Open Access
Add to BibSonomy
Abstract
Quantum key distribution (QKD) networks are promising to progress towards widespread practical deployment over existing fiber infrastructures in the near future. Given the high cost and difficulty of deploying QKD networks, multi-tenancy becomes promising to improve cost efficiency for future QKD networks. In a multi-tenant QKD network, multiple QKD tenants can share the same QKD network infrastructure to obtain secret keys for securing their data transfer. Since the secret-key resources are finite and precious in QKD networks, how to achieve efficient multi-tenant secret-key assignment (MTKA) to satisfy the secret-key demands of multiple QKD tenants over QKD networks becomes a significant problem. In this regard, this study addresses the MTKA problem over QKD networks. A new multi-tenant QKD network architecture is proposed based on software defined networking (SDN) and quantum key pool (QKP) techniques. A secret-key rate sharing scheme is presented and a heuristic algorithm is designed to implement efficient MTKA over QKD networks. A new performance metric, namely matching degree (MD) that reflects the balance between QKD network secret-key resources and QKD tenant requests, is defined and evaluated. Simulation studies indicate that high QKD tenant requests accommodation and efficient secret-key resource usage can be achieved via maximizing the value of MD.
© 2019 Optical Society of America under the terms of the OSA Open Access Publishing Agreement
1. Introduction
Today the Internet is based on the best effort and hence vulnerable to numerous cyberattacks (e.g., eavesdropping and data interception) [1,2]. On the other hand, more and more private and sensitive data (e.g., credit cards and personal records) are transferred over the Internet. Data privacy and security become of key importance in the fields such as financial transactions, government networks, and e-health services. One effective approach to protect the confidentiality and integrity of data transfer is data encryption [3,4]. Nevertheless, the security of key distribution is considered one of the major challenges for data encryption. The security of conventional key distribution approaches is based on the computational complexity, which may be vulnerable to the advanced quantum computers and quantum algorithms (e.g., Shor’s algorithm) in the near future [5,6].
Quantum key distribution (QKD) can effectively address the key distribution challenge thanks to the fundamental laws of quantum physics (e.g., quantum no-cloning theorem) [7,8], which allows the information-theoretically secure exchange of symmetric secret keys between two legitimate parties. The produced symmetric secret keys can then be used with symmetric cryptographic algorithms to secure data transfer over the Internet. Specifically, one-time pad (OTP) as a symmetric cryptographic algorithm has been proven to provide information-theoretic security for data encryption [9].
Experimental QKD has been successfully demonstrated over optical fibers [10] and free space [11]. Specifically, some fiber-based QKD systems have been already commercialized [12,13] and deployed [14–16]. However, the use of dark fibers significantly increases the cost and difficulty of QKD network deployment. Integrating QKD with the existing optical networks using wavelength division multiplexing (WDM) technique [17–20] have been validated. It is prominent to deploy QKD combined with the pervasive optical networks to offer pure security of data transfer. Meanwhile, it also calls for research of efficient management and operation for QKD networks.
Given the extremely high cost and complexity of QKD network deployment, multi-tenancy [21] becomes promising to improve cost efficiency for future QKD networks. A high-security-demand organizational entity (e.g., a financial institution), who needs the secret keys from the QKD network infrastructure for securing its data transfer, can be counted as a QKD tenant. In a multi-tenant QKD network, multiple QKD tenants can share the same underlying infrastructure, which significantly reduces the deployment cost. Meanwhile, in contrast to the other network resources, the secret key is unique in the QKD networks since it is destructed once utilized. How to achieve efficient multi-tenant secret-key assignment (MTKA) over QKD networks is a crucial research question to be addressed, which is essential for efficient management and operation of the QKD networks. However, to the best of our knowledge, currently there are few studies targeting this problem.
Software defined networking (SDN) is a promising technique used in the multi-tenant networking architecture [21], which can control the entire network efficiently and manage the multi-tenant platform flexibly. Additionally, quantum key pool (QKP) technique is proposed to enhance the efficiency of secret-key management [22,23]. In this study, we concentrate on addressing the MTKA problem over QKD networks by leveraging SDN and QKP techniques. We summarize our major contributions in this paper as follows: 1) we propose a multi-tenant QKD network architecture based on SDN and QKP techniques; 2) we formulate the MTKA problem over QKD networks and introduce a secret-key rate sharing scheme to achieve high secret-key resource usage; 3) we design a heuristic algorithm to achieve efficient MTKA over QKD networks; 4) we define and evaluate a new performance metric, namely matching degree (MD) that reflects the balance between QKD network secret-key resources and QKD tenant requests.
The rest of this paper is organized as follows. Section 2 introduces the related concepts and techniques for QKD networks. The multi-tenant QKD network architecture is described in Section 3. Section 4 proposes the secret-key rate sharing scheme, formulates the MTKA problem, and designs the MTKA heuristic algorithm. Performance evaluation and analysis are presented in Section 5. Finally, Section 6 concludes this study. In addition, Table 1 lists the acronyms/notations and their definitions used in this paper.
Table 1. Acronyms/notations and definitions.
2. Related concepts and techniques of QKD networks
2.1 Principle of point-to-point QKD
QKD is a process that uses a quantum channel (QCh) together with a public channel (PCh) to securely exchange secret keys between two legitimate parties. A QCh is capable of carrying the quantum bits (qubits) which is generated by encoding classical bits into quantum states of light, while a PCh is capable of carrying classical data to compare the measurements associated with these qubits as well as perform post-processing steps for correctly distilling the secret keys [24].
The first QKD protocol (i.e., BB84) was developed by Bennett and Brassard in 1984 [25]. Today, BB84 protocol is still widely used in commercial QKD systems [12]. An example of the BB84 protocol based point-to-point QKD is elaborated in [23], which is illustrated in Fig. 1 and includes three stages, i.e., qubit exchange, key sifting, and key distillation [26]. Note that our study in this paper is not bound to any specific QKD protocols and can adopt the other ones apart from the BB84.
2.2 Trusted repeater for long-distance end-to-end QKD
The distance of point-to-point QKD is limited by several physical-layer impairments, e.g., scattering and loss of the quantum signals due to propagation through the QChs. Also, the quantum states of light cannot be amplified due to amplifying a quantum state of light needs to measure and clone it, which is against the quantum no-cloning theorem [8]. Hence, the implementation of long-distance end-to-end QKD needs to rely on the repeaters [27]. Given the quantum repeaters (i.e., devices that can forward the qubit without measuring or cloning it) are still difficult to be used in practical QKD networks [24], trusted repeater technique has been applied as a compromise solution to realize long-distance end-to-end QKD in most real-world QKD networks [14–16,28]. Thanks to the intermediate nodes that occupied with trusted repeaters, the secret keys can travel hop-by-hop along the QKD path from the source node to the destination node. The secret keys are decrypted and re-encrypted with information-theoretically secure OTP cryptographic algorithm [9] at each intermediate node.
An example of long-distance end-to-end QKD based on trusted repeaters is illustrated in Fig. 2. Two intermediate nodes with trusted repeaters are placed between the source node and destination node. A QKD sender is connected to a QKD receiver via a QCh and a PCh. Three secret keys Ks1, K12, K2d are separately produced between source node and intermediate node 1, intermediate node 1 and intermediate node 2, intermediate node 2 and destination node. The produced three secret keys have the same key size. Three steps are performed as follows.
- 1) Intermediate node 1 encrypts Ks1 using K12, obtaining the ciphertext Ks1 ⊕ K12. Then, the ciphertext Ks1 ⊕ K12 is sent to intermediate node 2.
- 2) Intermediate node 2 decrypts the ciphertext Ks1 ⊕ K12 using K12, thereby obtaining Ks1. Then intermediate node 2 encrypts Ks1 using K2d, obtaining the ciphertext Ks1 ⊕ K2d. The ciphertext Ks1 ⊕ K2d is sent to destination node.
- 3) Destination node decrypts the ciphertext Ks1 ⊕ K2d using K2d, obtaining Ks1.
Based on the above three steps, Ks1 can be shared between the source node and destination node. This process for long-distance end-to-end QKD can be realized by placing numbers of intermediate nodes with trusted repeaters between the source node and destination node, where all the intermediate nodes must be trustable because they will know the real secret keys, e.g., Ks1 in Fig. 2.
2.3 QKP for secret-key management
Today the secret-key rate in most QKD systems is low, e.g., 1~2 Mbit/s over a 50 km optical fiber [29,30]. The secret keys over a QKD network are precious and need to be managed efficiently. Secret-key management deals with secret-key exchange, storage, assignment, and destruction during the overall lifetime of secret keys. Recently, a QKP has been proposed to improve the efficiency of secret-key management [22,23], which can be constructed to manage the secret keys in a pair-wise manner between two QKD nodes. Each QKD node typically consists of several devices, e.g., QKD transceiver, trusted repeater, and secret-key server [14,27]. The secret keys are exchanged between two QKD nodes and stored in the corresponding secret-key servers. Hence, a QKP is capable of obtaining the real-time secret-key rate/volume information as well as managing secret-key exchange, storage, assignment and destruction in a pair-wise manner between two QKD nodes, but it cannot know the real secret keys.
An example of QKP between a pair of QKD nodes, referred to as QKP1-2, is illustrated in Fig. 3. To realize long-distance end-to-end QKD between QKD node 1 and QKD node 2, an intermediate node with trusted repeater is placed. Four stages of the secret keys’ lifecycle are introduced as follows.
Fig. 3 An example of QKP for managing secret keys in a pair-wise manner between QKD node 1 and QKD node 2.
- 1) Secret-key exchange: A number of secret keys are separately produced between QKD node 1 and intermediate node, intermediate node and QKD node 2. Based on the intermediate node with trusted repeater, the secret keys are successfully exchanged between QKD node 1 and QKD node 2.
- 2) Secret-key storage: The exchanged secret keys between QKD node 1 and QKD node 2 are stored in the corresponding secret-key servers which are embedded in QKD nodes.
- 3) Secret-key assignment: The stored secret keys in secret-key servers can be assigned to secure data transfer between two distant parties in the same physical location with QKD node 1 and QKD node 2 respectively.
- 4) Secret-key destruction: After the secret keys are assigned to secure data transfer between two distant parties, they are destructed.
3. Multi-tenant QKD network architecture
In this section, we propose a new multi-tenant QKD network architecture based on SDN and QKP techniques. As illustrated in Fig. 4, the multi-tenant QKD network architecture includes three planes, i.e., application (App) plane, control plane, and QKD plane in a top-bottom order. The application plane and control plane use northbound interface protocol (e.g., RESTful API [31]) for intercommunication, whereas the control plane and QKD plane use southbound interface protocol (e.g., OpenFlow [32] and NETCONF [33]) for intercommunication. OpenFlow is a promising protocol for SDN that allows remote management of the forwarding plane using a controller, while NETCONF is a transactions-based protocol standardized by Internet Engineering Task Force that provides access to network device configuration [34]. With the aid of OpenFlow or NETCONF, the SDN controller can manage the QKD network efficiently and flexibly in a centralized control pattern. The three planes are detailed as follows.
- 1) QKD plane: QKD nodes are interconnected by QKD links (including QChs and PChs) on the QKD plane to constitute the QKD network infrastructure. Note that the attributes (e.g., location, amount, etc.) of the QKD nodes and QKD links on the QKD plane can be different on different physical QKD network topologies, and the QKD plane in Fig. 4 only illustrates an example of the QKD network infrastructure. The QKD nodes act as the endpoints to distant parties. A number of intermediate nodes with trusted repeaters are placed between QKD node pairs to realize long-distance QKD. An agent [35] is placed on each QKD node to support an extended southbound interface protocol and utilize the short-reach interface to communicate with the QKD node.
- 2) Control plane: A logically centralized SDN controller is placed on the control plane to efficiently control and manage the entire multi-tenant QKD network. Currently, researchers have experimentally verified the feasibility and advantages of using SDN technique to control QKD networks [36–38]. Several QKPs can be constructed on the control plane to manage the secret keys between QKD node pairs, where the QKPs are all controlled by the SDN controller and can manage secret-key exchange, storage, assignment, and destruction in a pair-wise manner. The SDN controller with programmable and flexible network control capabilities can also provide the effective implementation technique for QKPs. In general, a SDN controller is a centralized controller at a logical level, while QKD devices are distributed across the network and co-located with network nodes. The messages transferred via the control channels between the SDN controller and the agents are control messages (e.g., control information for secret-key exchange, storage, allocation, and destruction). The connection established between the SDN controller and each agent is based on Internet Protocol (IP), in which the security of the control channels can also be guaranteed by QKD [39,40]. For example, by adding a QKD node co-located with the SDN controller, and then several QKPs can be constructed between the SDN controller and the agents to ensure the security of control channels [22].
- 3) Application plane: Multiple QKD tenants on the application plane can obtain secret keys from the QKD plane for securing their data transfer. The QKD plane is constituted by the QKD network infrastructure. Note that the QKD tenants are different from the subnets that are usually composed of virtual nodes and virtual links [41–43], as the QKD tenants only need to obtain secret keys from the specific nodes in the QKD network infrastructure. For example, currently real-world applications in banks and insurance companies are on trial over the Beijing-Shanghai QKD network in China [28,44], where each QKD tenant can represent a bank or an insurance company and can obtain secret keys from the Beijing-Shanghai QKD network infrastructure for security purpose. A QKD tenant may contain one or more secret-key demands. For example, QKD tenant 1 contains three secret-key demands (i.e., Node 1↔4, Node 1↔5, and Node 4↔5 corresponding to QKP1-4, QKP1-5, and QKP4-5, respectively), whereas QKD tenant 3 contains one secret-key demand (i.e., Node 3↔4 corresponding to QKP3-4). Since the secret keys cannot be reused, effective MTKA solutions are important to achieve efficient secret-key resource usage while satisfying the secret-key demands of multiple QKD tenants over QKD networks.
Note that the secret keys will not be delivered via the southbound and northbound interfaces. In our proposed architecture, the data communication equipment of each QKD tenant should be connected to the corresponding QKD nodes via the short-reach interfaces. Or the data communication equipment can obtain the secret keys via some trusted methods, such as human delivering, which is not considered in this paper. Then, the secret keys will be delivered from the secret-key servers of QKD nodes to the data communication equipment of QKD tenants to satisfy the secret-key demands. The SDN controller and QKPs on the control plane as well as the QKD tenants on the application plane are capable of obtaining the real-time secret-key rate/volume information, but they cannot know the real secret keys. The real secret keys are still stored in the secret-key servers of QKD nodes, which can be delivered to the QKD tenants directly under the control of SDN controller. Thus, the security of secret keys is still guaranteed in this architecture.
The intercommunication procedure among three planes in the multi-tenant QKD network architecture is illustrated in Fig. 5 and correspondingly numbered in Fig. 4, which can be divided in the following two stages.
Fig. 5 The intercommunication procedure among three planes in the multi-tenant QKD network architecture.
- 1) QKD network configuration (①−⑥): In this stage, QKPs and QKD nodes configuration are realized for secret-key exchange and storage in QKD networks.
- 2) QKD tenant configuration (⑦−⑫): The MTKA over QKD networks is configured in this stage. The SDN controller first queries and selects QKPs corresponding to the secret-key demands of each QKD tenant request. Then, the selected QKPs configure QKD nodes to accomplish secret-key assignment and destruction for each QKD tenant request.
4. Model and heuristic algorithm
In this section, we present a model for the proposed multi-tenant QKD network architecture, including network model, a secret-key rate sharing scheme to achieve efficient secret-key resource usage, and the MTKA problem modeling. We also design a novel heuristic algorithm to solve the MTKA problem. Note that our study in this paper focuses on service provisioning of the QKD networks. More specifically, we aim at addressing the MTKA problem over QKD networks. Service provisioning is of key importance for the network operation phase, during which the network deployment has been completed, and hence the secret keys between each pair of QKD nodes are able to be stably produced.
4.1 Network model
We model the physical QKD network topology as G(V, E), where V is the QKD node set and E is the QKD link set. QKPs are constructed between any two QKD nodes to manage secret-key exchange, storage, assignment and destruction in a pair-wise manner. The QKP set is denoted by Q, thereby |Q| is the total number of QKPs and can be expressed as:
where |V| is the total number of QKD nodes. Equation (1) is used to calculate the total number of QKPs, since a QKP is constructed to manage the secret keys in a pair-wise manner between any two QKD nodes [22,23]. Note that the total number of QKPs is only associated with the total number of QKD nodes on the physical QKD network topology, and Eq. (1) can scale well under different network sizes. The QKP for a pair of QKD nodes m and n is denoted as qmn. During the operation phase of the QKD networks, secret keys are exchanged between each pair of QKD nodes with the preset secret-key rate and stored in the corresponding secret-key servers. The set of secret-key rates is denoted by K, where the secret-key rate between QKD nodes m and n is kmn (in unit of bit/s).4.2 Secret-key rate sharing scheme
To achieve efficient secret-key resource usage, we present a secret-key rate sharing scheme, as illustrated in Fig. 6(a). In practice, the secret-key rate of different QKD node pairs on the physical QKD network topology can be different, which can be segmented into many small secret-key rate slots to accommodate multiple QKD tenant requests. In this study, a uniform secret-key rate sharing is considered, where each slot has the same size denoted as k (in unit of bit/s). Considering the value of k is associated with the secret-key rate demands of QKD tenant requests and the cryptographic algorithms used for data encryption, this study is not bound to any specific values of k. As an example, k can be set to 128, 192 or 256 bit/s while advanced encryption standard (AES) algorithm is used for data encryption [3,22].
Fig. 6 (a) Secret-key rate sharing scheme; (b) An example of MTKA over the QKD network infrastructure.
Note that our proposed scheme is not for QKD network infrastructure slicing, but a mechanism for sharing secret keys. Recently, the concept of time-shared QKD networks has been proposed, which involves the time-shared QKD devices [36,45] and the time-shared QKD links [23,46]. In [36], a SDN-based resource scheduling method for sharing a single QKD receiver in a time domain among multiple QKD senders was presented, leading to a programmable cost-effective network. The authors in [45] experimentally demonstrated that a QKD receiver can share secret keys with multiple QKD senders at different locations via remotely controlled optical switches, in which the secret keys can be shared via low-latency reconfigurable connections. The authors in [23] proposed a time-scheduled scheme in combination with QKP technique for time-sharing QKD links to efficiently schedule QKD over the WDM networks. In [46], a time-slicing technique was introduced to establish QKD links using multiple time slots to improve resource utilization. The time-shared QKD networks are cost-effective for practical deployment. In contrast to the time-shared QKD networks, this study concentrates on multi-tenant QKD networks, which can function as the complementary to time-shared QKD networks to properly handle multiple high-security-demand organizational entities (e.g., banks, insurance companies, and financial institutions). Nevertheless, both time-shared QKD networks and multi-tenant QKD networks still call for research to promote practical QKD network deployment and employment.
4.3 MTKA problem modeling
In this study, we consider MTKA problem during an offline phase and the accommodated QKD tenant requests are known in advance, forming a QKD tenant request set denoted as R. We model a QKD tenant request as r(Vr, Wr), where Vr is the set of QKD nodes corresponding to the secret-key rate demands of r and Wr is the set of secret-key rate demands of r. The set of QKPs corresponding to the secret-key rate demands of r is denoted by Qr. We index the secret-key rate demand in Wr between QKD nodes m and n as (in unit of bit/s) and the QKP in Qr between QKD nodes m and n as . Based on the presented secret-key rate sharing scheme, kmn is divided into many small slots to accommodate the secret-key rate demands between QKD nodes m and n. Then, the capacity Cmn of the secret-key rate kmn between QKD nodes m and n on the physical network topology can be expressed as:
We denote a set of QKD tenant requests accommodated by the QKD network as Z and index each QKD tenant request in Z as z. Hence, we can calculate the actual available secret-key rate between QKD nodes m and n as:
An example of MTKA over the QKD network infrastructure is illustrated in Fig. 6(b), in which the actual available secret-key rates of QKD node pairs on the QKD plane, and the secret-key rate demands of QKD tenant requests (i.e., r1 and r2) on the application plane are labelled. When the values of A12, A13, A23, and A45 are larger than , , , and respectively, the secret keys can be successfully assigned to QKD tenant requests r1 and r2.
4.4 MTKA heuristic algorithm
The designed MTKA algorithm is shown in Table 2. For each QKD tenant request r, the QKP set Qr corresponding to r is firstly determined. Then, we decide whether the actual available secret-key rates can meet the secret-key rate demands. When the secret-key rate demands of r can be satisfied, we select the required secret-key rate slots from the corresponding QKD node pairs with the first fit (FF) algorithm [18,46], and assign the selected secret-key rate slots to QKD tenant request r. Since the secret keys cannot be reused and are destructed once they are used, some relatively complicated algorithms (e.g., most-used and load-balanced algorithms [47,48]) proposed in other network scenarios are not suitable for MTKA over QKD networks.
Table 2. MTKA algorithm.
Lines 2–24 perform MTKA for all the QKD tenant requests. The time complexities of lines 3–12 and 13–23 in the worst case are O(|Q|) and O(Cmn·|Q|), respectively. The overall time complexity of this MTKA algorithm is approximately O(Cmn·|R|·|Q|). After performing the MTKA algorithm, the secret-key resource utilization (KRUmn) between QKD nodes m and n can be calculated as:
Hence, the success probability (SPMTKA) and secret-key resource utilization (KRUMTKA) of MTKA over the QKD network infrastructure can be expressed as:
Specifically, we define a new metric, i.e., matching degree (MD) to evaluate the balance between QKD network secret-key resources and QKD tenant requests, which can be expressed as:
where α and β are weighting factors of SPMTKA and KRUMTKA respectively, and α + β = 1. Network operators can set different values of α and β according to practical conditions and requirements.5. Performance evaluation
In this section, we conduct extensive simulations to evaluate the performance of our approach and address the scalability issue of our solution to MTKA problem in terms of QKD network sizes, QKD network secret-key resources, and QKD tenant requests. The simulation is carried out with two network topologies, i.e., NSFNET (14 QKD nodes) and USNET (24 QKD nodes) [23,49] as shown in Fig. 7. Based on Eq. (1) in Section 4.1, the total number of QKPs on the NSFNET and USNET topologies are 91 (|V| = 14) and 276 (|V| = 24), respectively. We assume that the intermediate nodes with trusted repeaters are deployed between QKD node pairs approximately every 50~80 km on fiber links [26,44]. The number of intermediate nodes with trusted repeaters between two QKD nodes is dependent on the physical distance of the fiber link that connect the two nodes. We assume that the secret-key rate between each pair of QKD nodes on the physical QKD network topology follows uniform distribution within a certain interval (e.g., {28k, 30k, 32k}). The QKD tenant requests are randomly generated among all QKD node pairs. The number of QKD nodes corresponding to the secret-key rate demands of QKD tenant requests can be uniformly distributed in a certain range (e.g., {2, 3, 4}). Also, the secret-key rate demand of each QKD tenant request between two QKD nodes can be uniformly distributed within a certain range (e.g., {2k, 3k, 4k}).
We consider three cases in performance evaluation for MTKA over QKD networks: i) different QKD network secret-key resources (i.e., different K) with fixed QKD tenant requests (i.e., fixed Vr and Wr); ii) different QKD tenant requests (i.e., different Vr and Wr) with fixed QKD network secret-key resources (i.e., fixed K); and iii) different QKD network secret-key resources and QKD tenant requests (i.e., different K, Vr and Wr). In case i, Vr and Wr are set to {2, 3, 4} and {2k, 3k, 4k} respectively, whereas K is set to {28k, 30k, 32k} in case ii.
The five instances of QKD network secret-key resources (i.e., NC1 to NC5) and five instances of QKD tenant requests (i.e., TR1 to TR5) are listed in Table 3. In instances NC1, NC2, and NC3, we consider different values of the secret-key rates in K, where the secret-key rate type is fixed to 1 (i.e., one secret-key rate type means the secret-key rate between any two QKD nodes is the same). In instances NC3, NC4, and NC5, we consider different secret-key rate types in K, where the average secret-key rate value is fixed to 30k. In instances TR1 and TR4, we consider different values of the secret-key rate demands in Wr, where Vr is fixed to {2, 3, 4} and the secret-key rate demand type is fixed to 1 (i.e., one secret-key rate demand type means the secret-key rate demand of each QKD tenant request between any two QKD nodes is the same). In instances TR1, TR2, and TR3, we consider different secret-key rate demand types in Wr, where Vr is fixed to {2, 3, 4} and the average secret-key rate demand value is fixed to 3k. In instances TR2 and TR5, we consider different ranges of Vr, where Wr is fixed to {2k, 3k, 4k}. As described in Section 4.2, our study in this paper is not bound to any specific values of k. For example, when the secret-key rate over a 50.5 km fiber link can reach 1.2 Mb/s [50] and K is fixed to {30k}, the value of k is 40 kb/s. To guarantee statistic accuracy, the simulation is repeated 500 times and the averaged values are obtained.
Table 3. Instances of QKD network secret-key resources and QKD tenant requests.
5.1 Case i: performance evaluation under different QKD network secret-key resources
The results of SPMTKA and KRUMTKA versus number of QKD tenant requests with different K (case i) are presented in Figs. 8 and 9 respectively, where two network topologies are compared. It can be observed that SPMTKA decreases and KRUMTKA rises when increasing the number of QKD tenant requests, which results from the rising of the total secret-key rate demands. Moreover, SPMTKA (or KRUMTKA) shows the similar trends in different network sizes in case i, demonstrating the scalability and effectiveness of MTKA algorithm.
Fig. 8 SPMTKA as a function of the number of QKD tenant requests with different K: (a) NSFNET; (b) USNET.
Fig. 9 KRUMTKA as a function of the number of QKD tenant requests with different K: (a) NSFNET; (b) USNET.
Figures 8(a) and 8(b) show that SPMTKA increases when the secret-key rate value in K grows (see NC1, NC2 and NC3) due to the increasing actual available secret-key rate. When there exist multiple secret-key rate types (i.e., NC3, NC4 and NC5), SPMTKA firstly keeps stable and gradually decreases when the number of QKD tenant requests becomes larger. The reason is that the actual available secret-key rates of different QKD node pairs become imbalance with the multiple secret-key rate types, and such an imbalance is more obvious under a high load of QKD tenant requests. Thus, SPMTKA can be improved by increasing the secret-key rate values or decreasing the secret-key rate types in QKD network secret-key resources.
As illustrated in Figs. 9(a) and 9(b), increasing the secret-key rate value in K causes the decrease of KRUMTKA (see NC1, NC2 and NC3), since the total capacity of secret-key rate on the physical QKD network topology is increased. Also, KRUMTKA decreases with the secret-key rate type in K increasing (i.e., NC3, NC4 and NC5), which directly results from the decrease of SPMTKA (i.e., the number of QKD tenant requests which can be accommodated by the QKD network is decreased). Therefore, the configuration of QKD network secret-key resources needs to consider the specific secret-key rate demands of QKD tenant requests to make the secret-key resource usage more efficient.
5.2 Case ii: performance evaluation under different QKD tenant requests
Figures 10 and 11 present the results of SPMTKA and KRUMTKA as a function of the number of QKD tenant requests with different Vr and Wr (case ii) on the two network topologies. From Figs. 10 and 11 we can observe the similar tendency of SPMTKA and KRUMTKA with the growing number of QKD tenant requests in different network sizes as in Figs. 8 and 9, which also verifies the scalability and effectiveness of our designed MTKA algorithm.
Fig. 10 SPMTKA as a function of the number of QKD tenant requests with different Vr and Wr: (a) NSFNET; (b) USNET.
Fig. 11 KRUMTKA as a function of the number of QKD tenant requests with different Vr and Wr: (a) NSFNET; (b) USNET.
As shown in Figs. 10(a) and 10(b), SPMTKA decreases when the secret-key rate demand value in Wr increases (i.e., TR1 and TR4) or the range of Vr extends (i.e., TR2 and TR5). The reason is the increase of the total secret-key rate demands of all the QKD tenant requests over the QKD network. In addition, as the secret-key rate demand type in Wr increases (see TR1, TR2 and TR3), SPMTKA remains stable given a small amount of QKD tenant requests and gradually decreases with the growing of QKD tenant requests. This is because the actual available secret-key rates of different QKD node pairs become relatively unbalanced with multiple secret-key rate demand types, and it becomes more obvious when the number of QKD tenant requests becomes larger. Hence, a high SPMTKA can be achieved by decreasing the secret-key rate demand values/types of QKD tenant requests or reducing the number of QKD nodes corresponding to the secret-key rate demands.
Figures 11(a) and 11(b) show that KRUMTKA rises with the secret-key rate demand value in Wr increasing (i.e., TR1 and TR4) or the range of Vr expanding (i.e., TR2 and TR5). This is because the total secret-key rate demands over the QKD network is increased. The KRUMTKA also rises while reducing the secret-key rate demand type in Wr (see TR1, TR2 and TR3) due to the rise of SPMTKA. Since QKD tenant requests are randomly generated and their secret-key rate demands are uniformly distributed within a certain range, different secret-key rate demand types degrade the balance of actual available secret-key rates of different QKD node pairs. Therefore, to achieve more efficient secret-key resource usage, the balance between QKD tenant requests and QKD network secret-key resources needs to be considered.
5.3 Case iii: performance evaluation under different QKD network secret-key resources and QKD tenant requests
The simulation results of MD between QKD network secret-key resources and QKD tenant requests (case iii) on the two network topologies are shown in Fig. 12. The numbers of QKD tenant requests are fixed to 150 and 400 on NSFNET and USNET topologies, respectively. It is obvious that the MD can be affected by the QKD network secret-key resources, QKD tenant requests as well as the values of α and β.
Fig. 12 Matching degree (MD) between QKD network secret-key resources and QKD tenant requests: (a) NSFNET (α = 0, β = 1; α = 1, β = 0); (b) USNET (α = 0, β = 1; α = 1, β = 0); (c) NSFNET (α:β = 1:1, 1:2, 2:1); (d) USNET (α:β = 1:1, 1:2, 2:1).
From Figs. 12(a) and 12(b) we can see that the MD between NC1 and TR5 is higher than other instances when α = 0 and β = 1 (MD = KRUMTKA), whereas the MD between NC3 and TR1 is higher than other instances when α = 1 and β = 0 (MD = SPMTKA). This reflects the fact that the secret-key resources can be utilized more efficiently under the condition of NC1 combined with TR5 than other instances, while the most QKD tenant requests can be accommodated under the condition of NC3 combined with TR1. We also observe that there is no direct relationship between the values of SPMTKA and KRUMTKA. In practice, the network operators can use MD to balance QKD network secret-key resources and QKD tenant requests based on their requirements.
The MD between different instances of QKD network secret-key resources and QKD tenant requests when α:β = 1:1, 1:2 and 2:1 are illustrated in Figs. 12(c) and 12(d). As an example, when α:β = 2:1, the MD between NC3 and TR1 is higher than other instances on the NSFNET topology in Fig. 12(c), whereas the MD between NC3 and TR5 is higher than other instances when α:β = 1:2 on the USNET topology in Fig. 12(d). We can obtain the better balance between QKD network secret-key resources and QKD tenant requests by searching for larger MD values, which is beneficial to accommodate more QKD tenant requests and achieve more efficient secret-key resource usage.
6. Conclusion
In this paper, we propose a novel SDN and QKP techniques based multi-tenant QKD network architecture and address the MTKA problem over QKD networks. A secret-key rate sharing scheme is presented with a heuristic algorithm to implement efficient MTKA over QKD networks. Simulation results verify the scalability and effectiveness of our designed MTKA algorithm. The SPMTKA and KRUMTKA can be jointly improved by reducing the secret-key rate types in QKD network secret-key resources or reducing the secret-key rate demand types in QKD tenant requests. We also define MD to evaluate the balance between QKD network secret-key resources and QKD tenant requests. Highly balanced multi-tenant QKD network, in which a large number of QKD tenant requests are accommodated while the secret-key resources are efficiently utilized, can be achieved via maximizing the value of MD. In addition, many unsolved issues (e.g., how to optimize the MD in an algorithmic way, and how to evaluate and optimize the required number of QKD devices to support the deployment of different QKD networks) need to be explored in our future work.
Funding
National Science and Technology Major Project (2017ZX03001016); National Natural Science Foundation of China (61822105, 61571058, 61601052); BUPT Excellent Ph.D. Students Foundation (CX2018105); BUPT Postgraduates Innovation and Entrepreneurship Project (2018-YC-A030); China Association for Science and Technology; State Key Laboratory of Advanced Optical Communication Systems and Networks of China; Swedish Research Council; Swedish Foundation for Strategic Research (SSF); Göran Gustafsson Foundation.
References
1. W. Stallings, Cryptography and Network Security: Principles and Practice (Prentice Hall, 2011).
2. M. P. Fok, Z. Wang, Y. Deng, and P. R. Prucnal, “Optical layer security in fiber-optic networks,” IEEE Trans. Inf. Forensics Security 6(3), 725–736 (2011). [CrossRef]
3. National Institute of Standards and Technology (NIST), “Advanced Encryption Standard (AES),” Federal Information Processing Standard (FIPS) 197, Nov. 2001.
4. G. S. Vernam, “Cipher printing telegraph systems for secret wire and radio telegraphic communications,” J. Am. Inst. Electr. Eng. 45(2), 109–115 (1926).
5. L. R. Schreiber and H. Bluhm, “Toward a silicon-based quantum computer,” Science 359(6374), 393–394 (2018). [CrossRef] [PubMed]
6. P. W. Shor, “Algorithms for quantum computation: discrete logarithms and factoring,” in Proceedings of 35th Annual Symposium on Foundations of Computer Science, Santa Fe, NM, USA, Nov. 1994, pp. 124–134. [CrossRef]
7. H.-K. Lo, M. Curty, and K. Tamaki, “Secure quantum key distribution,” Nat. Photonics 8(8), 595–604 (2014). [CrossRef]
8. V. Scarani, H. Bechmann-Pasquinucci, N. J. Cerf, M. Dusek, N. Lutkenhaus, and M. Peev, “The security of practical quantum key distribution,” Rev. Mod. Phys. 81(3), 1301–1350 (2009). [CrossRef]
9. C. E. Shannon, “Communication theory of secrecy systems,” Bell Labs Tech. J. 28(4), 656–715 (1949). [CrossRef]
10. B. Korzh, C. C. W. Lim, R. Houlmann, N. Gisin, M. J. Li, D. Nolan, B. Sanguinetti, R. Thew, and H. Zbinden, “Provably secure and practical quantum key distribution over 307 km of optical fibre,” Nat. Photonics 9(3), 163–168 (2015). [CrossRef]
11. S.-K. Liao, W.-Q. Cai, W.-Y. Liu, L. Zhang, Y. Li, J.-G. Ren, J. Yin, Q. Shen, Y. Cao, Z.-P. Li, F.-Z. Li, X.-W. Chen, L.-H. Sun, J.-J. Jia, J.-C. Wu, X.-J. Jiang, J.-F. Wang, Y.-M. Huang, Q. Wang, Y.-L. Zhou, L. Deng, T. Xi, L. Ma, T. Hu, Q. Zhang, Y.-A. Chen, N.-L. Liu, X.-B. Wang, Z.-C. Zhu, C.-Y. Lu, R. Shu, C.-Z. Peng, J.-Y. Wang, and J.-W. Pan, “Satellite-to-ground quantum key distribution,” Nature 549(7670), 43–47 (2017). [CrossRef] [PubMed]
12. QuantumCTek, http://www.quantum-info.com/English/.
13. Toshiba QKD system, https://www.toshiba.eu/eu/Cambridge-Research-Laboratory/Quantum-Information/Quantum-Key-Distribution/Toshiba-QKD-system/.
14. M. Peev, C. Pacher, R. Alléaume, C. Barreiro, J. Bouda, W. Boxleitner, T. Debuisschert, E. Diamanti, M. Dianati, J. F. Dynes, S. Fasel, S. Fossier, M. Fürst, J.-D. Gautier, O. Gay, N. Gisin, P. Grangier, A. Happe, Y. Hasani, M. Hentschel, H. Hübel, G. Humer, T. Länger, M. Legré, R. Lieger, J. Lodewyck, T. Lorünser, N. Lütkenhaus, A. Marhold, T. Matyus, O. Maurhart, L. Monat, S. Nauerth, J.-B. Page, A. Poppe, E. Querasser, G. Ribordy, S. Robyr, L. Salvail, A. W. Sharpe, A. J. Shields, D. Stucki, M. Suda, C. Tamas, T. Themel, R. T. Thew, Y. Thoma, A. Treiber, P. Trinkler, R. Tualle-Brouri, F. Vannel, N. Walenta, H. Weier, H. Weinfurter, I. Wimberger, Z. L. Yuan, H. Zbinden, and A. Zeilinger, “The SECOQC quantum key distribution network in Vienna,” New J. Phys. 11(7), 075001 (2009). [CrossRef]
15. M. Sasaki, M. Fujiwara, H. Ishizuka, W. Klaus, K. Wakui, M. Takeoka, S. Miki, T. Yamashita, Z. Wang, A. Tanaka, K. Yoshino, Y. Nambu, S. Takahashi, A. Tajima, A. Tomita, T. Domeki, T. Hasegawa, Y. Sakai, H. Kobayashi, T. Asai, K. Shimizu, T. Tokura, T. Tsurumaru, M. Matsui, T. Honjo, K. Tamaki, H. Takesue, Y. Tokura, J. F. Dynes, A. R. Dixon, A. W. Sharpe, Z. L. Yuan, A. J. Shields, S. Uchikoga, M. Legré, S. Robyr, P. Trinkler, L. Monat, J. B. Page, G. Ribordy, A. Poppe, A. Allacher, O. Maurhart, T. Länger, M. Peev, and A. Zeilinger, “Field test of quantum key distribution in the Tokyo QKD Network,” Opt. Express 19(11), 10387–10409 (2011). [CrossRef] [PubMed]
16. S. Wang, W. Chen, Z.-Q. Yin, H.-W. Li, D.-Y. He, Y.-H. Li, Z. Zhou, X.-T. Song, F.-Y. Li, D. Wang, H. Chen, Y.-G. Han, J.-Z. Huang, J.-F. Guo, P.-L. Hao, M. Li, C.-M. Zhang, D. Liu, W.-Y. Liang, C.-H. Miao, P. Wu, G.-C. Guo, and Z.-F. Han, “Field and long-term demonstration of a wide area quantum key distribution network,” Opt. Express 22(18), 21739–21756 (2014). [CrossRef] [PubMed]
17. B. Qi, W. Zhu, L. Qian, and H. K. Lo, “Feasibility of quantum key distribution through a dense wavelength division multiplexing network,” New J. Phys. 12(10), 103042 (2010). [CrossRef]
18. Y. Cao, Y. Zhao, X. Yu, and Y. Wu, “Resource assignment strategy in optical networks integrated with quantum key distribution,” J. Opt. Commun. Netw. 9(11), 995–1004 (2017). [CrossRef]
19. F. Karinou, H. H. Brunner, C.-H. F. Fung, L. C. Comandar, S. Bettelli, D. Hillerkuss, M. Kuschnerov, S. Mikroulis, D. Wang, C. Xie, M. Peev, and A. Poppe, “Toward the integration of CV quantum key distribution in deployed optical networks,” IEEE Photonics Technol. Lett. 30(7), 650–653 (2018). [CrossRef]
20. Y. Mao, B.-X. Wang, C. Zhao, G. Wang, R. Wang, H. Wang, F. Zhou, J. Nie, Q. Chen, Y. Zhao, Q. Zhang, J. Zhang, T.-Y. Chen, and J.-W. Pan, “Integrating quantum key distribution with classical communications in backbone fiber network,” Opt. Express 26(5), 6010–6020 (2018). [CrossRef] [PubMed]
21. R. Vilalta, A. Mayoral, R. Muñoz, R. Casellas, and R. Martínez, “Multitenant transport networks with SDN/NFV,” J. Lightwave Technol. 34(6), 1509–1515 (2016). [CrossRef]
22. Y. Cao, Y. Zhao, C. Colman-Meixner, X. Yu, and J. Zhang, “Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD),” Opt. Express 25(22), 26453–26467 (2017). [CrossRef] [PubMed]
23. Y. Cao, Y. Zhao, Y. Wu, X. Yu, and J. Zhang, “Time-scheduled quantum key distribution (QKD) over WDM networks,” J. Lightwave Technol. 36(16), 3382–3395 (2018). [CrossRef]
24. ETSI white paper, “Quantum safe cryptography and security,” http://www.etsi.org/images/files/ETSIWhitePapers/QuantumSafeWhitepaper.pdf.
25. C. H. Bennett and G. Brassard, “Quantum cryptography: public key distribution and coin tossing,” in Proceedings of IEEE Int. Conf. on Computers, Systems, and Signal Processing, Bangalore, India, 1984, pp. 175–179.
26. IDQ white paper, “Understanding quantum cryptography,” https://marketing.idquantique.com/acton/attachment/11868/f-020d/1/%E2%88%92/%E2%88%92/%E2%88%92/%E2%88%92/Understanding%20Quantum%20Cryptography_White%20Paper.pdf.
27. R. Alléaume, F. Roueff, E. Diamanti, and N. Lütkenhaus, “Topological optimization of quantum key distribution networks,” New J. Phys. 11(7), 075002 (2009). [CrossRef]
28. Quantum secure communication, “Beijing-Shanghai Backbone,” www.quantum-info.com/English/case/2017/0901/339.html.
29. A. V. Gleim, V. I. Egorov, Y. V. Nazarov, S. V. Smirnov, V. V. Chistyakov, O. I. Bannik, A. A. Anisimov, S. M. Kynev, A. E. Ivanova, R. J. Collins, S. A. Kozlov, and G. S. Buller, “Secure polarization-independent subcarrier quantum key distribution in optical fiber channel using BB84 protocol with a strong reference,” Opt. Express 24(3), 2619–2633 (2016). [CrossRef] [PubMed]
30. M. Lucamarini, Z. L. Yuan, J. F. Dynes, and A. J. Shields, “Overcoming the rate-distance limit of quantum key distribution without quantum repeaters,” Nature 557(7705), 400–403 (2018). [CrossRef] [PubMed]
31. C. Zhang, R. Jing, J. Li, Y. Ma, X. Huo, Y. Zhao, and J. Zhang, “Field trial of bandwidth on demand services based on hierarchical control over multi-domain OTN networks,” J. Opt. Commun. Netw. 7(11), 1057–1063 (2015). [CrossRef]
32. N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner, “OpenFlow: enabling innovation in campus networks,” Comput. Commun. Rev. 38(2), 69–74 (2008). [CrossRef]
33. R. Enns, M. Bjorklund, J. Schoenwaelder, and A. Bierman, “Network configuration protocol (netconf),” IETF RFC 6241 (2011).
34. A. Aguado, V. Lopez, J. Martinez-Mateo, M. Peev, D. Lopez, and V. Martin, “Virtual network function deployment and service automation to provide end-to-end quantum encryption,” J. Opt. Commun. Netw. 10(4), 421–430 (2018). [CrossRef]
35. A. Aguado, V. Martin, D. Lopez, M. Peev, J. Martinez-Mateo, J. L. Rosales, F. de la Iglesia, M. Gomez, E. Hugues-Salas, A. Lord, R. Nejabati, and D. Simeonidou, “Quantum-aware software defined networks,” in Proceedings of QCrypt 2016, Washington, DC, USA, Sept. 2016.
36. A. Aguado, E. Hugues-Salas, P. A. Haigh, J. Marhuenda, A. B. Price, P. Sibson, J. E. Kennard, C. Erven, J. G. Rarity, M. G. Thompson, A. Lord, R. Nejabati, and D. Simeonidou, “Secure NFV orchestration over an SDN-controlled optical network with time-shared quantum key distribution resources,” J. Lightwave Technol. 35(8), 1357–1362 (2017). [CrossRef]
37. E. Hugues-Salas, F. Ntavou, Y. Ou, J. E. Kennard, C. White, D. Gkounis, K. Nikolovgenis, G. Kanellos, C. Erven, A. Lord, R. Nejabati, and D. Simeonidou, “Experimental demonstration of DDoS mitigation over a quantum key distribution (QKD) network using software defined networking (SDN),” in Proceedings of OFC 2018, San Diego, California, USA, Mar. 2018, paper M2A.6. [CrossRef]
38. Y. Cao, Y. Zhao, X. Yu, L. Cheng, Z. Li, G. Liu, and J. Zhang, “Experimental demonstration of end-to-end key on demand service provisioning over quantum key distribution networks with software defined networking,” in Proceedings of OFC 2019, San Diego, California, USA, Mar. 2019, paper Th1G.4.
39. A. Aguado, V. Lopez, J. Martinez-Mateo, T. Szyrkowiec, A. Autenrieth, M. Peev, D. Lopez, and V. Martin, “Hybrid conventional and quantum security for software defined and virtualized networks,” J. Opt. Commun. Netw. 9(10), 819–825 (2017). [CrossRef]
40. V. Martin, A. Aguado, V. López, D. López, O. Maurhart, M. Peev, A. Poppe, M. Gunkel, and F. Wissel, “Quantum key distribution (QKD); quantum key distribution control interface for software defined networks,” ETSI GS QKD-015 V0.0.3 (2018).
41. J. Zhang, Y. Ji, M. Song, H. Li, R. Gu, Y. Zhao, and J. Zhang, “Dynamic virtual network embedding over multilayer optical networks,” J. Opt. Commun. Netw. 7(9), 918–927 (2015). [CrossRef]
42. Y. Zhao, B. Chen, J. Zhang, and X. Wang, “Energy efficiency with sliceable multi-flow transponders and elastic regenerators in survivable virtual optical networks,” IEEE Trans. Commun. 64(6), 2539–2550 (2016). [CrossRef]
43. Y. Ji, J. Zhang, X. Wang, and H. Yu, “Towards converged, collaborative and co-automatic (3C) optical networks,” Sci. China Inf. Sci. 61(12), 121301 (2018). [CrossRef]
44. Q. Zhang, F. Xu, Y.-A. Chen, C.-Z. Peng, and J.-W. Pan, “Large scale quantum key distribution: challenges and solutions [Invited],” Opt. Express 26(18), 24260–24273 (2018). [CrossRef] [PubMed]
45. X. Tang, A. Wonfor, R. Kumar, R. V. Penty, and I. H. White, “Quantum-safe metro network with low-latency reconfigurable quantum key distribution,” J. Lightwave Technol. 36(22), 5230–5236 (2018). [CrossRef]
46. Y. Zhao, Y. Cao, W. Wang, H. Wang, X. Yu, J. Zhang, M. Tornatore, Y. Wu, and B. Mukherjee, “Resource allocation in optical networks secured by quantum key distribution,” IEEE Commun. Mag. 56(8), 130–137 (2018). [CrossRef]
47. E. Karasan and E. Ayanoglu, “Effects of wavelength routing and selection algorithms on wavelength conversion gain in WDM optical networks,” IEEE/ACM Trans. Netw. 6(2), 186–196 (1998). [CrossRef]
48. S. Xu, P. Li, S. Guo, and X. Qiu, “Fiber-wireless network virtual resource embedding method based on load balancing and priority,” IEEE Access 6, 33201–33215 (2018). [CrossRef]
49. Y. Li, L. Zhu, S. K. Bose, and G. Shen, “Energy-saving in IP over WDM networks by putting protection router cards to sleep,” J. Lightwave Technol. 36(14), 3003–3017 (2018). [CrossRef]
50. J. F. Dynes, W. W.-S. Tam, A. Plews, B. Fröhlich, A. W. Sharpe, M. Lucamarini, Z. Yuan, C. Radig, A. Straw, T. Edwards, and A. J. Shields, “Ultra-high bandwidth quantum secured data transmission,” Sci. Rep. 6(1), 35149 (2016). [CrossRef] [PubMed]
