglement generation protocols - including elementary entanglement generation, swapping, purification, and teleportation - need to be implemented. At the management and orchestration layer, the network needs to continue to enable new end-user services such as clustered and distributed quantum computing and sensing and quantum testbed as a service. Finally, at the application interface, it is necessary to support general-purpose entanglement delivery.
Quite a lot can be implemented through software. A quantum network software stack for building general-purpose entanglement-generating quantum networks should have these primary components:
- An orchestrator to implement the orchestration and management layer. This provides an interface to the operator to manage the quantum network and provides an interface to end-users to orchestrate the services provided by the quantum network
- An SDN controller for the quantum network
- An on-device distributed control plane for the quantum network
- A simulator for modeling quantum networks at different levels of abstraction for testing potential hardware and topologies is also recommended, as it can be integral to the design phase of quantum network implementation.
For more detailed information on integrating quantum and classical networks at the physical layer, application layer, and the control / management / orchestration layers please see the on-demand webinar How to Integrate a Quantum Network with Your Existing Network.