OSA's Digital Library

Optics Express

Optics Express

  • Editor: C. Martijn de Sterke
  • Vol. 19, Iss. 11 — May. 23, 2011
  • pp: 10387–10409
« Show journal navigation

Field test of quantum key distribution in the Tokyo QKD Network

M. Sasaki, M. Fujiwara, H. Ishizuka, W. Klaus, K. Wakui, M. Takeoka, S. Miki, T. Yamashita, Z. Wang, A. Tanaka, K. Yoshino, Y. Nambu, S. Takahashi, A. Tajima, A. Tomita, T. Domeki, T. Hasegawa, Y. Sakai, H. Kobayashi, T. Asai, K. Shimizu, T. Tokura, T. Tsurumaru, M. Matsui, T. Honjo, K. Tamaki, H. Takesue, Y. Tokura, J. F. Dynes, A. R. Dixon, A. W. Sharpe, Z. L. Yuan, A. J. Shields, S. Uchikoga, M. Legré, S. Robyr, P. Trinkler, L. Monat, J.-B. Page, G. Ribordy, A. Poppe, A. Allacher, O. Maurhart, T. Länger, M. Peev, and A. Zeilinger  »View Author Affiliations


Optics Express, Vol. 19, Issue 11, pp. 10387-10409 (2011)
http://dx.doi.org/10.1364/OE.19.010387


View Full Text Article

Acrobat PDF (2295 KB)





Browse Journals / Lookup Meetings

Browse by Journal and Year


   


Lookup Conference Papers

Close Browse Journals / Lookup Meetings

Article Tools

Share
Citations

Abstract

A secure communication network with quantum key distribution in a metropolitan area is reported. Six different QKD systems are integrated into a mesh-type network. GHz-clocked QKD links enable us to demonstrate the world-first secure TV conferencing over a distance of 45km. The network includes a commercial QKD product for long-term stable operation, and application interface to secure mobile phones. Detection of an eavesdropper, rerouting into a secure path, and key relay via trusted nodes are demonstrated in this network.

© 2011 OSA

1. Introduction

Among all the methods of encryption ever devised, only one has been proven to be information-theoretically secure, i.e. secure against an eavesdropper who has unbounded ability. It is the one-time pad (OTP). The key should be used only once and be as long as the message to be sent. The efficient distribution of such long keys remains an issue. Quantum key distribution (QKD) provides a means to deliver key material for OTP over an optical network. Experimental demonstrations and development of QKD were carried out by many research institutes in the 1990s. In the 2000s QKD systems were transferred from the controlled environment of laboratories into a real-world environment for practical use [1

1. N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, “Quantum cryptography,” Rev. Mod. Phys. 74(1), 145–195 (2002). [CrossRef]

]. Progress has also been made in theory, not only developing new tools to prove protocols themselves but also analyzing the security of practical QKD systems [2

2. V. Scarani, H. Bechmann-Pasquinucci, N. J. Cerf, M. Dušek, N. N. Lütkenhaus, and M. Peev, “The security of practical quantum key distribution,” Rev. Mod. Phys. 81(3), 1301–1350 (2009). [CrossRef]

,3

3. D. Gottesman, H.-K. Lo, N. Lütkenhaus, and J. Preskill, “Security of quantum key distribution with imperfect devices,” Quantum Inf. Comput. 5, 325–360 (2004).

]. The commercialization of QKD has also been successful [4

4. I. D. Quantique, http://www.idquantique.com/

6

6. QuintessenceLabs Pty Ltd, http://www.quintessencelabs.com/

].

In the past decade, multi-user QKD networks have been extensively investigated in field environments. The DARPA Quantum Network, as part of a project supported by the US Defense Advanced Research Projects Agency (DARPA), pioneered the deployment of QKD in a field network [7

7. C. Elliott, A. Colvin, D. Pearson, O. Pikalo, J. Schlafer, and H. Yeh, “Current status of the DARPA Quantum Network,” in Quantum Information and Computation III, E. J. Donkor, A. R. Pirich, and H. E. Brandt, eds., Proc. SPIE 5815, 138–149 (2005); arXiv:quant-ph/0503058v2.

]. The network consists of 10 nodes linked together through an actively switched optical network. The European FP6 project Secure Communication using Quantum Cryptography (SECOQC) integrated a number of different QKD systems into one quantum backbone (QBB) network, developing a cross-platform interface [8

8. M. Peev, C. Pacher, R. Alléaume, C. Barreiro, J. Bouda, W. Boxleitner, T. Debuisschert, E. Diamanti, M. Dianati, J. F. Dynes, S. Fasel, S. Fossier, M. Fürst, J.-D. Gautier, O. Gay, N. Gisin, P. Grangier, A. Happe, Y. Hasani, M. Hentschel, H. Hübel, G. Humer, T. Länger, M. Legré, R. Lieger, J. Lodewyck, T. Lorünser, N. Lütkenhaus, A. Marhold, T. Matyus, O. Maurhart, L. Monat, S. Nauerth, J.-B. Page, A. Poppe, E. Querasser, G. Ribordy, S. Robyr, L. Salvail, A. W. Sharpe, A. J. Shields, D. Stucki, M. Suda, C. Tamas, T. Themel, R. T. Thew, Y. Thoma, A. Treiber, P. Trinkler, R. Tualle-Brouri, F. Vannel, N. Walenta, H. Weier, H. Weinfurter, I. Wimberger, Z. L. Yuan, H. Zbinden, and A. Zeilinger, “The SECOQC quantum key distribution network in Vienna,” N. J. Phys. 11(7), 075001 (2009). [CrossRef]

]. From the SECOQC project, the European Telecommunications Standards Institute (ETSI) industry specification group for QKD (ISG-QKD) was launched to offer a forum for creating universally accepted QKD standards [9

9. T. Länger and G. Lenhart, “Standardization of quantum key distribution and the ETSI standardization initiative ISG-QKD,” N. J. Phys. 11(5), 055051 (2009). [CrossRef]

]. Long-term QKD operation also has been tested in a field environment, such as the Swiss Quantum network in Geneva [10

10. SWISS QUANTUM, http://www.swissquantum.com/

] the Durban network in South Africa developed by the Durban–Quantum City project [11

11. A. Mirza and F. Petruccione, “Realizing long-term quantum cryptography,” J. Opt. Soc. Am. B 27(6), A185–A188 (2010). [CrossRef]

] and the Cambridge Network [12

12. Z. L. Yuan and A. J. Shields, “Continuous operation of a one-way quantum key distribution system over installed telecom fibre,” Opt. Express 13(2), 660–665 (2005). [CrossRef] [PubMed]

]. Transparent network implementations of QKD have been demonstrated, such as a dynamically reconfigurable network in a testbed of the Advanced Technology Demonstration Network (ATDNet) in the Washington D.C. area by Telcordia Technologies [13

13. T. E. Chapuran, P. Toliver, N. A. Peters, J. Jackel, M. S. Goodman, R. J. Runser, S. R. McNown, N. Dallmann, R. J. Hughes, K. P. McCabe, J. E. Nordholt, C. G. Peterson, K. T. Tyagi, L. Mercer, and H. Dardy, “Optical networking for quantum key distribution and quantum communications,” N. J. Phys. 11(10), 105001 (2009). [CrossRef]

], a passive optical network consisting of core ring and access network in Madrid by Universidad Politécnica de Madrid and Telefónica Investigación y Desarrollo [14

14. D. Lancho, J. Martinez-Mateo, D. Elkouss, M. Soto, and V. Martin, “QKD in standard optical telecommunications networks,” Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, Vol. 36, pp. 142–149: arXiv:1006.1858 [quant-ph] (2010).

], a hierarchical network consisting of a 5-node wavelength division multiplexing (WDM) quantum backbone and subnets connected by trusted nodes, in Wuhu, Anhui, by one group from the University of Science and Technology of China [15

15. S. Wang, W. Chen, Z.-Q. Yin, Y. Zhang, T. Zhang, H.-W. Li, F.-X. Xu, Z. Zhou, Y. Yang, D.-J. Huang, L.-J. Zhang, F.-Y. Li, D. Liu, Y.-G. Wang, G.-C. Guo, and Z.-F. Han, “Field test of wavelength-saving quantum key distribution network,” Opt. Lett. 35(14), 2454–2456 (2010). [CrossRef] [PubMed]

], and an all-pass optical switching network in Hefei, Anhui, by another group from the same university [16

16. T.-Y. Chen, J. Wang, H. Liang, W.-Y. Liu, Y. Liu, X. Jiang, Y. Wang, X. Wan, W.-Q. Cai, L. Ju, L.-K. Chen, L.-J. Wang, Y. Gao, K. Chen, C.-Z. Peng, Z.-B. Chen, and J.-W. Pan, “Metropolitan all-pass and inter-city quantum communication network,” arXiv:1008.1508v2 [quant-ph] (2010).

].

2. Outline of the Tokyo QKD Network

3. QKD systems used in the Tokyo QKD Network

The performance of QKD has been much improved in recent years owing to the progress in state-of-art technologies, such as novel photon detectors operating at higher speed with lower noise and faster electronics. In the Tokyo QKD Network, high speed QKD systems developed by NEC-NICT and TREL have enabled real-time secure video conferencing in a metropolitan area. The DPS-QKD system developed by NTT allows for real-time long-distance secure voice communication. Mitsubishi combined its QKD system with an application for secure telephony over smartphones. A reliable and highly stable commercial system was demonstrated by IDQ. Finally, All Vienna contributed with an impressive next-generation QKD system using quantum entanglement.

3.1 NEC-NICT system

NEC and NICT developed a one-way decoy-state BB84 system, aiming at fast QKD for metropolitan-scale distances, which can realize OTP encryption of video data. The system is designed for a multi-channel QKD scheme with wavelength division multiplexing (WDM). Each channel is operated at a clock rate of 1.25 GHz. A block diagram of the QKD system is depicted in Fig. 4
Fig. 4 Block diagram of NEC’s QKD system. Sync.: Synchronization, Cont.: Controller, Rnd.: Random Number, Dist.: Distillation, IA: Intel Architecture.
. The upper part shows the optical transmission block and the lower part represents the key distillation block, where a dedicated hardware engine is used for the key distillation process. The hardware engine has a large memory, large-size field programmable gate arrays (FPGAs), and high speed in/out interfaces, which can potentially handle up to 8 WDM channels, i.e. for a processing speed of up to 10Gbps.

Figure 5
Fig. 5 Photon transmission schematics of the NEC-NICT system. AMZI: Asymmetrical Mach-Zehnder Interferometer, PLC: Planar Lightwave Circuit, DML: Directly Modulated Laser, IM/PM: Intensity Modulation/Phase Modulation, CLK: Clock, RNG: Random Number Generator, MZM: Mach-Zehnder Modulator, IM: Intensity Modulation, PM: Phase Modulation, ATT: Attenuator, NBF: Narrow Bandpass Filter, PLL: Phase Locked Loop, SSPD: Superconducting Single Photon Detector.
shows the photon transmission setup of the NEC-NICT QKD system. In the transmitter, a laser diode produces 1550 nm photon pulses with 100 ps width at a repetition rate of 1.25 GHz. A 2-by-2 asymmetric Mach-Zehnder interferometer (AMZI) made of a polarization free planar-lightwave-circuit (PLC) splits these pulses into pairs of double pulses with a 400 ps delay. A dual-drive Mach-Zehnder modulator produces four quantum states in the time-bin encoding, according to pseudorandom numbers provided by a controller. (In future, true random numbers should be used. An interface for ultra-fast true random number generators has already been equipped in the system.) The quantum signal is combined with the clock and frame synchronization signals by a WDM coupler, and these multiplexed signals are transmitted through the same fiber for precise and automatic synchronization [25

25. A. Tanaka, M. Fujiwara, S. W. Nam, Y. Nambu, S. Takahashi, W. Maeda, K. Yoshino, S. Miki, B. Baek, Z. Wang, A. Tajima, M. Sasaki, and A. Tomita, “Ultra fast quantum key distribution over a 97 km installed telecom fiber with wavelength division multiplexing clock synchronization,” Opt. Express 16(15), 11354–11360 (2008). [CrossRef] [PubMed]

]. The crosstalk between quantum and classical channels in the same fiber is suppressed by appropriate wavelength allocation and placing narrow bandpass filter at the receiver.

In the receiver, the quantum and the synchronization signals are divided by a WDM filter. The quantum signal is discriminated by a 2-by-4 asymmetric and totally passive PLC-MZI, and is then detected by a four-channel SSPD, which is free from the afterpulse effect and complex gate timing control. The detection efficiency and the dark count rate of the SSPD itself are about 15% and 100 cps, respectively [26

26. S. Miki, T. Yamashita, M. Fujiwara, M. Sasaki, and Z. Wang, “Multichannel SNSPD system with high detection efficiency at telecommunication wavelength,” Opt. Lett. 35(13), 2133–2135 (2010). [CrossRef] [PubMed]

]. When it is combined with the QKD system, however, the total detection efficiency reduces to about 7%, and the noise count rate increases to 500 cps due to stray light. The reduction of the total detection efficiency is due to that the active time window imposed on the time-bin signal cannot cover the whole pulse spreading after the fiber transmission. The active time window can assures the simultaneous photon detection for all the SSPDs, enhancing the uniformity of the detection efficiency of each detector.

The key distillation engine performs frame synchronization, sifting, random permutation (RP), error correction (EC) and privacy amplification (PA). The sifted key is processed in block units of 1 Mbit, and RP, EC and PA are executed in real time, within 200 ms, at this block size. Low density parity check code with 1 Mbit code length is implemented for EC. The coding rate can be adjusted at an appropriate value depending on the quantum bit error rate (QBER), such as 0.75, 0.65, or 0.55 for QBER <3.5%, 5.5%, or 7.5%. This means that PA after EC is performed with a modified Toeplitz matrix [27

27. S. Obana and A. Tanaka, “General purpose hash function family computer and shared key creating system,” Patent WO/2007/034685 (March 29, 2007).

] of a block size of 750 kbit, 650 kbit, or 550 kbit.

Figure 6
Fig. 6 (a) Measured quantum bit error rate, and (b) sifted and secure (final) key rates.
shows the temporal fluctuation of the measured QBER and the sifted and final key rates after 45 km transmission (14.5 dB channel loss), where a single channel out of 8 channels was working with the SSPD. The decoy method [19

19. W.-Y. Hwang, “Quantum key distribution with high loss: toward global secure communication,” Phys. Rev. Lett. 91(5), 057901 (2003). [CrossRef] [PubMed]

21

21. X.-B. Wang, “Beating the photon-number-splitting attack in practical quantum cryptography,” Phys. Rev. Lett. 94(23), 230503 (2005). [CrossRef] [PubMed]

] was realized with three kinds of pulses: signal, decoy, and vacuum [21

21. X.-B. Wang, “Beating the photon-number-splitting attack in practical quantum cryptography,” Phys. Rev. Lett. 94(23), 230503 (2005). [CrossRef] [PubMed]

,28

28. X. Ma, B. Qi, Y. Zhao, and H.-K. Lo, “Practical decoy state for quantum key distribution,” Phys. Rev. A 72(1), 012326 (2005). [CrossRef]

,29

29. Y. Zhao, B. Qi, X. Ma, H.-K. Lo, and L. Qian, “Experimental quantum key distribution with decoy states,” Phys. Rev. Lett. 96(7), 070502 (2006). [CrossRef] [PubMed]

]. The averaged photon numbers of signal and decoy pulse were 0.5 and 0.2 photons/pulse, respectively. The averaged QBER was 2.7% and the averaged sifted key rate was 268.9 kbps. The processing time of EC and PA at this error rate were confirmed as 170 ms and 95 ms, respectively. NEC estimated the leaked information by applying the decoy state method analysis [30

30. M. Hayashi, “Upper bounds of eavesdropper’s performances in finite-length code with the decoy method,” Phys. Rev. A 76(1), 012329 (2007). [CrossRef]

,31

31. M. Hayashi, “General theory for decoy-state quantum key distribution with an arbitrary number of intensities,” N. J. Phys. 9(8), 284 (2007). [CrossRef]

] with an asymptotical estimation, resulting in the averaged final secure key rate of 81.7 kbps.

3.2 TREL system

The TREL system is based on a one-way, GHz clocked decoy-state BB84 scheme [32

32. A. R. Dixon, Z. L. Yuan, J. F. Dynes, A. W. Sharpe, and A. J. Shields, “Continuous operation of high bit rate quantum key distribution,” Appl. Phys. Lett. 96(16), 161102 (2010). [CrossRef]

]. Figure 7
Fig. 7 Schematic of the Toshiba GHz QKD system. IM = intensity modulator; PM = phase modulator; A: attenuator, M: intensity monitor, EPC: electronic polarization controller, FS: fiber stretcher, D: SD-APD detector, AMZI: asymmetric Mach-Zehnder interferometer.
outlines the system. Inside the transmitter (Alice), a distributed feedback laser (DFB) pulsed at 1 GHz produces 1550 nm photon pulses with a 50 ps width. An intensity modulator creates three different pulse intensities for the decoy scheme; signal pulses of 0.5 photons/pulse sent with almost 99% probability, and two different decoy pulses of 0.1 and 0.0007 photons/pulse sent with less than 1% probabilities. The information is encoded on the photon’s phase using an AMZI, with a phase modulator located in one arm.

In the receiver (Bob), the photons pass through an electronic polarization controller (EPC), to correct for any polarization drift in the fiber, and then Bob's interferometer. One arm contains a phase modulator for phase decoding while the other arm contains a fiber stretcher which compensates drift in the fiber length. The photons are detected by electrically cooled (−30°C) InGaAs APDs in self-differencing (SD) mode [33

33. Z. L. Yuan, B. E. Kardynal, A. W. Sharpe, and A. J. Shields, “High speed single photon detection in the near infrared,” Appl. Phys. Lett. 91(4), 041114 (2007). [CrossRef]

,34

34. A. R. Dixon, Z. L. Yuan, J. F. Dynes, A. W. Sharpe, and A. J. Shields, “Gigahertz decoy quantum key distribution with 1 Mbit/s secure key rate,” Opt. Express 16(23), 18790–18797 (2008). [CrossRef]

] at 1 GHz, with a detection efficiency of ~19% and a dark count rate of approximately 10 kHz. Afterpulse noise is the dominant contribution to the QBER which averages around 3.8%, but is strongly suppressed by the self-differencing technique.

The detector count rates are used as a feedback signal to adjust the delay position of the detector gate as well as the polarization controller state [35

35. Z. L. Yuan, B. E. Kardynal, A. W. Sharpe, and A. J. Shields, “High speed single photon detection in the near infrared,” Appl. Phys. Lett. 91(4), 041114 (2007). [CrossRef]

]. The fiber stretcher is controlled by using the QBER as a feedback signal. This kind of active stabilization scheme is crucial to minimize the effect of secure key rate reduction due to the finite key size.

The sending and receiving QKD units are kept in synchronicity by a 1550nm clock laser that is multiplexed on the classical communication channel. Both this data (classical) fiber and quantum fiber run together in the same fiber bundle. This is advantageous as fluctuations in the ambient weather conditions results in temperature drifts and vibrations affecting both fibers in a similar manner. Consequently, the relative temporal drift between Alice and Bob is quite slow, i.e. tens of minutes.

We note that gated single photon detectors are particularly advantageous for QKD over noisy fibers. The detectors’ active temporal width is only 100 ps and coupled with gated operation most of the stray photons in the fiber are rejected. Hence it was not necessary to use a band pass filter at Bob. Additionally a fiber Bragg grating at Alice ensured the temporal width of the quantum signals was recovered at Bob’s detectors.

Sifting, EC and PA communications are wavelength multiplexed with the clock fiber, thus avoiding latency problems associated with the local area network. EC and PA are performed using multi-threaded applications on two multi-core processors located at Alice and Bob. Each EC thread works on a 1Mbit bit sequence using the cascade algorithm [36

36. G. Brassard and L. Salvail, “Secret-key reconciliation by public discussion,” Lect. Notes Comput. Sci. 765, 410–423 (1994). [CrossRef]

], while the block size for PA was several hundred kilobits using a Toeplitz matrix approach. Tests using 4-core processors reveal EC speeds in excess of 5.5 Mbps. These speeds are adequate for GHz QKD systems with channel loss exceeding 10dB.

3.3 NTT-NICT system

In the receiver, the 1 GHz pulse stream is input to a PLC-MZI. The output ports of MZI are connected to SSPDs whose detection efficiencies and dark count rates are about 15% and about 100 cps, respectively. The detected signals are input into a time interval analyzer (TIA) via a logic gate to record the photon detection events. The optical synchronization pulses are first amplified by an EDFA, then received by a photo detector (PD), and finally are used as a reference time in the TIA.

The detection events from the TIA are sent to Bob’s server via the TIA server. Bob’s server generates his sifted key and sends the time information to Alice’s server, through an Ethernet connection. Alice’s server generates her key with the phase modulation information obtained from the DRAM on the FPGA board through the gigabit Ethernet interface, and the time information from Bob’s server. Both servers send 10% of their keys to a monitor server, which estimates the key generation rate and QBERs. The remaining 90% are sent to the key distillation engine developed by NEC, which performs error correction and privacy amplification to distill the secure keys in the same way as in the NEC-NICT system.

First, we checked the stability of the sifted key generation. Figure 10(a)
Fig. 10 Experimental results of (a) sifted key generation and (b) secure key generation rates.
shows the experimental results. Ultra stable sifted key generation for more than 8 days was demonstrated. The spike-like degradation of QBER was caused by the eavesdropping demonstration during the UQCC2010 conference [40

40. The third international conference on Updating Quantum Cryptography and Communications (UQCC2010), http://www.uqcc2010.org/

]. Sifted key generation rate and QBER were about 18 kbps and 2.2% on average, respectively. Next, we performed secure key generation experiment combining with the key distillation engine. Figure 10(b) shows the experimental results. A stable operation for about 4 hours was demonstrated. Secure key generation rate was about 2.1 kbps on average. The distilled secure keys are secure against general individual attack. The sifted key generation rate and QBER were about 15 kbps and 2.3% on average, respectively. This allows for OTP encryption of voice data in real time, even over a distance of 90 km.

3.4 Mitsubishi system

The use of PLCs and polarization controllers results in a highly stable system. Time synchronization was done by classical signals through a second optical fiber. In this field test, the polarization property of the channel was relatively stable. In the transmission line with the largest polarization fluctuations such as aerial fibers, the QKD bit rate was stabilized by monitoring the high-intensity classical light with our WDM/DEMUX modules and by compensating the polarization of the quantum signal with our polarization compensation module. The DWDM DEMUX module was also designed for providing channel isolation between the two signals of more than 80dB.

The system uses light pulses with four different intensity levels (signal: 0.63 photons per pulse; decoy: 0.3, 0.1 and vacuum). It consists of PLCs with polarization stabilizers and commercial APDs with a detection efficiency of 3% and a dark count probability of 6x10−6. InGaAs/InP APDs are cooled down to −40°C, using Peltier modules. Single photon detectors were realized with both sinusoidal wave gating and a self-differencing circuit.

Fast key distillation is realized with standard PCs only in software implementation, using the improved algorithm for privacy amplification. For error correction, the low density parity check (LDPC) code is adopted to achieve a performance approaching Shannon’s limit. For privacy amplification, the calculation time is reduced from O(n 2) to O(nlog(n)) for the block size n by using the fast Fourier transform algorithm for multiplying the Toeplitz matrix and a reconciled key. The reduction amounts to 4 orders of magnitudes for n = 106, which is currently known to be the minimum block size to eliminate the finite size effect in distilling the secure key. The secure key rate was 2 kbps and the QBER is about 4.5%. We confirmed the stability of the key generation. Figure 12
Fig. 12 Measured quantum bit error rate (QBER), and sifted and final key rates over a duration of about three days.
shows the experimental results of continuous operation. Stable key generation for about 3 days was demonstrated.

We also developed an OTP smartphone using QKD, whose photo and diagram are shown in Fig. 13
Fig. 13 Schematic diagram of the QKD system with one-time pad smartphones.
. It provides end-to-end encryption of voice data between smartphones. A secure key is downloaded from the accompanying QKD devices to the smartphone. Voice data is encoded with a rate of 1 kB per second, which requires approximately 1.2 MB for a 10 min bidirectional talk. With a 2 GB Secure Digital (SD) card, continuous conversation for 10 days by OTP encryption can be supported with a single downloading. Once a key has been used for encryption, it is immediately eliminated from any memory inside the smartphone.

3.5. IDQ system

In terms of QBER, the value goes from 4% down to approximately 2% after the addition of the filter. Crosstalk noise can impose a strong limitation on the performance of QKD if it is not mitigated by spectral filtering. The sifted key rate was about 1.5kbps and PA was done by Toeplitz matrices with an input bit-string size of about 500 kbit.

3.6 All-Vienna system

The All-Vienna team operated the entanglement based QKD employing the BBM92 protocol [23

23. C. H. Bennett, G. Brassard, and N. D. Mermin, “Quantum cryptography without Bell’s theorem,” Phys. Rev. Lett. 68(5), 557–559 (1992). [CrossRef] [PubMed]

] between nodes Koganei-2 and Koganei-3 over a distance of approx. 1 km. In this scheme the state is not actively prepared by modulators (as in the case of BB84, decoy states QKD or other “prepare-and-measure” schemes), but rather an entangled state is measured by passive polarization analyzers situated in the spatially separated devices of Alice and Bob as shown in Fig. 16
Fig. 16 Block scheme of a polarization entanglement based QKD setup.
(see also [41

41. A. Treiber, A. Poppe, M. Hentschel, D. Ferrini, T. Lorünser, E. Querasser, T. Matyus, H. Hübel, and A. Zeilinger, “A fully automated entanglement-based quantum cryptography system for telecom fiber networks,” N. J. Phys. 11(4), 045013 (2009). [CrossRef]

]). Thereby quantum correlations are transferred into secrets. A significant advantage of this setup over non-entanglement schemes is the robustness against certain side-channel attacks. A particular example is the case of an accidental increase in fluctuation of the laser power causing a change in the photon statistics, which typically remains unknown to Alice and Bob in a prepare-and-measure scheme. In the presented setup an increased pair generation rate causes more double clicks at Alice, which after appropriate “squashing” procedures are translated into an increased QBER and key rate reduction, but does not lead to security leaks. Further, a direct control of the detectors by the adversary is disallowed by monitoring the incident power down to microwatts, which prevents blinding the detectors remotely. Moreover, to prevent leakage of timing information, individual delay and timing modules have been installed at Alice and Bob.

The entanglement source at Alice produces two photons of different wavelengths (810 nm and 1550 nm) by spontaneous parametric down-conversion in a ppKTP crystal set. The 810 nm photon is measured by Alice in a passive polarization analyzer (one 50/50 beam splitter and two polarizing beam splitters) and detected by four Si-APDs (avalanche photo diodes). The 1550 nm photon of the pair travels down the quantum channel with low transmission losses and is registered by Bob using a fiber based passive polarization analyzer with four InGaAs-APDs for detection. Trigger pulses (1610 nm) are generated at Alice and multiplexed on the quantum channel to gate the InGaAs-APDs at Bob.

The measurement results at Alice and Bob are further processed by an FPGA and an embedded PC (per device), delivering secure key over predefined interfaces. Additional FPGA electronics controls the source stabilization module at Alice and, together with a polarimeter, the polarization control module at Bob. To compensate the unavoidable polarization drift of fibers, 1550 nm classical light pulses in horizontal and diagonal polarization are launched through the optical path routinely every 10 minutes or on demand to counteract high QBER. Polarization drifts along the fiber are detected and compensated at the receiver by a sophisticated polarization control algorithm. The system is also equipped with a relatively slow but very efficient state alignment mechanism which ensures robustness against strong temperature changes of the environment of Alice and Bob or temporal loss of fiber connectivity. The resulting errors are detected and normal functionality is restored. The system was miniaturized to fit in a 19 inch square box, including detectors, electronics and feedback systems to control the operation.

The software of the All Vienna Prototype deployed in the Tokyo QKD Network has been upgraded significantly since the version used in the SECOQC Entangled System [41

41. A. Treiber, A. Poppe, M. Hentschel, D. Ferrini, T. Lorünser, E. Querasser, T. Matyus, H. Hübel, and A. Zeilinger, “A fully automated entanglement-based quantum cryptography system for telecom fiber networks,” N. J. Phys. 11(4), 045013 (2009). [CrossRef]

]. Further modularization allows the QKD system to seamlessly operate within either a SECOQC-style network or the Tokyo QKD Network setup without changes to the underlying QKD process. The source of random numbers used by the system is now configurable and uses by default a quantum number generator from IQOQI.

Figure 17
Fig. 17 Key rate, QBER and polarization stability during 12 hours of operation in the Tokyo prototype.
represents a typical overnight measurement to demonstrate the stability of the system with artificially increased loss over additionally available deployed fiber loops and a short fiber spool in the lab of the Tokyo prototype. We have deliberately chosen to show here a partly misaligned state of the source in the early stages of the operation. In result we get an increase of the relative share of dark counts and high error rate of 5% to 7%. Correspondingly the average sifted bit rate is 0.93 kbps and the secure key rate is low being around 0.25 kbps as compared to the SECOQC performance of the system producing secure key at a rate of 2 to 3 kbps [41

41. A. Treiber, A. Poppe, M. Hentschel, D. Ferrini, T. Lorünser, E. Querasser, T. Matyus, H. Hübel, and A. Zeilinger, “A fully automated entanglement-based quantum cryptography system for telecom fiber networks,” N. J. Phys. 11(4), 045013 (2009). [CrossRef]

]. However the graph serves well to illustrate the stability of the system. Temperature change of the environment can compromise polarization stability of the arms of Bob’s BB84 module leading to a slow decrease of the secure key rate.

4. Demonstration of secure network operation

A key relay was also tested and operated successfully not only for the above secure video streaming but also in testing various relay routes including nodes Koganei-3 and Hongo with the teams of All Vienna and IDQ.

5. Conclusions and future outlook

The near-term use case is likely to be high-end security applications that have been relying up to now on trusted couriers for key exchange. To become a practical solution long-term reliability of QKD needs to be guaranteed. This includes not only stable operation but also security assurance over a long span of time.

Many QKD protocols, such as the one-way BB84 protocol, have been proven to be unconditionally secure, which means the protocol, which is based on mathematical device model assumptions, cannot be ‘cracked’ as long as the laws of physics remain true. On the other hand real world implementations have unavoidable imperfections and will therefore be susceptible to side-channel attacks. The actual security level also depends on what kind of random numbers and key distillation method are used. To guarantee the security of real world implementations it is important to characterize and define the underlying assumptions. In future works, at least, true random number should be used as well as key distillation in a unit of large enough block size to eliminate finite size effect. The maximum block size in the Tokyo QKD Network was 750kbits of the NEC-NICT system, but this size may need to be longer. Furthermore, possible side channels should be investigated and appropriate countermeasures devised [43

43. A. Vakhitov, V. Makarov, and D.-R. Hjelme, “Large pulse attack as a method of conventional optical eavesdropping in quantum cryptography,” J. Mod. Opt. 48(13), 2023–2038 (2001).

54

54. F. Xu, B. Qi, and H.-K. Lo, “Experimental demonstration of phase-remapping attack in a practical quantum key distribution system,” N. J. Phys. 12(11), 113026 (2010). [CrossRef]

]. In this regard, test runs of the Tokyo QKD Network need to be continued to discover and characterize the implementation loopholes and incorporate appropriate countermeasures. Sharing information on such activities with various QKD network testbeds around the world will establish a common denominator for standardizing QKD in the context of security certification. A strong QKD network should incorporate active stabilization schemes and as many side-channel countermeasures as possible without sacrificing performance.

The last one is to widen QKD applications not only to protect data confidentiality but also to provide services, which are essential functions in current security systems such as message authentication, identification and digital signature. While QKD readily supports “unconditionally secure” message authentication, identification and digital signature require further research and may be realized using existing QKD hardware at the expense of assuming an adversary bounded by finite quantum memory or additional (next generation) quantum resources available to the legitimate parties such as quantum processing and quantum memory. In any case, if QKD performance is further improved and cost reduced, then prospective QKD networks (featuring the functionalities discussed above) could become an essential infrastructure for secure key generation for a wide variety of cryptographic objectives. This may be the major impetus to pursue the improvement of QKD technology and future QKD network research.

Acknowledgments

This work was supported on the Japanese side by the project on “Research and development for practical realization of quantum cryptography” of NICT under the Ministry of Internal Affairs and Communications of Japan. IDQ and TREL would like to acknowledge partial financial support through the EU FP7 projects Q-ESSENCE and QuReP. Also, the European project SECOQC is acknowledged for contributing to the development of equipment used in the Tokyo QKD network.

Finally, the authors express their thanks to Kazuhiko Nakamura, Kenji Terada, Nobuo Kawashima, Akira Hanzawa, Ryota Saito, Ayako Kikuchi and Hiroshi Hayano for their support in setting up the Tokyo QKD Network. The authors from the All Vienna team acknowledge the significant contribution of Thomas Themel and Andreas Happe for software development under the supervision of Oliver Maurhart, and express sincere thanks to Michael Hentschel, Christoph Pacher, Thomas Lorünser and Rupert Ursin for continuous development and logistic support as well as for helpful discussions throughout the project.

References and links

1.

N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, “Quantum cryptography,” Rev. Mod. Phys. 74(1), 145–195 (2002). [CrossRef]

2.

V. Scarani, H. Bechmann-Pasquinucci, N. J. Cerf, M. Dušek, N. N. Lütkenhaus, and M. Peev, “The security of practical quantum key distribution,” Rev. Mod. Phys. 81(3), 1301–1350 (2009). [CrossRef]

3.

D. Gottesman, H.-K. Lo, N. Lütkenhaus, and J. Preskill, “Security of quantum key distribution with imperfect devices,” Quantum Inf. Comput. 5, 325–360 (2004).

4.

I. D. Quantique, http://www.idquantique.com/

5.

Q. Magi Technologies, Inc., http://www.magiqtech.com/MagiQ/Home.html

6.

QuintessenceLabs Pty Ltd, http://www.quintessencelabs.com/

7.

C. Elliott, A. Colvin, D. Pearson, O. Pikalo, J. Schlafer, and H. Yeh, “Current status of the DARPA Quantum Network,” in Quantum Information and Computation III, E. J. Donkor, A. R. Pirich, and H. E. Brandt, eds., Proc. SPIE 5815, 138–149 (2005); arXiv:quant-ph/0503058v2.

8.

M. Peev, C. Pacher, R. Alléaume, C. Barreiro, J. Bouda, W. Boxleitner, T. Debuisschert, E. Diamanti, M. Dianati, J. F. Dynes, S. Fasel, S. Fossier, M. Fürst, J.-D. Gautier, O. Gay, N. Gisin, P. Grangier, A. Happe, Y. Hasani, M. Hentschel, H. Hübel, G. Humer, T. Länger, M. Legré, R. Lieger, J. Lodewyck, T. Lorünser, N. Lütkenhaus, A. Marhold, T. Matyus, O. Maurhart, L. Monat, S. Nauerth, J.-B. Page, A. Poppe, E. Querasser, G. Ribordy, S. Robyr, L. Salvail, A. W. Sharpe, A. J. Shields, D. Stucki, M. Suda, C. Tamas, T. Themel, R. T. Thew, Y. Thoma, A. Treiber, P. Trinkler, R. Tualle-Brouri, F. Vannel, N. Walenta, H. Weier, H. Weinfurter, I. Wimberger, Z. L. Yuan, H. Zbinden, and A. Zeilinger, “The SECOQC quantum key distribution network in Vienna,” N. J. Phys. 11(7), 075001 (2009). [CrossRef]

9.

T. Länger and G. Lenhart, “Standardization of quantum key distribution and the ETSI standardization initiative ISG-QKD,” N. J. Phys. 11(5), 055051 (2009). [CrossRef]

10.

SWISS QUANTUM, http://www.swissquantum.com/

11.

A. Mirza and F. Petruccione, “Realizing long-term quantum cryptography,” J. Opt. Soc. Am. B 27(6), A185–A188 (2010). [CrossRef]

12.

Z. L. Yuan and A. J. Shields, “Continuous operation of a one-way quantum key distribution system over installed telecom fibre,” Opt. Express 13(2), 660–665 (2005). [CrossRef] [PubMed]

13.

T. E. Chapuran, P. Toliver, N. A. Peters, J. Jackel, M. S. Goodman, R. J. Runser, S. R. McNown, N. Dallmann, R. J. Hughes, K. P. McCabe, J. E. Nordholt, C. G. Peterson, K. T. Tyagi, L. Mercer, and H. Dardy, “Optical networking for quantum key distribution and quantum communications,” N. J. Phys. 11(10), 105001 (2009). [CrossRef]

14.

D. Lancho, J. Martinez-Mateo, D. Elkouss, M. Soto, and V. Martin, “QKD in standard optical telecommunications networks,” Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, Vol. 36, pp. 142–149: arXiv:1006.1858 [quant-ph] (2010).

15.

S. Wang, W. Chen, Z.-Q. Yin, Y. Zhang, T. Zhang, H.-W. Li, F.-X. Xu, Z. Zhou, Y. Yang, D.-J. Huang, L.-J. Zhang, F.-Y. Li, D. Liu, Y.-G. Wang, G.-C. Guo, and Z.-F. Han, “Field test of wavelength-saving quantum key distribution network,” Opt. Lett. 35(14), 2454–2456 (2010). [CrossRef] [PubMed]

16.

T.-Y. Chen, J. Wang, H. Liang, W.-Y. Liu, Y. Liu, X. Jiang, Y. Wang, X. Wan, W.-Q. Cai, L. Ju, L.-K. Chen, L.-J. Wang, Y. Gao, K. Chen, C.-Z. Peng, Z.-B. Chen, and J.-W. Pan, “Metropolitan all-pass and inter-city quantum communication network,” arXiv:1008.1508v2 [quant-ph] (2010).

17.

M. Fujiwara, S. Miki, T. Yamashita, Z. Wang, and M. Sasaki, “Photon level crosstalk between parallel fibers installed in urban area,” Opt. Express 18(21), 22199–22207 (2010). [CrossRef] [PubMed]

18.

C. H. Bennett and G. Brassard, “Quantum cryptography: public key distribution and coin tossing,” Proceedings of the IEEE International Conference on Computers Systems and Signal Processing, Bangalore India (1984), pp. 175–179.

19.

W.-Y. Hwang, “Quantum key distribution with high loss: toward global secure communication,” Phys. Rev. Lett. 91(5), 057901 (2003). [CrossRef] [PubMed]

20.

H.-K. Lo, X. Ma, and K. Chen, “Decoy state quantum key distribution,” Phys. Rev. Lett. 94(23), 230504 (2005). [CrossRef] [PubMed]

21.

X.-B. Wang, “Beating the photon-number-splitting attack in practical quantum cryptography,” Phys. Rev. Lett. 94(23), 230503 (2005). [CrossRef] [PubMed]

22.

K. Inoue, E. Waks, and Y. Yamamoto, “Differential-phase-shift quantum key distribution using coherent light,” Phys. Rev. A 68(2), 022317 (2003). [CrossRef]

23.

C. H. Bennett, G. Brassard, and N. D. Mermin, “Quantum cryptography without Bell’s theorem,” Phys. Rev. Lett. 68(5), 557–559 (1992). [CrossRef] [PubMed]

24.

V. Scarani, A. Acín, G. Ribordy, and N. Gisin, “Quantum cryptography protocols robust against photon number splitting attacks for weak laser pulse implementations,” Phys. Rev. Lett. 92(5), 057901 (2004). [CrossRef] [PubMed]

25.

A. Tanaka, M. Fujiwara, S. W. Nam, Y. Nambu, S. Takahashi, W. Maeda, K. Yoshino, S. Miki, B. Baek, Z. Wang, A. Tajima, M. Sasaki, and A. Tomita, “Ultra fast quantum key distribution over a 97 km installed telecom fiber with wavelength division multiplexing clock synchronization,” Opt. Express 16(15), 11354–11360 (2008). [CrossRef] [PubMed]

26.

S. Miki, T. Yamashita, M. Fujiwara, M. Sasaki, and Z. Wang, “Multichannel SNSPD system with high detection efficiency at telecommunication wavelength,” Opt. Lett. 35(13), 2133–2135 (2010). [CrossRef] [PubMed]

27.

S. Obana and A. Tanaka, “General purpose hash function family computer and shared key creating system,” Patent WO/2007/034685 (March 29, 2007).

28.

X. Ma, B. Qi, Y. Zhao, and H.-K. Lo, “Practical decoy state for quantum key distribution,” Phys. Rev. A 72(1), 012326 (2005). [CrossRef]

29.

Y. Zhao, B. Qi, X. Ma, H.-K. Lo, and L. Qian, “Experimental quantum key distribution with decoy states,” Phys. Rev. Lett. 96(7), 070502 (2006). [CrossRef] [PubMed]

30.

M. Hayashi, “Upper bounds of eavesdropper’s performances in finite-length code with the decoy method,” Phys. Rev. A 76(1), 012329 (2007). [CrossRef]

31.

M. Hayashi, “General theory for decoy-state quantum key distribution with an arbitrary number of intensities,” N. J. Phys. 9(8), 284 (2007). [CrossRef]

32.

A. R. Dixon, Z. L. Yuan, J. F. Dynes, A. W. Sharpe, and A. J. Shields, “Continuous operation of high bit rate quantum key distribution,” Appl. Phys. Lett. 96(16), 161102 (2010). [CrossRef]

33.

Z. L. Yuan, B. E. Kardynal, A. W. Sharpe, and A. J. Shields, “High speed single photon detection in the near infrared,” Appl. Phys. Lett. 91(4), 041114 (2007). [CrossRef]

34.

A. R. Dixon, Z. L. Yuan, J. F. Dynes, A. W. Sharpe, and A. J. Shields, “Gigahertz decoy quantum key distribution with 1 Mbit/s secure key rate,” Opt. Express 16(23), 18790–18797 (2008). [CrossRef]

35.

Z. L. Yuan, B. E. Kardynal, A. W. Sharpe, and A. J. Shields, “High speed single photon detection in the near infrared,” Appl. Phys. Lett. 91(4), 041114 (2007). [CrossRef]

36.

G. Brassard and L. Salvail, “Secret-key reconciliation by public discussion,” Lect. Notes Comput. Sci. 765, 410–423 (1994). [CrossRef]

37.

H. Takesue, S. W. Nam, Q. Zhang, R. H. Hadfield, T. Honjo, K. Tamaki, and Y. Yamamoto, “Quantum key distribution over a 40-dB channel loss using superconducting single-photon detectors,” Nat. Photonics 1(6), 343–348 (2007). [CrossRef]

38.

E. Waks, H. Takesue, and Y. Yamamoto, “Security of differential-phase-shift quantum key distribution against individual attacks,” Phys. Rev. A 73(1), 012344 (2006). [CrossRef]

39.

T. Honjo, A. Uchida, K. Amano, K. Hirano, H. Someya, H. Okumura, K. Yoshimura, P. Davis, and Y. Tokura, “Differential-phase-shift quantum key distribution experiment using fast physical random bit generator with chaotic semiconductor lasers,” Opt. Express 17(11), 9053–9061 (2009). [CrossRef] [PubMed]

40.

The third international conference on Updating Quantum Cryptography and Communications (UQCC2010), http://www.uqcc2010.org/

41.

A. Treiber, A. Poppe, M. Hentschel, D. Ferrini, T. Lorünser, E. Querasser, T. Matyus, H. Hübel, and A. Zeilinger, “A fully automated entanglement-based quantum cryptography system for telecom fiber networks,” N. J. Phys. 11(4), 045013 (2009). [CrossRef]

42.

The “Tokyo QKD Network video” of the network operation demonstrated during the conference UQCC2010 is available at http://www.uqcc2010.org/

43.

A. Vakhitov, V. Makarov, and D.-R. Hjelme, “Large pulse attack as a method of conventional optical eavesdropping in quantum cryptography,” J. Mod. Opt. 48(13), 2023–2038 (2001).

44.

V. Makarov and D.-R. Hjelme, “Faked states attack on quantum cryptosystems,” J. Mod. Opt. 52(5), 691–705 (2005). [CrossRef]

45.

N. Gisin, S. Fasel, B. Kraus, H. Zbinden, and G. Ribordy, “Trojan-horse attacks on quantum-key-distribution systems,” Phys. Rev. A 73(2), 022320 (2006). [CrossRef]

46.

V. Makarov, A. Anisimov, and J. Skaar, “Effects of detector efficiency mismatch on security of quantum cryptosystems,” Phys. Rev. A 74(2), 022313 (2006). [CrossRef]

47.

A. Lamas-Linares and C. Kurtsiefer, “Breaking a quantum key distribution system through a timing side channel,” Opt. Express 15(15), 9388–9393 (2007). [CrossRef] [PubMed]

48.

B. Qi, C.-H. F. Fung, H.-K. Lo, and X. Ma, “Time-shift attack in practical quantum crypto-systems,” Quantum Inf. Comput. 7, 73–82 (2007).

49.

C.-H. F. Fung, B. Qi, K. Tamaki, and H.-K. Lo, “Phase-remapping attack in practical quantum key distribution systems,” Phys. Rev. A 75(3), 032314 (2007). [CrossRef]

50.

Y. Zhao, C.-H. F. Fung, B. Qi, C. Chen, and H.-K. Lo, “Quantum hacking experimental demonstration of time-shift attack against practical quantum key distribution systems,” Phys. Rev. A 78(4), 042333 (2008). [CrossRef]

51.

V. Makarov and J. Skaar, “Faked states attack using detector efficiency mismatch on SARG04, phase-time, DPSK, and Ekert protocols,” Quantum Inf. Comput. 8, 0622–0635 (2008).

52.

S. Nauerth, M. Fürst, T. Schmitt-Manderbach, H. Weier, and H. Weinfurter, “Information leakage via side channels in freespace BB84 quantum cryptography,” N. J. Phys. 11(6), 065001 (2009). [CrossRef]

53.

L. Lydersen, C. Wiechers, C. Wittmann, D. Elser, J. Skaar, and V. Makarov, “Hacking commercial quantum cryptography systems by tailored bright illumination,” Nat. Photonics 4(10), 686–689 (2010). [CrossRef]

54.

F. Xu, B. Qi, and H.-K. Lo, “Experimental demonstration of phase-remapping attack in a practical quantum key distribution system,” N. J. Phys. 12(11), 113026 (2010). [CrossRef]

OCIS Codes
(060.5565) Fiber optics and optical communications : Quantum communications
(270.5568) Quantum optics : Quantum cryptography

ToC Category:
Quantum Optics

History
Original Manuscript: March 10, 2011
Revised Manuscript: April 27, 2011
Manuscript Accepted: May 5, 2011
Published: May 11, 2011

Citation
M. Sasaki, M. Fujiwara, H. Ishizuka, W. Klaus, K. Wakui, M. Takeoka, S. Miki, T. Yamashita, Z. Wang, A. Tanaka, K. Yoshino, Y. Nambu, S. Takahashi, A. Tajima, A. Tomita, T. Domeki, T. Hasegawa, Y. Sakai, H. Kobayashi, T. Asai, K. Shimizu, T. Tokura, T. Tsurumaru, M. Matsui, T. Honjo, K. Tamaki, H. Takesue, Y. Tokura, J. F. Dynes, A. R. Dixon, A. W. Sharpe, Z. L. Yuan, A. J. Shields, S. Uchikoga, M. Legré, S. Robyr, P. Trinkler, L. Monat, J.-B. Page, G. Ribordy, A. Poppe, A. Allacher, O. Maurhart, T. Länger, M. Peev, and A. Zeilinger, "Field test of quantum key distribution in the Tokyo QKD Network," Opt. Express 19, 10387-10409 (2011)
http://www.opticsinfobase.org/oe/abstract.cfm?URI=oe-19-11-10387


Sort:  Author  |  Year  |  Journal  |  Reset  

References

  1. N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, “Quantum cryptography,” Rev. Mod. Phys. 74(1), 145–195 (2002). [CrossRef]
  2. V. Scarani, H. Bechmann-Pasquinucci, N. J. Cerf, M. Dušek, N. N. Lütkenhaus, and M. Peev, “The security of practical quantum key distribution,” Rev. Mod. Phys. 81(3), 1301–1350 (2009). [CrossRef]
  3. D. Gottesman, H.-K. Lo, N. Lütkenhaus, and J. Preskill, “Security of quantum key distribution with imperfect devices,” Quantum Inf. Comput. 5, 325–360 (2004).
  4. I. D. Quantique, http://www.idquantique.com/
  5. Q. Magi Technologies, Inc., http://www.magiqtech.com/MagiQ/Home.html
  6. QuintessenceLabs Pty Ltd, http://www.quintessencelabs.com/
  7. C. Elliott, A. Colvin, D. Pearson, O. Pikalo, J. Schlafer, and H. Yeh, “Current status of the DARPA Quantum Network,” in Quantum Information and Computation III, E. J. Donkor, A. R. Pirich, and H. E. Brandt, eds., Proc. SPIE 5815, 138–149 (2005); arXiv:quant-ph/0503058v2.
  8. M. Peev, C. Pacher, R. Alléaume, C. Barreiro, J. Bouda, W. Boxleitner, T. Debuisschert, E. Diamanti, M. Dianati, J. F. Dynes, S. Fasel, S. Fossier, M. Fürst, J.-D. Gautier, O. Gay, N. Gisin, P. Grangier, A. Happe, Y. Hasani, M. Hentschel, H. Hübel, G. Humer, T. Länger, M. Legré, R. Lieger, J. Lodewyck, T. Lorünser, N. Lütkenhaus, A. Marhold, T. Matyus, O. Maurhart, L. Monat, S. Nauerth, J.-B. Page, A. Poppe, E. Querasser, G. Ribordy, S. Robyr, L. Salvail, A. W. Sharpe, A. J. Shields, D. Stucki, M. Suda, C. Tamas, T. Themel, R. T. Thew, Y. Thoma, A. Treiber, P. Trinkler, R. Tualle-Brouri, F. Vannel, N. Walenta, H. Weier, H. Weinfurter, I. Wimberger, Z. L. Yuan, H. Zbinden, and A. Zeilinger, “The SECOQC quantum key distribution network in Vienna,” N. J. Phys. 11(7), 075001 (2009). [CrossRef]
  9. T. Länger and G. Lenhart, “Standardization of quantum key distribution and the ETSI standardization initiative ISG-QKD,” N. J. Phys. 11(5), 055051 (2009). [CrossRef]
  10. SWISS QUANTUM, http://www.swissquantum.com/
  11. A. Mirza and F. Petruccione, “Realizing long-term quantum cryptography,” J. Opt. Soc. Am. B 27(6), A185–A188 (2010). [CrossRef]
  12. Z. L. Yuan and A. J. Shields, “Continuous operation of a one-way quantum key distribution system over installed telecom fibre,” Opt. Express 13(2), 660–665 (2005). [CrossRef] [PubMed]
  13. T. E. Chapuran, P. Toliver, N. A. Peters, J. Jackel, M. S. Goodman, R. J. Runser, S. R. McNown, N. Dallmann, R. J. Hughes, K. P. McCabe, J. E. Nordholt, C. G. Peterson, K. T. Tyagi, L. Mercer, and H. Dardy, “Optical networking for quantum key distribution and quantum communications,” N. J. Phys. 11(10), 105001 (2009). [CrossRef]
  14. D. Lancho, J. Martinez-Mateo, D. Elkouss, M. Soto, and V. Martin, “QKD in standard optical telecommunications networks,” Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, Vol. 36, pp. 142–149: arXiv:1006.1858 [quant-ph] (2010).
  15. S. Wang, W. Chen, Z.-Q. Yin, Y. Zhang, T. Zhang, H.-W. Li, F.-X. Xu, Z. Zhou, Y. Yang, D.-J. Huang, L.-J. Zhang, F.-Y. Li, D. Liu, Y.-G. Wang, G.-C. Guo, and Z.-F. Han, “Field test of wavelength-saving quantum key distribution network,” Opt. Lett. 35(14), 2454–2456 (2010). [CrossRef] [PubMed]
  16. T.-Y. Chen, J. Wang, H. Liang, W.-Y. Liu, Y. Liu, X. Jiang, Y. Wang, X. Wan, W.-Q. Cai, L. Ju, L.-K. Chen, L.-J. Wang, Y. Gao, K. Chen, C.-Z. Peng, Z.-B. Chen, and J.-W. Pan, “Metropolitan all-pass and inter-city quantum communication network,” arXiv:1008.1508v2 [quant-ph] (2010).
  17. M. Fujiwara, S. Miki, T. Yamashita, Z. Wang, and M. Sasaki, “Photon level crosstalk between parallel fibers installed in urban area,” Opt. Express 18(21), 22199–22207 (2010). [CrossRef] [PubMed]
  18. C. H. Bennett and G. Brassard, “Quantum cryptography: public key distribution and coin tossing,” Proceedings of the IEEE International Conference on Computers Systems and Signal Processing, Bangalore India (1984), pp. 175–179.
  19. W.-Y. Hwang, “Quantum key distribution with high loss: toward global secure communication,” Phys. Rev. Lett. 91(5), 057901 (2003). [CrossRef] [PubMed]
  20. H.-K. Lo, X. Ma, and K. Chen, “Decoy state quantum key distribution,” Phys. Rev. Lett. 94(23), 230504 (2005). [CrossRef] [PubMed]
  21. X.-B. Wang, “Beating the photon-number-splitting attack in practical quantum cryptography,” Phys. Rev. Lett. 94(23), 230503 (2005). [CrossRef] [PubMed]
  22. K. Inoue, E. Waks, and Y. Yamamoto, “Differential-phase-shift quantum key distribution using coherent light,” Phys. Rev. A 68(2), 022317 (2003). [CrossRef]
  23. C. H. Bennett, G. Brassard, and N. D. Mermin, “Quantum cryptography without Bell’s theorem,” Phys. Rev. Lett. 68(5), 557–559 (1992). [CrossRef] [PubMed]
  24. V. Scarani, A. Acín, G. Ribordy, and N. Gisin, “Quantum cryptography protocols robust against photon number splitting attacks for weak laser pulse implementations,” Phys. Rev. Lett. 92(5), 057901 (2004). [CrossRef] [PubMed]
  25. A. Tanaka, M. Fujiwara, S. W. Nam, Y. Nambu, S. Takahashi, W. Maeda, K. Yoshino, S. Miki, B. Baek, Z. Wang, A. Tajima, M. Sasaki, and A. Tomita, “Ultra fast quantum key distribution over a 97 km installed telecom fiber with wavelength division multiplexing clock synchronization,” Opt. Express 16(15), 11354–11360 (2008). [CrossRef] [PubMed]
  26. S. Miki, T. Yamashita, M. Fujiwara, M. Sasaki, and Z. Wang, “Multichannel SNSPD system with high detection efficiency at telecommunication wavelength,” Opt. Lett. 35(13), 2133–2135 (2010). [CrossRef] [PubMed]
  27. S. Obana and A. Tanaka, “General purpose hash function family computer and shared key creating system,” Patent WO/2007/034685 (March 29, 2007).
  28. X. Ma, B. Qi, Y. Zhao, and H.-K. Lo, “Practical decoy state for quantum key distribution,” Phys. Rev. A 72(1), 012326 (2005). [CrossRef]
  29. Y. Zhao, B. Qi, X. Ma, H.-K. Lo, and L. Qian, “Experimental quantum key distribution with decoy states,” Phys. Rev. Lett. 96(7), 070502 (2006). [CrossRef] [PubMed]
  30. M. Hayashi, “Upper bounds of eavesdropper’s performances in finite-length code with the decoy method,” Phys. Rev. A 76(1), 012329 (2007). [CrossRef]
  31. M. Hayashi, “General theory for decoy-state quantum key distribution with an arbitrary number of intensities,” N. J. Phys. 9(8), 284 (2007). [CrossRef]
  32. A. R. Dixon, Z. L. Yuan, J. F. Dynes, A. W. Sharpe, and A. J. Shields, “Continuous operation of high bit rate quantum key distribution,” Appl. Phys. Lett. 96(16), 161102 (2010). [CrossRef]
  33. Z. L. Yuan, B. E. Kardynal, A. W. Sharpe, and A. J. Shields, “High speed single photon detection in the near infrared,” Appl. Phys. Lett. 91(4), 041114 (2007). [CrossRef]
  34. A. R. Dixon, Z. L. Yuan, J. F. Dynes, A. W. Sharpe, and A. J. Shields, “Gigahertz decoy quantum key distribution with 1 Mbit/s secure key rate,” Opt. Express 16(23), 18790–18797 (2008). [CrossRef]
  35. Z. L. Yuan, B. E. Kardynal, A. W. Sharpe, and A. J. Shields, “High speed single photon detection in the near infrared,” Appl. Phys. Lett. 91(4), 041114 (2007). [CrossRef]
  36. G. Brassard and L. Salvail, “Secret-key reconciliation by public discussion,” Lect. Notes Comput. Sci. 765, 410–423 (1994). [CrossRef]
  37. H. Takesue, S. W. Nam, Q. Zhang, R. H. Hadfield, T. Honjo, K. Tamaki, and Y. Yamamoto, “Quantum key distribution over a 40-dB channel loss using superconducting single-photon detectors,” Nat. Photonics 1(6), 343–348 (2007). [CrossRef]
  38. E. Waks, H. Takesue, and Y. Yamamoto, “Security of differential-phase-shift quantum key distribution against individual attacks,” Phys. Rev. A 73(1), 012344 (2006). [CrossRef]
  39. T. Honjo, A. Uchida, K. Amano, K. Hirano, H. Someya, H. Okumura, K. Yoshimura, P. Davis, and Y. Tokura, “Differential-phase-shift quantum key distribution experiment using fast physical random bit generator with chaotic semiconductor lasers,” Opt. Express 17(11), 9053–9061 (2009). [CrossRef] [PubMed]
  40. The third international conference on Updating Quantum Cryptography and Communications (UQCC2010), http://www.uqcc2010.org/
  41. A. Treiber, A. Poppe, M. Hentschel, D. Ferrini, T. Lorünser, E. Querasser, T. Matyus, H. Hübel, and A. Zeilinger, “A fully automated entanglement-based quantum cryptography system for telecom fiber networks,” N. J. Phys. 11(4), 045013 (2009). [CrossRef]
  42. The “Tokyo QKD Network video” of the network operation demonstrated during the conference UQCC2010 is available at http://www.uqcc2010.org/
  43. A. Vakhitov, V. Makarov, and D.-R. Hjelme, “Large pulse attack as a method of conventional optical eavesdropping in quantum cryptography,” J. Mod. Opt. 48(13), 2023–2038 (2001).
  44. V. Makarov and D.-R. Hjelme, “Faked states attack on quantum cryptosystems,” J. Mod. Opt. 52(5), 691–705 (2005). [CrossRef]
  45. N. Gisin, S. Fasel, B. Kraus, H. Zbinden, and G. Ribordy, “Trojan-horse attacks on quantum-key-distribution systems,” Phys. Rev. A 73(2), 022320 (2006). [CrossRef]
  46. V. Makarov, A. Anisimov, and J. Skaar, “Effects of detector efficiency mismatch on security of quantum cryptosystems,” Phys. Rev. A 74(2), 022313 (2006). [CrossRef]
  47. A. Lamas-Linares and C. Kurtsiefer, “Breaking a quantum key distribution system through a timing side channel,” Opt. Express 15(15), 9388–9393 (2007). [CrossRef] [PubMed]
  48. B. Qi, C.-H. F. Fung, H.-K. Lo, and X. Ma, “Time-shift attack in practical quantum crypto-systems,” Quantum Inf. Comput. 7, 73–82 (2007).
  49. C.-H. F. Fung, B. Qi, K. Tamaki, and H.-K. Lo, “Phase-remapping attack in practical quantum key distribution systems,” Phys. Rev. A 75(3), 032314 (2007). [CrossRef]
  50. Y. Zhao, C.-H. F. Fung, B. Qi, C. Chen, and H.-K. Lo, “Quantum hacking experimental demonstration of time-shift attack against practical quantum key distribution systems,” Phys. Rev. A 78(4), 042333 (2008). [CrossRef]
  51. V. Makarov and J. Skaar, “Faked states attack using detector efficiency mismatch on SARG04, phase-time, DPSK, and Ekert protocols,” Quantum Inf. Comput. 8, 0622–0635 (2008).
  52. S. Nauerth, M. Fürst, T. Schmitt-Manderbach, H. Weier, and H. Weinfurter, “Information leakage via side channels in freespace BB84 quantum cryptography,” N. J. Phys. 11(6), 065001 (2009). [CrossRef]
  53. L. Lydersen, C. Wiechers, C. Wittmann, D. Elser, J. Skaar, and V. Makarov, “Hacking commercial quantum cryptography systems by tailored bright illumination,” Nat. Photonics 4(10), 686–689 (2010). [CrossRef]
  54. F. Xu, B. Qi, and H.-K. Lo, “Experimental demonstration of phase-remapping attack in a practical quantum key distribution system,” N. J. Phys. 12(11), 113026 (2010). [CrossRef]

Cited By

Alert me when this paper is cited

OSA is able to provide readers links to articles that cite this paper by participating in CrossRef's Cited-By Linking service. CrossRef includes content from more than 3000 publishers and societies. In addition to listing OSA journal articles that cite this paper, citing articles from other participating publishers will also be listed.


« Previous Article  |  Next Article »

OSA is a member of CrossRef.

CrossCheck Deposited