height="224 * 1.5" width="604.18665 * 1.5" xml:space="preserve" id="svg2" version="1.1">image/svg+xml Contact Us

Integrating Quantum Networks with Classical Networks

Quantum Networks don't require a forklift upgrade of your existing network

Do you want to download a printable PDF of this white paper? Click here to download it directly.

 

CONTENTS

What is a quantum network 
Quantum network applications
Today’s quantum network requirements
Quantum networks augment classical networks
Combining a quantum network with a classical network
Layers of network integration between quantum networks and classical networks
Physical layer integration

Maximum link distance
Planning fiber infrastructure for quantum networks
Extending the distance of quantum links
General topologies

Application layer integration
Management and orchestration layer integration
Towards universal entanglement-based quantum networks
A full-stack solution for entanglement-based quantum networking
References

 

What is a quantum network 

The term classical network is typically used to refer to types of traditional networks that are not quantum networks. This includes local area networks, WiFi networks, cellular networks, optical fiber networks, satellite networks, the Internet - likely every network you have ever used. Classical networks send classical bits: ones and zeroes. These ones and zeroes are typically encoded as strong optical pulses that are sent through optical fibers, digital signals across copper wires, or strong radio pulses sent through the air.

Quantum networks communicate using quantum bits, or qubits. Qubits have special properties described by the laws of quantum physics. There are many quantum properties that are leveraged by quantum technologies - including superposition, entanglement, Heisenberg's uncertainty principle, the no-cloning theorem, and many others.These quantum properties allow quantum networks to do things that are impossible to accomplish with classical networks.

Quantum network applications

Quantum networks can be used for a variety of applications: clustered quantum computing, distributed quantum computing, distributed quantum sensing, and Quantum Secure Communications. 

‎QN + CN BLOG AND WHITE PAPER GFX.‎001

The most well-known application of quantum networks is Quantum Secure Communications, and this use case is the focus throughout this white paper. Quantum Secure Communication addresses the problem posed by Q-Day, in which existing encryption protocols such as RSA and Diffie Hellman will be broken by quantum computers capable of implementing Shor's algorithm. Quantum Secure Communication (QSC) refers to the entanglement-based successor to Quantum Key Distribution (QKD) that addresses the weaknesses of QKD.

Quantum Secure Communication uses entanglement-based protocols such as E91 and BBM92 that have been studied for many decades, are well understood, and that have security proofs. However, instead of using unsecure trusted relay nodes as QKD does, Quantum Secure Communication uses secure quantum repeaters. Once a quantum network makes use of quantum repeaters, it becomes a general-purpose quantum network, capable of running other applications on the same quantum network, including the other use cases mentioned above.

Today’s quantum network requirements

While quantum networks enable new applications, they also have particular boundary  requirements today. Most of these requirements are due to the fact that quantum networks use extremely weak light pulses - typically single photons.

The range of quantum network point-to-point links is limited. The exact limit varies, but 100 kilometers is a typical maximum distance. Beyond 100 kilometers you need trusted relay nodes, quantum repeaters, or satellites to extend the distance between points.  This will be addressed as quantum repeaters become commercially available.

The second requirement is that the throughput of a quantum network in qubits per second is low. Once again, the exact limit varies, but one million usable qubits per second is typical for short links. As the distance approaches the maximum of 100 kilometers, the throughput decreases down to a few thousand qubits per second.  This will be addressed as hardware devices become capable of producing higher qubit throughput.

The third requirement is that the links in a quantum network must be either optical fiber connections or point-to-point free-space laser connections. Those free-space connections can be terrestrial, or they can be a satellite.  As newer hardware technologies evolve this requirement may be mitigated.

In some ways, quantum networking is a technology that is quite mature. It is actually more mature than quantum computing. Several companies have been offering commercial QKD products for over 10 years now, and these products have been deployed in operational networks. The components required for the next generation of general-purpose entanglement-based quantum networks are just now being commercialized. This includes hardware like quantum memories, transducers, and quantum repeaters. The range, speed, and cost of quantum networks will improve over time as a result of further innovations into multi-mode quantum memories, quantum error correction, and integrated photonics, and other technologies.

Quantum networks augment classical networks

One of the questions Aliro is frequently asked is, "Will quantum networks replace classical networks?”

The answer is no. We may never watch Netflix or do a Zoom call over a quantum network. Instead, quantum networks will be used in conjunction with classical networks. We can understand this better by looking at what happened with the development of classical computers. Classical computers have been using co-processors to perform specialized tasks for a long time already.

  • Graphical processing units, or GPUs, are used to offload graphics rendering.
  • Tensor processing units, or TPUs, are used to offload machine learning.
  • Data processing units, or DPUs, are used to offload networking tasks.

These GPUs, TPUs, and DPUs do not replace the general-purpose CPUs; instead, they augment CPUs by off-loading very specific, specialized tasks.

Similarly, quantum processing units, or QPUs, will not replace classical computers. Just like GPUs, TPUs, and DPUs, quantum processing units will be used to offload very specific tasks that quantum computers are good at. This includes things like drug design, material design, optimization, simulation, and cryptanalysis.

Although quantum computers are much better at certain tasks than classical computers, there are plenty of tasks that quantum computers are just not suitable for. No one would dream of using a quantum computer to edit an Excel spreadsheet or play a video game. Hence, quantum computers will never fully replace classical computers.

The same is true for quantum networks. Quantum networks are not intended to replace classical networks. Instead, quantum networks will augment classical networks. There are some specific applications that quantum networks are exceptional at, including secure communications and connecting quantum computers or quantum sensors to each other. Quantum networks are not just better at these applications; some of these applications are simply not possible on classical networks. For example, a clustered quantum computer data center cannot be created using a classical network. It is only possible with a quantum network because it must transfer qubits, which is not possible on a classical network.

 

Combining a quantum network with a classical network

Here is a concrete example of how a classical network and a quantum network work together.

‎QN + CN BLOG AND WHITE PAPER GFX.‎002-1

We’ll focus on the quantum secure communications use case throughout this white paper, as it is the application that is the furthest developed. Similar diagrams could be drawn for clustered and distributed quantum computing and sensing.

At the top, in blue, is the classical network. There are two parties that want to exchange encrypted data over this classical network. Many companies including Cisco, Juniper, Fortinet, and many others offer the hardware encryption devices that do encryption at various layers in the networking stack.The bulk encryption of the data can take place at multiple gigabits or even terabits per second and uses symmetrical encryption protocols such as the advanced encryption standard: AES.

The symmetrical encryption protocols need both parties to agree on a session encryption key. In today's networks, this is typically implemented using asymmetrical encryption protocols such as RSA, Diffie Helman or Elliptic Curve Diffie Helman. These existing session key establishment protocols are expected to be broken by quantum computers through implementation of Shor's algorithm, and need to be replaced by a new key establishment protocol which will be safe against attack by quantum computers. This is what we mean when we use the terms Quantum Secure Communications and post-quantum security. For an in-depth look at the threats and impacts of Q-Day (the day a quantum computer is capable of running Shor’s algorithm) see the on-demand webinar What is Q-Day.

One possible way to implement quantum secure key establishment is to use a quantum network. In this diagram the quantum network is shown in red at the bottom. The quantum network uses the special properties of quantum physics to establish an encryption key between the two parties in a secure manner. The basic principle behind this security is that the laws of physics guarantee that it is impossible to steal the key without being detected. Thus, the term physics-based security is sometimes used for this approach.

There are two important things to notice in this diagram. The first observation is that the quantum network is not responsible for high-speed bulk data encryption at multiple gigabits per second. The high-speed bulk encryption still happens on the classical side of the network. The quantum network is only responsible for producing the encryption key. Even if you roll over the encryption key very frequently, the quantum network is typically more than fast enough to produce the necessary session encryption keys. The quantum network hands over the encryption keys to the classical encryptors using a well-defined interface.

The second observation is that the quantum network does not replace the classical network. We do not need a forklift upgrade of the classical equipment. The quantum network only augments the classical network to offload a specific function, namely encryption key establishment in this case.

Layers of network integration between quantum networks and classical networks

There are three layers of integration between classical networks and quantum networks: the physical layer, the control layer, and the orchestration and management layer.

Physical layer integration

Devices in a quantum network are connected to each other using multiple channels. Here the term quantum network device is used in a very general way, which could refer to quantum secure communication devices, quantum computers, quantum repeaters, quantum routers, quantum sensors, or any other type of device that might be found in a quantum network.

There are three channels: the quantum channel, the real-time classical channel, and the non-real-time classical channel. Each of these channels can be implemented using optical fiber connections or using free-space connections subject to certain restrictions. When optical fibers are used, each channel can be assigned to a separate optical fiber strand, or multiple channels can be multiplexed onto a single fiber using dense wavelength division multiplexing, or DWDM, once again subject to certain restrictions.

‎QN + CN BLOG AND WHITE PAPER GFX.‎003-1

Quantum channel 

The first channel is the quantum channel. This is the channel that carries the qubits, which encode the quantum information typically in the form of individual photons. There are multiple different encoding schemes, including polarization encoding and time-bin encoding, each with their own advantages and disadvantages. An analysis of these encoding schemes is discussed in the on-demand webinar Qubits: Understanding Quantum Information.

‎QN + CN BLOG AND WHITE PAPER GFX.‎004-1

The quantum channel is typically carried over optical fibers. It is possible to use typical telco fiber that is already deployed for the quantum channel. It is not necessary to deploy a new kind of special fiber for the quantum channel. However, the optical path used for the quantum channel must not contain any active components. Passive components such as patch panels and optical cross-connects are compatible, but active components such as classical routers or classical switches or even simple classical amplifiers are not compatible with the quantum channel.

It is also possible to carry the quantum channel over a free-space connection. This may be a terrestrial point-to-point free-space connection, or it may be a ground-station to satellite free-space connection. Either way, the free-space connection must be implemented using a point-to-point laser. Radio networks, such as Wifi networks or cellular networks, are currently not suitable for the quantum channel, and neither are copper links, such as DSL links.

Non-real-time classical channel

The second channel is the non-real-time classical channel. This channel is used to carry orchestration, management, and non-real-time control protocols. The orchestration protocols are used to orchestrate the end-to-end service delivery to the end-user. The management protocols are used to configure and monitor the quantum network devices. Orchestration and management protocols typically use YANG and NETCONF, which are protocols that are also widely used in classical networks.

‎QN + CN BLOG AND WHITE PAPER GFX.‎005-1

The control protocols are used to control various aspects of the quantum network. A small subset of these control protocols are extremely hard real-time, in the sense that they must be synchronized down to the nanosecond level. However, most of the control protocols are not hard real-time. Examples of non-hard real-time control protocols include key post-processing (such as information reconciliation and privacy amplification), key delivery, topology discovery, resource discovery, session establishment signaling, and many more. 

These non-real-time control protocols can be carried over the non-real-time classical channel along with the orchestration and management protocols. The non-real-time classical channel uses completely normal TCP/IP and Ethernet networks, and thus it is possible to use an existing classical network with existing classical routers and switches.

In practice, there are often multiple non-real-time classical channels using separate ports on the device for security reasons. For example, there might be separate physical ports for key delivery and network management.

Real-time classical channel 

The third channel is the real-time classical channel. This channel is known by many different names including the service channel or the synchronization channel. Examples of hard-real-time control protocols include synchronization, calibration, key sifting, elementary entanglement generation, entanglement swapping, entanglement distribution, and teleportation. These hard-real-time control protocols are carried over a dedicated channel.

‎QN + CN BLOG AND WHITE PAPER GFX.‎006-1

Above is one possible mechanism for implementing elementary entanglement generation. In this example, the source on the left (Node 1) and the source on the right (Node 2) generate photons that need to arrive at the bell state analyzer in the middle (BSM) at exactly the same time, down to the nanosecond level. This requires extremely precise clock synchronization protocols. The entanglement generation protocol is non-deterministic in the sense that multiple attempts are needed to get a successful entanglement. For this, a real-time control protocol is needed to track the attempts and retry until success is achieved. 

Because of the sheer volume of control messages and because of the very precise timing requirements, these real-time control protocols typically don't use TCP/IP or even Ethernet. Instead, these protocols often use proprietary framing and are typically implemented in FPGAs. Due to this proprietary framing, the optical path for the real-time classical channel must not contain any IP routers or Ethernet switches. However, DWDM and amplifiers are still compatible with this channel.

Maximum link distance

One of the challenges in implementing quantum networks at the physical layer is the limited maximum distance for point-to-point links on the quantum channel. As a general rule of thumb we can say that the maximum loss on a point-to-point quantum link is around 20 decibels which translates into a maximum distance of roughly 100 kilometers. The exact limit depends on various technical details, for example what type of sources and what type of detectors you use. The actual distance limit may be higher or lower; but 100 kilometers is typical and this is the number used in the examples throughout this white paper. Beyond 100 kilometers, a kind of relay mechanism is necessary. This might be a trusted relay node, a quantum repeater, a quantum router, or a satellite. 

In many real-world deployments, it is very desirable to use dense wavelength division multiplexing, or DWDM, to multiplex classical and quantum channels onto the same fiber. This greatly reduces the cost of the network because you have to deploy fewer fibers.

It is customary to put the quantum channels in the O-band and the classical channels in the C-band to minimize interference between the quantum and the classical channel. When you put the quantum channel in the O-band, the maximum distance is reduced by about 40% because the optical fiber has more loss in the O-band than in the C-band.

Planning fiber infrastructure for quantum networks

GEANT, which is a pan-European research network, published a very interesting paper studying how much it would cost to upgrade their existing classical network to a quantum network. In this GEANT study, they were evaluating a QKD network, so they only considered QKD trusted relay nodes.[GEANT]  However, a similar methodology can also be used for general-purpose entanglement-based quantum networks, such as those used for Quantum Secure Communication.

‎QN + CN BLOG AND WHITE PAPER GFX.‎008

The map shows one ring in the existing classical pan-European GEANT network.

  • The blue squares represent points-of-presence or POPs.
  • There are two POPs in London, one in Amsterdam, one in Frankfurt, two in Geneva, and one in Paris.
  • The pink triangles represent classical amplifier locations.
  • The lines represent optical fiber spans between these POPs and amplifier stations.

First of all, the study assumes that the quantum relay nodes are deployed at every existing POP and amplifier location. That makes sense because that's where the existing buildings with power and access to the management network are. Then, the study looked at each of these fiber spans and color coded them green, orange or red. 

The green links have less than 20 dB loss in the O-band, roughly less than 60 kilometers. This is the ideal and cheapest scenario. In this case the distance is short enough to be able to do a wave division multiplex of the quantum channel onto the same existing fiber for the classical channels. New DWDM devices may need to be deployed if they are not already there, but we don't need to deploy any new fiber which is typically much more expensive.

The orange links have less than 20 dB loss in the C-band, roughly less than 100 kilometers. Here we have to use a separate fiber for the quantum channel, which is more expensive.

The red links have more than 20 dB loss in the C-band, roughly more than 100 kilometers. Here the distance is too long for a quantum channel, even if we use a separate fiber. The only option is to introduce an additional relay node, which is the most expensive.

This particular study is unusual, in the sense that it studied a large pan-European network. Currently most quantum secure communication networks are deployed in metro region networks.

Extending the distance of quantum links

There are several options for relay nodes to extend the distance of a point-to-point quantum link exceeding 100 kilometers. 

In current Quantum Key Distribution networks so-called "trusted relay nodes” are used. The way they work is that they first establish a point-to-point encryption key on each link, then the end-to-end encryption key is forwarded hop-by-hop through this series of encrypted point-to-point links. This method has a critical disadvantage: the end-to-end key is exposed in the clear inside each of the trusted relay nodes. The name trusted relay node is somewhat misleading. It is not that the node is trustworthy.It is that trust is forced: the node must be trusted to not leak the exposed key. This need for trusted relay nodes is one of the most important criticisms of current first generation quantum key distribution networks. Another important drawback is that QKD networks are single-purpose: they can only ever be utilized for key distribution alone.

A better method to extend the distance of quantum links is to use quantum repeaters in place of trusted relay nodes. Quantum repeaters offer two important benefits. The first benefit is that the keys are not exposed at the quantum repeaters. The second benefit is that a quantum network built out of quantum repeaters is a general-purpose quantum network. It can be used not only for quantum secure communications but also for other applications such as clustered and distributed quantum computing and sensing.

‎QN + CN BLOG AND WHITE PAPER GFX.‎009-1

The current first generation of QKD networks are similar to the telephone networks of the 1980s: they can only run one single application. Quantum repeater-based networks are like the Internet of today in the sense that they can run any application.

The challenge with quantum repeaters, however, is that they are an emerging technology. The components that are needed to build quantum repeaters (notably quantum memories) are only just now becoming commercially available. Aliro expects quantum repeaters to become a viable option to replace trusted relay nodes over the next few years.

Finally, for intercontinental distances, there is the option to use satellites and ground stations connected by free-space lasers. Because the loss in the vacuum of space is much lower than in fiber, they can cover large distances of up to several thousands of kilometers. The downside to using this method is that satellites and ground stations are expensive to deploy.

General topologies

‎QN + CN BLOG AND WHITE PAPER GFX.‎010

If you have a more general graph topology such as the one shown above, then it’s necessary to implement relay nodes that have more than two interfaces and some sort of routing functionality. This can be achieved in several ways.

If the distances are short enough, for example in metro area networks (MANs), then you can use layer one optical switches. Those optical switches can be relatively slow, such as a MEMS switch. The optical switches could also be very fast, such as with Mach-Zehnder Interferometry switches, to do very dynamic switching.

For longer distances, in the current first generation of quantum key distribution networks, it is customary to use multi-port trusted relay nodes. The software has routing functionality to determine the path for the end-to-end key generation session through which the encryption key needs to be relayed. This approach has the same problem that we mentioned before: the relay nodes must be trusted because the key is exposed at each hop. The need to trust multiple devices which are potentially owned and operated by another organization (e.g. a service provider), to keep your information secure makes for a fragile solution.

A better approach is to use multi-port quantum repeaters which we refer to as quantum routers. Once we have quantum routers, we have a general-purpose general-topology entanglement generating network.

Application layer integration

For the purposes of this white paper, when discussing application layer integration the focus will be on the quantum secure communications application. In this case, the primary purpose of the quantum network is to generate encryption keys and the primary purpose of the classical network is to do the bulk encryption using those keys. An interface between the quantum network and the classical encryptors to hand off these keys will be necessary. 

ETSI 004 abstract key delivery interface

Contrary to what you might expect, this key delivery interface is already very well defined and standardized by ETSI, the European Telecommunications Standardization Institute. ETSI has defined a series of so-called group specifications that include a definition of this interface. All of these ETSI specifications are publicly available at no cost. They are short and very readable, and we highly recommend downloading and reading them. While ETSI specifications refer frequently to QKD and Quantum Key Distribution, with a few exceptions all of these ETSI specifications can also be applied to entanglement-based quantum networks (which use quantum-repeaters and quantum-routers instead of trusted relay nodes) with little or no changes. 

The first of these group specifications is called ETSI QKD 004 which is summarized below.[ESTI004]

‎QN + CN BLOG AND WHITE PAPER GFX.‎012

 

In the above diagram, the yellow boxes are the classical encryptors.

The red and green boxes are the quantum network devices.

We can see the quantum channel, the non-real-time classical channel, and the real-time classical channel (here referred to as the synchronization channel) that was discussed previously in this paper. The key delivery interface that ETSI 004 describes are the vertical arrows labeled QKD Application Interface between the yellow and green boxes.

ETSI 004 is a rather abstract document. It talks about the types of primitives that are needed on the key delivery interface in very general terms. ETSI 004 is not concrete enough to enable interoperable implementations.

ETSI QKD 014

Specification ETSI 014 takes the general principles described in ETSI 004 and makes them much more concrete and specific. ETSI 014 defines a REST interface, which is a very common type of HTTP-based interface that is very frequently used to integrate different systems with each other.

Unlike ETSI 004 which is rather abstract, ETSI 014 is very concrete. If a classical encryptor from one vendor and a quantum network device from another vendor both support ETSI 014, then they will interoperate. In fact, most existing QKD vendors already support ETSI 014, and many classical encryptor vendors are in the process of adding ETSI 014 support.[ETSI014] Many have already done public proofs of concept.

The ETSI 014 protocol is extremely simple. There are only three messages. The Get Status message is used to check whether a quantum device has keys available, as well as other operational status parameters. The encryptor uses the Get Key message to get the encryption key. The decryptor uses the Get Key with Key IDs message to get the decryption key. The encryptor must use some out-of-band mechanism to transfer the key IDs to the decryptor. The Internet Engineering Task Force (IETF) is already working on enhancements to IPsec and other protocols to facilitate this key ID transfer from the encryptor to the decryptor.

ETSI QKD 014 Example

Below is an example of what the ETSI 014 protocol looks like in real life.

‎QN + CN BLOG AND WHITE PAPER GFX.‎014

On the left are several examples of the Get Key message, which is the message that the classical encryptor uses to request an encryption key from the quantum network. In its simplest form, the encryptor specifies the number of keys needed and the size in bits of each key. On the right, is an example of the Get Key reply message. This is the message that the quantum network sends back to the encryptor to actually provide the requested session encryption keys. Each provided key has a key ID and the actual key value itself. The REST communication session between classical encryptor and the quantum network is itself encrypted and mutually authenticated.

Management and orchestration layer integration

Just like any other network, quantum networks need to be controlled, managed, and orchestrated. This is another area where quantum networks and classical networks are deeply intertwined with each other.

Control, Management, and Orchestration

There has been a surprising amount of standardization in the area of controlling, managing, and orchestrating quantum networks. The International Telecommunication Union International Telecommunications Standardization Sector (ITU-T) has published a series of standards called the Y-3800 series describing quantum networks.[Y3800] The ITU-T standards are publicly available at no cost.

Just like the ETSI specifications that discussed previously, the ITU-T standards are currently framed in terms of QKD networks, but many of these standards can also be generalized for entanglement-based quantum networks that use quantum-repeaters, and to facilitate other applications such as distributed quantum computing.

‎QN + CN BLOG AND WHITE PAPER GFX.‎016

The figure on the left in the graphic above is taken from ITU-T Y.3803. It shows the layers of a quantum secure communications network.

At the bottom is the quantum layer with the quantum network devices.

Above the quantum layer is the key management layer.

Above the key management layer is a quantum network controller, represented here by a yellow box. This controller is similar to a software defined networking (SDN) controller in existing classical networks.

The job of the controller is to control the quantum network nodes to create an end-to-end quantum session for the delivery of encryption keys to the application nodes. In today's QKD networks, these quantum relay nodes are assumed to be trusted relay nodes, but the same approach also works when creating end-to-end entanglement generation sessions in a quantum-repeater based network.

The application nodes are shown in the service layer at the top. The two white boxes next to the layers represent the management functions. There is a network management function responsible for managing the devices in the quantum network, and there is an orchestration function responsible for managing the end-user service.

ETSI 015 : YANG Interface for SDN Controller

As of now, the ITU-T has not yet standardized any concrete protocols; they have only defined abstract reference models. Once again, ETSI has gone further: they have defined concrete protocols for controlling, managing, and orchestrating quantum networks. In particular, ETSI group specification 015 defines the protocol between the quantum network controller and the quantum nodes.[ETSI015]

‎QN + CN BLOG AND WHITE PAPER GFX.‎017

In the diagram above, the yellow box represents the quantum network controller, and the blue boxes below represent the quantum network nodes. One of the blue boxes on the left has been magnified to show its internal structure.

ETSI  015 defines the quantum network control protocol using YANG data models and the NETCONF and RESTCONF protocols. If these acronyms don’t mean much to you, the important thing is that YANG and NETCONF or RESTCONF are the exact same protocols that are already widely used in classical networks today.

ETSI QKD 015 YANG Data Model

The ETSI 015 group specification includes a YANG data model which describes the configuration and operational objects for quantum nodes. The YANG data model is remarkably easy to read, even if you have never seen a YANG data model before.

‎QN + CN BLOG AND WHITE PAPER GFX.‎018

Node attributes can be configured and monitored. For example, the hardware and software versions of the node can be retrieved. The capabilities of nodes can be discovered. For example, it’s possible to discover whether or not the node can act as a trusted relay node. Application endpoints can be configured and monitored. For example, it’s possible to configure which encryptors are allowed to get keys from that particular node.

Quantum key generation sessions a node participates in can be configured and monitored. These key generation sessions are confusingly referred to as “links” in the specification. A quantum key generation session can include trusted relay nodes, using a concept referred to as virtual links in the specification. It is even possible to configure quality of service parameters for the key generation sessions such as rate and jitter.

ETSI QKD 015 Sequence diagrams and workflows 

That same specification ETSI 015 also contains multiple sequence diagrams describing various workflows.

One example is shown below.

‎QN + CN BLOG AND WHITE PAPER GFX.‎019

This is the workflow for two application nodes, in this case two classical encryptors, to register themselves with the quantum network and to establish a key exchange session amongst themselves.

ETSI QKD 018: YANG interface for orchestrator

The final ETSI group specification this white paper will cover is ETSI 018, which defines the interface between the orchestrator and the controller. The gray box at the top is the orchestrator which is responsible for orchestrating end-to-end services to end-users. In this application, the end-user service is delivering encryption keys.[ETSI018]

For example, the end-user could ask for a key delivery session between Amsterdam and Brussels, with a key rate of five kilobits of key material per second. It is the role of the orchestrator to facilitate this across multiple management domains. The orchestrator has to configure the quantum nodes to produce and relay the quantum keys. To do this, the orchestrator talks to the quantum network controller (as discussed above) - this is the top blue box in the diagram below. The orchestrator is also responsible for configuring the optical transport nodes or OTNs to create the necessary optical paths in the network. To do this, the orchestrator talks to the OTN controller which is the top yellow box in diagram below. ETSI 018 defines the interface between the orchestrator and the quantum network controller, which is the red line in the diagram below. 

‎QN + CN BLOG AND WHITE PAPER GFX.‎020

Once again, the ETSI specification is not an abstract reference model. It is a well-defined protocol specified using a YANG data model and can be implemented by vendors for interoperability between components.

Towards universal entanglement-based quantum networks

This white paper has discussed several interfaces, protocols, and standards in the context of quantum secure communications. The next step is to generalize all of these interfaces, protocols, and standards to general-purpose entanglement-based quantum networks.

At the physical layer, quantum repeaters and quantum routers will need to be introduced to the network. At the control layer, entanglement generation protocols - including elementary entanglement generation, swapping, purification, and teleportation - need to be implemented. At the management and orchestration layer, the network needs to continue to enable new end-user services such as clustered and distributed quantum computing and sensing and quantum testbed as a service. Finally, at the application interface, it is necessary to support general-purpose entanglement delivery.

‎QN + CN BLOG AND WHITE PAPER GFX.‎021-1

Quite a lot can be implemented through software. A quantum network software stack for building general-purpose entanglement-generating quantum networks should have these primary components: 

  • An orchestrator to implement the orchestration and management layer. This provides an interface to the operator to manage the quantum network and provides an interface to end-users to orchestrate the services provided by the quantum network
  • An SDN controller for the quantum network
  • An on-device distributed control plane for the quantum network

A simulator for modeling quantum networks at different levels of abstraction for testing potential hardware and topologies is also recommended, as it can be integral to the design phase of quantum network implementation.  

A full-stack solution for entanglement-based quantum networking

Entanglement-based secure networks are being built today by a variety of organizations for a variety of use cases – benefiting organizations internally, as well as providing great value to an organization’s customers. Telecommunications companies, national research labs, intelligence organizations, and systems integrators are just a few examples of the organizations Aliro is helping to leverage the capabilities of quantum networking. 

Building entanglement-based quantum networks is no easy task. It requires: 

  • Emerging hardware components necessary to build the quantum network.
  • The software necessary to design, simulate, run, and manage the quantum network.
  • A team with expertise in quantum physics and classical networking.
  • Years of hard work and development.

This may seem overwhelming, but Aliro Quantum is uniquely positioned to help you build your quantum network. The steps you can take to ensure your organization is meeting the challenges and leveraging the benefits of the quantum revolution are part of a clear, unified solution already at work in quantum networks like the EPB Quantum Network℠ powered by Qubitekk in Chattanooga, Tennessee.

AliroNet™, the world’s first full-stack entanglement-based quantum network solution, consists of the software and services necessary to ensure customers will fully meet their quantum networking goals. Each component within AliroNet™ is built from the ground up to be compatible and optimal with quantum networks of any scale and architecture. AliroNet™ is used to simulate, design, run, and manage quantum networks as well as test, verify, and optimize quantum hardware for network performance. AliroNet™ leverages the expertise of Aliro personnel in order to ensure that customers get the most value out of the software and their investment.

Depending on where customers are in their quantum networking journeys, AliroNet™  is available in three modes that create a clear path toward building full-scale entanglement-based secure networks: (1) Emulation Mode, for emulating, designing, and validating quantum networks, (2) Pilot Mode for implementing a small-scale quantum network testbed, and (3) Deployment Mode for scaling quantum networks and integrating end-to-end applications. AliroNet™ has been developed by a team of world-class experts in quantum physics and classical networking. 

 

 

To get started (or continue on your quantum journey), reach out to the Aliro Quantum team for additional information on how AliroNet™ can enable your quantum network.

info@aliroquantum.com

www.aliroquantum.com

 

For additional information or for any questions you may have about quantum networking or the content of this paper, contact Mike Gaffney at mike@aliroquantum.com or 571.340.1786.  



References

[GEANT] Karel Van Klink. “Quantum Key Distribution in a Pan-European Network of National Research and Education Networks”. Thesis presentation, University of Twente, The Netherlands and GÉANT Vereniging, The Netherlands http://essay.utwente.nl/93637/1/van%20Klink_MA_EEMCS.pdf

[ESTI004] ETSI. “Quantum Key Distribution (QKD); Application Interface. ETSI GS QKD 004 v2.1.1”. European Telecommunications Standards Institute. 2020. https://www.etsi.org/deliver/etsi_gs/QKD/001_099/004/02.01.01_60/gs_qkd004v020101p.pdf

[ETSI014] ETSI. “Quantum Key Distribution (QKD);Protocol and data format of REST-based key delivery API. ETSI GS QKD 014 V1.1.1 (2019-02).” European Telecommunications Standards Institute. 2019. https://www.etsi.org/deliver/etsi_gs/QKD/001_099/014/01.01.01_60/gs_qkd014v010101p.pdf

[Y3800] ITU-T. “Y series: Global information infrastructure, Internet protocol aspects, next-generation networks, Internet of Things and smart cities. Y.3800-Y.3999: Quantum key distribution networks”. International Telecommunication Union International Telecommunications Standardization Sector. 2019. https://handle.itu.int/11.1002/1000/13990

[ETSI015] ETSI. “Quantum Key Distribution (QKD); Control Interface for Software Defined Networks. ETSI GS QKD 015 V1.1.1 (2021-03)”. European Telecommunications Standards Institute. 2021. https://www.etsi.org/deliver/etsi_gs/QKD/001_099/015/01.01.01_60/gs_qkd015v010101p.pdf

[ETSI018] ETSI. “Quantum Key Distribution (QKD); Orchestration Interface for Software Defined Networks. ETSI GS QKD 018 V1.1.1 (2022-04)”. European Telecommunications Standards Institute. 2022. https://www.etsi.org/deliver/etsi_gs/QKD/001_099/018/01.01.01_60/gs_qkd018v010101p.pdf

Click to Schedule a Meeting With a Sales Rep