Toshiba QKD system

Toshiba QKD system

Toshiba’s prototype Quantum Key Distribution (QKD) system delivers digital keys for cryptographic applications on fibre optic based computer networks. Based on quantum cryptography it provides a failsafe method of distributing verifiably secret digital keys, with significant cost and key management advantages.
The system provides world-leading performance. In particular, it allows key distribution over standard telecom fibre links exceeding 100 km in length and bit rates sufficient to generate 1 Megabit per second of key material over a distance of 50 km — sufficiently long for metropolitan coverage.

Single photon detectors

At the heart of the system is a novel light detector. Using a ‘self-differencing’ circuit for single photon detection, Toshiba have increased the operating frequency of InGaAs avalanche photodiodes by a factor of 100, to beyond 2 GHz, with a maximum count rate of 1 GHz.

Toshiba has shown that operating detectors at room temperature can offer improved performance over cryogenic detectors that enhances sytem performance at high bit rates.

Further Information (external)

Room temperature single-photon detectors for high bit rate quantum key distribution, L. C. Comandar et al. Applied Physics Letters 104, 021101 (2014) / arXiv preprint

Single photon detectors

Toshiba have pioneered active stabilisation technology that allows the system to distribute key material continuously, in even the most challenging operating conditions, without any user intervention. This avoids the need for recalibration of the system due to temperature-induced changes in the fibre lengths.

Initiation of the system is also managed automatically, allowing simple turn-key operation. It has been shown to work successfully in several network field trials. The system can be used for a wide range of cryptographic applications, e.g., encryption or authentication of sensitive documents, messages or transactions. A programming interface gives the user access to the key material.

T12 protocol

Toshiba’s QKD system uses the T12 protocol. This is a modification of the standard BB84 protocol with decoy states, in which the probability that bit values are encoded in each basis (X and Z) are different.

This makes bit sifting much more efficient, nearly doubling performance under many conditions.

Further Information (external)

Efficient decoy-state quantum key distribution with quantified security, M. Lucamarini et al. Optics Express 21, pp. 24550–24565 (2013) / free access

T12 protocol

The QKD system secure bit rate of 1 Mbit/s is significant for two reasons. Firstly it will allow QKD to be implemented on networks that connect many users. While the previous bit rate has been sufficient for simple point-to-point links, it was not enough to allow frequent key refresh on multi-user networks, in which the bit rate must be shared.

Secondly, these higher bit rates will allow one-time-pad encryption to be used for video conferencing and other high bandwidth applications. The one-time-pad is the only encryption algorithm that allows unconditionally secure communication and is often regarded as the Holy Grail of information security. However, its implementation has been hampered in the past by the requirement for a secret key of the same length as the data. Toshiba’s advance with the QKD bit rate allows the one-time pad to be implemented for data streams of up to 1 Mb/s over 50 km fibre.

Toshiba Quantum Encryption System

Key exchange protocol
Efficient BB84 protocol with decoy states — superior one-way quantum key exchange – stable encoding onto phase of < 50 ps optical pulses

Transmission speed and distance
Secure key rate over 1 Mb/s for 10 dB loss Max supported transmission loss > 20 dB (equivalent to 100 km of fibre)

Detection technology
Proprietary self-differencing InGaAs detectors — room temperature operation for improved reliability and power saving

Multiplexing compatibility
Coarse wavelength-division multiplexing (CWDM) / dense wavelength-division multiplexing (DWDM) — coexistence with > 32 × 10 Gbit/s data channels

Security parameter
Key failure probability < 10−10, corresponding to less than once in 30.000 years — protection against Trojan horse attacks — protection against blinding attacks

Single fibre channel — dual fibre channel for highest transmission speed

Standard 19” rack mount, 3U height