A Secure Communication Network Infrastructure Based on Quantum Key Distribution Technology
Summary :
Quantum key distribution (QKD), a cryptography technology providing information theoretic security based on physical laws, has moved from the research stage to the engineering stage. Although the communication distance is subject to a limitation attributable to the QKD fundamentals, recent research and development of “key relaying” over a “QKD network” is overcoming this limitation. However, there are still barriers to widespread use of QKD integrated with conventional information systems: applicability and development cost. In order to break down these barriers, this paper proposes a new solution for developing secure network infrastructure based on QKD technology to accommodate multiple applications. The proposed solution introduces 3 functions: (1) a directory mechanism to manage multiple applications hosted on the QKD network, (2) a key management method to share and to allocate the keys for multiple applications, and (3) a cryptography communication library enabling existing cryptographic communication software to be ported to the QKD network easily. The proposed solution allows the QKD network to accommodate multiple applications of various types, and moreover, realizes applicability to conventional information systems easily. It also contributes to a reduction in the development cost per information system, since the development cost of the QKD network can be shared between the multiple applications. The proposed solution was implemented with a network emulating QKD technology and evaluated. The evaluation results show that the proposed solution enables the infrastructure of a single QKD network to host multiple applications concurrently, fairly, and effectively through a conventional application programming interface, OpenSSL API. In addition, the overhead of secure session establishment by the proposed solution was quantitatively evaluated and compared.
- Publication
- IEICE TRANSACTIONS on Communications Vol.E99-B No.5 pp.1054-1069
- Publication Date
- 2016/05/01
- Publicized
- Online ISSN
- 1745-1345
- DOI
- 10.1587/transcom.2015AMP0006
- Type of Manuscript
- Special Section PAPER (Special Section on Internet Architectures and Management Methods that Enable Flexible and Secure Deployment of Network Services)
- Category
Authors
Yoshimichi TANIZAWA
Toshiba Corporation
Ririka TAKAHASHI
Toshiba Corporation
Hideaki SATO
Toshiba Corporation
Alexander R. DIXON
Toshiba Corporation
Shinichi KAWAMURA
Toshiba Corporation
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Yoshimichi TANIZAWA, Ririka TAKAHASHI, Hideaki SATO, Alexander R. DIXON, Shinichi KAWAMURA, "A Secure Communication Network Infrastructure Based on Quantum Key Distribution Technology" in IEICE TRANSACTIONS on Communications,
vol. E99-B, no. 5, pp. 1054-1069, May 2016, doi: 10.1587/transcom.2015AMP0006.
Abstract: Quantum key distribution (QKD), a cryptography technology providing information theoretic security based on physical laws, has moved from the research stage to the engineering stage. Although the communication distance is subject to a limitation attributable to the QKD fundamentals, recent research and development of “key relaying” over a “QKD network” is overcoming this limitation. However, there are still barriers to widespread use of QKD integrated with conventional information systems: applicability and development cost. In order to break down these barriers, this paper proposes a new solution for developing secure network infrastructure based on QKD technology to accommodate multiple applications. The proposed solution introduces 3 functions: (1) a directory mechanism to manage multiple applications hosted on the QKD network, (2) a key management method to share and to allocate the keys for multiple applications, and (3) a cryptography communication library enabling existing cryptographic communication software to be ported to the QKD network easily. The proposed solution allows the QKD network to accommodate multiple applications of various types, and moreover, realizes applicability to conventional information systems easily. It also contributes to a reduction in the development cost per information system, since the development cost of the QKD network can be shared between the multiple applications. The proposed solution was implemented with a network emulating QKD technology and evaluated. The evaluation results show that the proposed solution enables the infrastructure of a single QKD network to host multiple applications concurrently, fairly, and effectively through a conventional application programming interface, OpenSSL API. In addition, the overhead of secure session establishment by the proposed solution was quantitatively evaluated and compared.
URL: https://globals.ieice.org/en_transactions/communications/10.1587/transcom.2015AMP0006/_p
Copy
@ARTICLE{e99-b_5_1054,
author={Yoshimichi TANIZAWA, Ririka TAKAHASHI, Hideaki SATO, Alexander R. DIXON, Shinichi KAWAMURA, },
journal={IEICE TRANSACTIONS on Communications},
title={A Secure Communication Network Infrastructure Based on Quantum Key Distribution Technology},
year={2016},
volume={E99-B},
number={5},
pages={1054-1069},
abstract={Quantum key distribution (QKD), a cryptography technology providing information theoretic security based on physical laws, has moved from the research stage to the engineering stage. Although the communication distance is subject to a limitation attributable to the QKD fundamentals, recent research and development of “key relaying” over a “QKD network” is overcoming this limitation. However, there are still barriers to widespread use of QKD integrated with conventional information systems: applicability and development cost. In order to break down these barriers, this paper proposes a new solution for developing secure network infrastructure based on QKD technology to accommodate multiple applications. The proposed solution introduces 3 functions: (1) a directory mechanism to manage multiple applications hosted on the QKD network, (2) a key management method to share and to allocate the keys for multiple applications, and (3) a cryptography communication library enabling existing cryptographic communication software to be ported to the QKD network easily. The proposed solution allows the QKD network to accommodate multiple applications of various types, and moreover, realizes applicability to conventional information systems easily. It also contributes to a reduction in the development cost per information system, since the development cost of the QKD network can be shared between the multiple applications. The proposed solution was implemented with a network emulating QKD technology and evaluated. The evaluation results show that the proposed solution enables the infrastructure of a single QKD network to host multiple applications concurrently, fairly, and effectively through a conventional application programming interface, OpenSSL API. In addition, the overhead of secure session establishment by the proposed solution was quantitatively evaluated and compared.},
keywords={},
doi={10.1587/transcom.2015AMP0006},
ISSN={1745-1345},
month={May},}
Copy
TY - JOUR
TI - A Secure Communication Network Infrastructure Based on Quantum Key Distribution Technology
T2 - IEICE TRANSACTIONS on Communications
SP - 1054
EP - 1069
AU - Yoshimichi TANIZAWA
AU - Ririka TAKAHASHI
AU - Hideaki SATO
AU - Alexander R. DIXON
AU - Shinichi KAWAMURA
PY - 2016
DO - 10.1587/transcom.2015AMP0006
JO - IEICE TRANSACTIONS on Communications
SN - 1745-1345
VL - E99-B
IS - 5
JA - IEICE TRANSACTIONS on Communications
Y1 - May 2016
AB - Quantum key distribution (QKD), a cryptography technology providing information theoretic security based on physical laws, has moved from the research stage to the engineering stage. Although the communication distance is subject to a limitation attributable to the QKD fundamentals, recent research and development of “key relaying” over a “QKD network” is overcoming this limitation. However, there are still barriers to widespread use of QKD integrated with conventional information systems: applicability and development cost. In order to break down these barriers, this paper proposes a new solution for developing secure network infrastructure based on QKD technology to accommodate multiple applications. The proposed solution introduces 3 functions: (1) a directory mechanism to manage multiple applications hosted on the QKD network, (2) a key management method to share and to allocate the keys for multiple applications, and (3) a cryptography communication library enabling existing cryptographic communication software to be ported to the QKD network easily. The proposed solution allows the QKD network to accommodate multiple applications of various types, and moreover, realizes applicability to conventional information systems easily. It also contributes to a reduction in the development cost per information system, since the development cost of the QKD network can be shared between the multiple applications. The proposed solution was implemented with a network emulating QKD technology and evaluated. The evaluation results show that the proposed solution enables the infrastructure of a single QKD network to host multiple applications concurrently, fairly, and effectively through a conventional application programming interface, OpenSSL API. In addition, the overhead of secure session establishment by the proposed solution was quantitatively evaluated and compared.
ER -
FlyerIEICE has prepared a flyer regarding multilingual services. Please use the one in your native language.
English
