Project: QKD support for IdM-CKM

Leverage the latest quantum key distribution technologies and support global roaming access to quantum key distribution networks. 

Context


What is quantum key distribution (QKD)?

Quantum Key Distribution is an emerging communications privacy technology that when implemented and deployed correctly can offer the highest possible level of protection (information theoretic security) against attacks that monitor the network communication paths between devices.  This feature makes QKD attractive for securing highly sensitive information. 

Speaking in a general way, point-to-point QKD requires a direct link between two devices to create a quantum channel.  This point-to-point link might be achieved using an optical fiber or an open-air line-of-sight communications path.  Repeaters are required to extend the reach of quantum key distribution systems (see the entry on QKD Networks below).  

Point-to-point QKD is a special type of symmetric cryptosystem in which two devices communicate securely using a pre-negotiated pool of shared secrets (they both share a pool of random numbers, where only the two devices know the value of the random numbers).  What makes QKD special is that is able to use the quantum channel to increase the quantity of secrets in the pool of secrets shared between the two devices.  

To perform secure communications, we remove some of the secrets out of that pool and use them to classically encrypt messages exchanged between those two devices.  The superior method of encryption is where one bit of key material (one bit of entropy) is used once and only once for every bit of message exchanged.  The alternate much weaker method is to encrypt more then one bit of message for every bit of key material.  In both cases we consume and discard key bits in quick succession.  This is in contrast to most symmetric key systems where the one key is used to encrypt very large amounts of information. 

What is a quantum key distribution network (QKDN)?

Generally speaking, it becomes increasingly difficult to send information reliably as the distance between the sender and receiver increases.  In traditional networks we use "classical repeaters" to receive and re-transmit messages to increase the communications distance between the original sender and final target.  In quantum networks we must either use quantum repeaters (as of 2010 this is still in the early stages of research and development and may be around 10 years before commercially ready) or use trusted classical repeaters to increase communications distance. 

We will focus on the use of classical trusted relays for creating quantum key distribution networks (QKDN).  There are two general approaches to creating QKDN in this context:

  • A first approach is to create a QKD network and classical network, both networks having the same network topology.  User data is encrypted at each classical network link using the key material that is generated by the corresponding QKD network link.  The original value of the user data supplied to the QKDN is exposed to each classical trusted repeater. 
  • A second approach is to create a dedicated network that is specifically designed for managing key material that is decoupled from the data communications network.  In this approach the data may travel a different path (even across a totally independent network) to the key material used to encrypt that data. 

 The second approach can be implemented using a QKD network of the first type. 

The need for TEMPEST protection in environments using QKD technologies

QKD devices employ communication techniques that in theory can achieve perfect security against parties that intercept (or modify) the communications traffic.  In practice the QKD device must be implemented correctly with no exploitable flaws to achieve this result.  

Even with perfectly secure communications channels, this is not the only attack-vector (approach of attack) that may compromise sensitive information.  Attackers may employ a variety of "side-channel attacks" to discover the value of sensitive data.  Side-channel attacks monitor the unintentional signals that are generated by devices (monitors, usb cables, computers) that process the sensitive data.  For example, an attacker may remotely intercept the information from the unintentional emanations of a usb-cable that transports sensitive data transmitted over the QKD channel.  

To protect against a wide range of side-channel attacks, the QKD devices, the network and the computing devices connected to local network must also employ TEMPEST security measures.  An example provider of TEMPEST certified equipment is Secure Systems and Technologies.

What are the limitations of 1st generation quantum key distribution (networks)?

First generation quantum key distribution networks (those that use classical repeaters to extend their reach such as the 5 node FP6 SECOQC network) have several problems that must be carefully addressed:

  • Clients have to trustthe QKD network service, in particular they must have confidence that:
    • the organisation that owns the QKD network are competent and will behave honestly
    • the privileged technicians that manage the QKD network are competent and will behave honestly
    • the vendors that supply the QKD network components are competent and will behave honestly
    • adequate quality assurances and controls are in place to discover vulnerabilities or backdoors that might be present in the QKD devices
  • Scalability problems in 1stgeneration QKD networks:
    • The number of network repeaters tends to increase as the physical distance between the QKD clients increases.  This tendency results in more points where the confidentiality and integrity of sensitive data could be compromised.  
  • Security limitations in 1stgeneration QKD networks:
    • QKD networks may expose the initial pool of shared secrets to trusted couriers (administrators) who may then attack the system.  ICT Gozo Malta Member SLL has a solution to this problem. 
    • In many proposals, the connection between the QKD network access point and the user's computer on the local area network has no cryptographic protection.  This exposes any unencrypted communications to trivial attacks mounted from within the local area network.
    • QKD networks tend to focus on confidentiality and integrity between QKD nodes, without considering confidentiality and integrity of traffic flowing across the entire QKD network.  For example, in many cases there is no end-to-end authenticity and integrity assurances made between clients communicating over a QKDN provided by that QKDN deployment.   
Many of the above issues regarding trust and security apply equally to other cryptographic (and even non-cryptographic) systems.  We propose to exploit the well-known principles of defence-in-depth, layered security, separation of powers, and checks-and-balances to provide an additional layer of security designed to address most of the above issues.  Specifically we propose to generate 2nd generation QKD networks by leveraging and extending our global-scale IdM-CKM project

    ICT Gozo Malta Initiatives

    In May 2010, at the IEEE Key Management Summit, the CTO of Synaptic Laboratories made a presentation titled: "A survey and low-level comparison of symmetric key distribution techniques" that outlined many of the current known problems and limitations preventing the creation of global-sale Quantum Key Distribution Networks (watch the streaming video presentation).  

    At the same Key Management Summit, the CTO of Synaptic Laboratories made a presentation on the global-scale Identity Management and Cryptographic Key Management proposal (watch the streaming video presentation).  That presentation outlined methods for creating globally scalable symmetric-key distribution systems by distributing trust over a small number (3 to 7) of independently managed adhoc mesh networks that employ link-level encryption.  Specifically, our proposal addresses the trust, scalability and security limitations (listed above) that are found in all symmetric-key based mesh networks, including QKD networks.  The purpose of this project is to integrate existing 1st generation QKD networks into the global-scale IdM-CKM project to create 2nd generation QKD networks. 

    end faq

    Proposal

    Enabling the rapid up-take of QKD technologies in a global context

    The objective of this project is to create the world's first 2nd generation QKD network architecture that provides enhanced scalability, survivability and trustworthiness over current 1st generation QKD network architectures based on the standard trusted repeater model.  Most importantly, this project is intended to enable the shift from "privately managed, privately trusted" QKD networks to QKD networks that can be trusted and used by the general public. This project is intended to enable the automatic discovery and use of QKDN enclaves for all IdM-CKM users, specifically it should support any number of users roaming within a QKDN enclave, between any number of QKDN enclaves and ultimately to support creation of a regional and global-scale QKD networks.

    This project intends to deliver unprecedented confidentiality and integrity assurances with regard to communication, identification and authentication services for all stakeholders.  This project is designed to protect against a range of continuous and evolving insider and outsider attacks (i.e. malicious actors), in a way that is credible and can be audited.

    The project will employ high-speed, 2nd generation point-to-point QKD technologies created by by QuintessenceLabs. (Dec. 2010)

    This project will employ a layered, distributed, defense-in depth architecture that is intended to achieve (more-or-less perfect) information theoretic security against a very large number of attack vectors and gracefully reduce to robust post quantum security against most other remaining attacks.  To place this into perspective, the vast majority of standards-based Internet security deployments (2010) are merely classically secure.  That is to say, they are not information theoretically secure or post quantum secure, and as such are known to be at risk of complete and total security failure against certain quantum computer attacks anticipated in the mid-term future.   

    Achieving this vision

    We have taken a clean-slate approach to the design of classical and quantum key distribution network architectures and their employment in global-scale identity management and cryptographic key management systems.  (To be clear, we use COTS QKD components in our network architecture). 

    Central to realizing our vision of universal trustworthiness and dependability is the use of an innovative distributed and decentralized architecture that permits all client transactions to be distributed across several autonomously owned and managed service providers.  This distributed and decentralised architecture permits a range of multistakeholder trust issues to be resolved, specifically by ensuring that client transactions remain secure against the simultaneous compromise of (N-1) out of (N) participating service providers as a result of insider collusion, or outsider attacks.  

    In the core global-scale IdM-CKM project each of the service providers employ conventional/classical (symmetric key) cryptographic techniques for all their cryptographic security operations.  In this project, we implement 1 of the N IdM-CKM service providers using conventional/classical cryptographic techniques in combination with quantum key distribution techniques.  This approach permits us to take advantage of the improved communications security assurances of quantum communication technologies, while hedging against insider attacks or latent vulnerabilities by using the (N-1) other service providers. 

    In addition to the above core principle, we will employ the use of our TruSIP 4clouds platform to achieve unprecedented confidentiality, integrity, availability, reliability, safety and authenticity assurances for each service provider (and subsequently the clients of that service provider) against continuous and evolving insider and outsider attacks.

    We will achieve enhanced identity management and cryptographic key management services for all stakeholders:

    • using commercial off the shelf (COTS) hardware and operating systems, where each component is managed in a particular way; 
    • using commercial off the shelf Quantum Key Distribution hardware (possibly with updated firmware to support a small number of simple security functions); and
    • by enabling at risk standards-based security applications to be protected, without requiring modification, so existing systems will remain standards compliant and interoperable.

    Our unique-value-propositions

    The extension of the ICT Gozo Malta global-scale IdM-CKM model to employ QKD technologies and subsequently create the world's first 2nd generation QKD network architecture is a unique project that:

    • has been designed from the ground up to comprehensively address multi-stake holder trust issues
    • enables the shift from "privately managed, privately trusted" QKD networks to QKD networks that can be trusted and used by the general public
    • designed to enable the automatic discovery and use of QKDN enclaves for all IdM-CKM users:
      • specifically it will support any number of users roaming within a QKDN enclave, roaming between any number of QKDN enclaves and ultimately to support the creation of regional and global-scale QKD networks
    • employs an intrusion and malware resistant design:
      • offers unprecedented assurances for all stakeholders with regard to confidentiality, integrity and availability against broad classes of both insider and outsider attacks, even when an attack successfully compromises one component
      • outlines how to employ information theoretically secure techniques throughout the full key management life-cycle of the QKD network deployment, including the initial loading of pre-shared secrets, and defining the operational environment requirements for the QKD devices and those devices accessing sensitive data protected by the QKD network
      • delivers end-to-end, post quantum secure communications between devices in a way that protects against insider attacks or latent vulnerabilities of the QKD participants of the IdM-CKM platform
      • delivers end-to-end, information theoretically secure communications between devices in a way that protects against insider attacks or latent vulnerabilities within the classical participants of the IdM-CKM platform
    • employs the use of the TruSIP 4clouds platform to host all server side transactions. (The software on the QKD nodes may or may not use TC2P technologies) 
    • explicitly designed to use the world's fastest, 2nd generation QKD transceivers created by QuintessenceLabs (2010)
    • will ultimately support two devices caching of key material negotiated between them in an information-theoretically secure way so they can consume that key material when the two devices cannot establish a path over a QKD network. (e.g. one device has roamed to an Internet Cafe, and the other device is connected to their corporate QKDN enclave). 

    This project to add QKD support for our global-scale IdM-CKM project can be can be built using commercial-off-the-shelf hardware, operating systems and programming languages.

    Elements in the design

    • The project to add QKD support for our global-scale IdM-CKM project employs all the standard elements found in the IdM-CKM project.  This includes the use of the TruSIP 4clouds platform by the IdM-CKM service providers.  These two projects can be built using commercial-off-the-shelf hardware, operating systems and programming languages.
    • The project is explicitly designed to use the world's fastest, 2nd generation QKD transceivers created by QuintessenceLabs. (Dec 2010) 
    • The project is explicitly designed to support the optional use of Anagran's Internet Protocol routers. 

    Phase 1: Extending the IdM-CKM to support roaming access to QKD networks

    After completing Phase 1 of the IdM-CKM project, this project will extend the core IdM-CKM architecture to support roaming access to small QKD network enclaves.  

    In Phase 1 of the IdM-CKM Project the service provider nodes form a secure overlay network that has a maximum of 2 hops between clients.  The secure overlay network is loosely decoupled from the underlying network topology that it is hosted on. (The secure overlay network bears no structural similarity to the network it is hosted on). 

    In Phase 1 of adding QKD support to the IdM-CKM model, we adapt the existing service providers so they create a secure overlay network with a small (5 to 10) number of hops between clients.  In this context, the overlay network is mapped one-to-one with the underlying mesh network topology it is hosted on.  Each link of the underlying mesh network is protected using point-to-point QKD technologies.  The modified IdM-CKM service provider mesh nodes are tightly coupled with the one or more local QuintessenceLabs QKD transceivers to ensure messages are transmitted in an information theoretically secure way over the intended network path.

    Having created an overlay network backed by a QKD mesh, we then adapt the modified IdM-CKM service provider nodes so that they can be discovered by users on the local-area network at their respective site.  We then adapt the IdM-CKM clients so they can detect local QKD network enclaves, determine if the two devices can connect to each other over the same QKDN enclave, and to exchange key material over that common QKDN enclave. 

    Phase 2: Extending the benefits of QKD technologies to roaming users over the Internet

    Almost all IdM-CKM clients will employ the use of smart cards.  The smart cards have a modest amount of key non-volatile memory which can be used to store key material.  In phase 2 we will support the ability for two devices to exchange key material over the QKDN which is then stored in NVM memory so that it can be consumed when there is no path over a QKDN between devices. 

    Phase 3: Supporting enhanced access control to QKD networks

    Integrate the global-scale IdM-CKM functionality with either Anagran's Internet Router, or with QuintessenceLabs' QKD transceivers to enable conditional access control to the QKD network.

    Enhancing the scalability of QKD networks

    In phase 1 of this project (described above) we will implement a very simple mesh routing protocol suitable for use on mesh networks with a relatively small number of nodes (when compared to the Internet).  This simple routing protocol is suitable to accommodate the largest known QKD mesh networks today.  At any point in time we can implement one or more revisions of the routing service to support increasingly complex mesh network topologies. 

    List of Potential Collaborators (A-L)

    List of potential collaborators, in alphabetical order:

    Anagran (United States of America):  In environments that want to create a private QKDN enclave using Internet protocols, ICT Gozo Malta recommends the Anagran FR-1000 intelligent flow manager.   We anticipate our QKDN enhanced IdM-CKM proposal will take advantage of the superior Quality of Service (low-latency, low packet-loss, ...) functionality of the Anagran routers.

    Cloud Leverage (United States of America):  Cloud Leverage maintains a private Internet backbone which they use as part of their Cloud Acceleration platform to accelerate the delivery of web-services for their clients.   ICT Gozo Malta is actively exploring ways to integrate TruSIP 4clouds directly with the Cloud Acceleration and Cloud IPS/Firewall technologies provided by cloud leverage.  ICT Gozo Malta's classically secure IdM-CKM components running on TC2P will most likely take advantage of the cloud acceleration technologies offered by cloud leverage.  Furthermore, Cloud Leverage may have some interest in participating in the QKD enhanced IdM-CKM demonstration, or replicating the trial on their own infrastructure to evaluate the viability of high-speed QKD encryption to protect their backbone. 

    Cross-cut Consulting (Brazil):  ICT Gozo Malta is collaborating with cross-cut consulting, an organisation with Brazillian banking expertise, to help ensure the global-scale IdM-CKM proposal is aligned with the various requirements of the financial industry.   We anticipate the QKD enhanced IdM-CKM proposal may provide a unique value proposition in the banking and financial sector.

    GO plc (Malta, Europe):  ICT Gozo Malta plans to demonstrate the use of the QKD enhanced IdM-CKM proposal on the GO networks.

    Local ICT expertise in Gozo and Malta:  ICT Gozo Malta will be identifying various project management and software development steps that can be outsourced to local expert ICT individuals and organisations during the development of ICT Gozo Malta proposals.

    List of Potential Collaborators (M-Z)

    List of potential collaborators, in alphabetical order:

    QuintessenceLabs (Australia):  ICT Gozo Malta is in discussions with QuintessenceLabs about the use of their second generation QKD device (the QLE-1) for point-to-point link-level QKD encryption in our QKD enhanced IdM-CKM proposal.

    Secure Systems and Technologies (United Kingdom):  ICT Gozo Malta promotes the use of TEMPEST certified enclosures and devices in environments processing sensitive information to protect against a wide-range of side-channel attacks.  SST is a leading provider of this type of security equipment.

    SecureRF (United States of America):  offers a public key technology intended for use in constrained processing environments.  Their technology has captured the attention of General Electric (USA) and various U. S. military agencies.  ICT Gozo Malta is exploring the optional use of a variety of classically secure and candidate post quantum secure public key technologies as part of the layered defenses of the IdM-CKM proposal.  The ICT Gozo Malta IdM-CKM proposal will be designed to support the optional use of SecureRF in our model.

    Sonalysts (United States of America):  are actively developing behavioral network security technologies.   ICT Gozo Malta member Synaptic Laboratories is collaborating with Sonalysts on a layered trust model that synergistically combines identification of objects (IdM-CKM) with network behavioral analysis (Guardian Services).  ICT Gozo Malta and Sonalysts are actively exploring ways of integrating our projects as they are being developed. 

    end faq

    Recent News!

    Prev Next

    ICT Gozo Malta Project wins National Ent…

    26 Apr 2012

    ICT Gozo Malta Project wins National Enterprise Award

    The ICT Gozo Project co-founded by The Gozo Business Chamber and Synaptic Laboratories Ltd were joint winners of a 20,000 Euro prize in the National Enterprise Support Awards 2011, an event sponsored by Government of Malta and the European Commission,...

    Read more

    Synaptic Laboratories Ltd. to represent …

    26 Apr 2012

    Synaptic Laboratories Ltd. to represent ICT Gozo Malta Project, and also to present at, the Dubrovnik Nuclear Threats and Security Conference 2012

    The activities of the ICT Gozo Malta Project and Synaptic Laboratories continue to draw international attention, resulting in invitations to provide expert speakers at leading scientific events.  Recently Synaptic Laboratories Ltd., as ICT GM co-founders and project designers, were contacted by...

    Read more

    Cyber Security and Awareness Seminar

    28 Nov 2011

    Cyber Security and Awareness Seminar

    On the 23rd November 2011 we held a unique Cyber Security and Awareness Seminar, targeted to all groups and held at MITA’s offices, who also sponsored the event.  Entrence was free with complimentary refreshments.  The seminar was organised by ICT Gozo Malta...

    Read more

    News:Cyber Security Seminar

    16 Nov 2011

    News:Cyber Security Seminar

    Cyber Security Seminar ICT Gozo Malta and BCS Malta to organize International Cyber Security Seminar with bi-directional links to Brazil’s Annual Security Leaders Congress and world leading security experts. An International Cyber Security Seminar will be held at MITA’s Offices on Wednesday...

    Read more

    News: Participation in Brasil Security L…

    04 Nov 2011

    News: Participation in Brasil Security Leaders Congress

    Synaptic Laboratories' Chief Technical Officer Benjamin Gittins has been invited to participate in the Annual Brasil Security Leaders Congress on the 23 Nov. 2011.  This 2 day Congress is attended by some 300 CEO/CIO/CTO level executives from public and industry...

    Read more

    News: Gozo may have it's own Silicon Val…

    27 Oct 2011

    News: Gozo may have it's own Silicon Valley

    Just the moment you start reading this article, a new technology has been invented, produced, tested or used. Technologies took over the way we communicate, think, travel or learn and it has infiltrated  human lives in a manner that no...

    Read more

    News: ICT Gozo Malta Launch

    12 Aug 2011

    News: ICT Gozo Malta Launch

     Official launch of ICT Gozo Malta Project Click on image to view Launch videosWe are pleased to announce that on 5th AUGUST  2011, the ICT Gozo Malta Project was formally launched by the Hon. Giovanna Debono, Minister for Gozo. Speakers also...

    Read more

    News: Government Funding for Project

    25 Apr 2011

    News: Government Funding for Project

    The Government of Malta has provided funding, through the Eco-Gozo initiative, to launch Phase 1 of the ICT Gozo Malta Project. Contract Signing Ceremony   with the Honourable Giovanna Debono, Minister for Gozo. 

    Read more

    News: Malta Chamber participation

    04 Mar 2011

    News: Malta Chamber participation

    The Malta Chamber of Commerce, Enterprise and Industry have added their weight and support to this project, recently confirming their participation and collaboration.

    Read more

    News: Malta Enterprise support initiativ…

    24 Feb 2011

    News: Malta Enterprise support initiative

    Malta Enterprise express support for the ICT Cluster initiative in Gozo.  Tasked with assisting networks to develop further into business clusters, Malta Enterprise supports this initiative

    Read more

    News: MITA participation and support

    20 Jan 2011

    News: MITA participation and support

    The Government's Malta Information Technology Agency (MITA) recently expressed clear support for the ICT Gozo Malta project confirming their participation in the project to identify common goals and potential areas of collaboration.

    Read more

    News: Brazilian Banking Expertise

    22 Nov 2010

    News: Brazilian Banking Expertise

    Brazilian banking security expert Professor Fabian Martins will assist ICT Gozo Malta to develop its members global cyber security solution suited to the credit card market.

    Read more
    GBC1 SLL-Logo_150  A Collaborative Project co founded by
    The Gozo Business Chamber and
    Synaptic Laboratories Ltd

    Eco Gozo Logo

    Eco-Gozo – a Better Gozo Action Plan 2010 – 2012
    Project part-financed by the Government of Malta - Ministry for Gozo
    www.eco-gozo.com

    feedback
    feedback
    feedback