Toshiba QKD system

Toshiba's prototype Quantum Key Distribution (QKD) system delivers digital keys for cryptographic applications on fibre optic based computer networks. Based on quantum cryptography it provides a failsafe method of distributing verifiably secret digital keys, with significant cost and key management advantages.

The system provides world-leading performance. In particular, it allows key distribution over standard telecom fibre links exceeding 100 km in length and bit rates sufficient to generate 1 Megabit per second of key material over a distance of 50 km — sufficiently long for metropolitan coverage.

Toshiba CSD1000 dual channel single photon detector
Single photon detectors

At the heart of the system is a novel light detector. Using a ‘self-differencing’ circuit for single photon detection, Toshiba have increased the operating frequency of InGaAs avalanche photodiodes by a factor of 100, to beyond 2 GHz, with a maximum count rate of 1 GHz.

Toshiba has shown that operating detectors at room temperature can offer improved performance over cryogenic detectors that enhances sytem performance at high bit rates.

Toshiba have pioneered active stabilisation technology that allows the system to distribute key material continuously, in even the most challenging operating conditions, without any user intervention. This avoids the need for recalibration of the system due to temperature-induced changes in the fibre lengths.

Initiation of the system is also managed automatically, allowing simple turn-key operation. It has been shown to work successfully in several network field trials. The system can be used for a wide range of cryptographic applications, e.g., encryption or authentication of sensitive documents, messages or transactions. A programming interface gives the user access to the key material.

Performance comparison between the T12 protocol and the standard BB84 protocol
T12 protocol

Toshiba's QKD system uses the T12 protocol. This is a modification of the standard BB84 protocol with decoy states, in which the probability that bit values are encoded in each basis (X and Z) are different.

This makes bit sifting much more efficient, nearly doubling performance under many conditions.

The QKD system secure bit rate of 1 Mbit/s is significant for two reasons. Firstly it will allow QKD to be implemented on networks that connect many users. While the previous bit rate has been sufficient for simple point-to-point links, it was not enough to allow frequent key refresh on multi-user networks, in which the bit rate must be shared.

Secondly, these higher bit rates will allow one-time-pad encryption to be used for video conferencing and other high bandwidth applications. The one-time-pad is the only encryption algorithm that allows unconditionally secure communication and is often regarded as the Holy Grail of information security. However, its implementation has been hampered in the past by the requirement for a secret key of the same length as the data. Toshiba's advance with the QKD bit rate allows the one-time pad to be implemented for data streams of up to 1 Mb/s over 50 km fibre.

Toshiba Quantum Encryption System Prototype Specifications
Key exchange protocol Efficient BB84 protocol with decoy states — superior one-way quantum key exchange – stable encoding onto phase of < 50 ps optical pulses
Transmission speed and distance Secure key rate over 1 Mb/s for 10 dB loss Max supported transmission loss > 20 dB (equivalent to 100 km of fibre)
Detection technology Proprietary self-differencing InGaAs detectors — room temperature operation for improved reliability and power saving
Multiplexing compatibility Coarse wavelength-division multiplexing (CWDM) / dense wavelength-division multiplexing (DWDM) — coexistence with > 32 × 10 Gbit/s data channels
Security parameter Key failure probability < 10−10, corresponding to less than once in 30.000 years — protection against Trojan horse attacks — protection against blinding attacks
Interfaces Single fibre channel — dual fibre channel for highest transmission speed
Dimensions Standard 19” rack mount, 3U height