Toshiba's prototype Quantum Key Distribution (QKD) system delivers digital keys for cryptographic applications on fibre optic based computer networks. Based on quantum cryptography it provides a failsafe method of distributing verifiably secret digital keys, with significant cost and key management advantages.
The system provides world-leading performance. In particular, it allows key distribution over standard telecom fibre links exceeding 100 km in length and bit rates sufficient to generate 1 Megabit per second of key material over a distance of 50 km — sufficiently long for metropolitan coverage.
Toshiba have pioneered active stabilisation technology that allows the system to distribute key material continuously, in even the most challenging operating conditions, without any user intervention. This avoids the need for recalibration of the system due to temperature-induced changes in the fibre lengths.
Initiation of the system is also managed automatically, allowing simple turn-key operation. It has been shown to work successfully in several network field trials. The system can be used for a wide range of cryptographic applications, e.g., encryption or authentication of sensitive documents, messages or transactions. A programming interface gives the user access to the key material.
The QKD system secure bit rate of 1 Mbit/s is significant for two reasons. Firstly it will allow QKD to be implemented on networks that connect many users. While the previous bit rate has been sufficient for simple point-to-point links, it was not enough to allow frequent key refresh on multi-user networks, in which the bit rate must be shared.
Secondly, these higher bit rates will allow one-time-pad encryption to be used for video conferencing and other high bandwidth applications. The one-time-pad is the only encryption algorithm that allows unconditionally secure communication and is often regarded as the Holy Grail of information security. However, its implementation has been hampered in the past by the requirement for a secret key of the same length as the data. Toshiba's advance with the QKD bit rate allows the one-time pad to be implemented for data streams of up to 1 Mb/s over 50 km fibre.
|Toshiba Quantum Encryption System
|Key exchange protocol
||Efficient BB84 protocol with decoy states — superior one-way quantum key exchange – stable encoding onto phase of < 50 ps optical pulses
|Transmission speed and distance
||Secure key rate over 1 Mb/s for 10 dB loss Max supported transmission loss > 20 dB (equivalent to 100 km of fibre)
||Proprietary self-differencing InGaAs detectors — room temperature operation for improved reliability and power saving
||Coarse wavelength-division multiplexing (CWDM) / dense wavelength-division multiplexing (DWDM) — coexistence with > 32 × 10 Gbit/s data channels
||Key failure probability < 10−10, corresponding to less than once in 30.000 years — protection against Trojan horse attacks — protection against blinding attacks
||Single fibre channel — dual fibre channel for highest transmission speed
||Standard 19” rack mount, 3U height