Quantum Communication

SECANT QKD:  Sandia Enabled Communication and Authentication Network using Quantum Key Distribution

To address the challenge of securing communication networks against increasingly sophisticated cyber-attacks, a microsystems-enabled communications and authentication environment using chip-scale quantum key distribution (QKD) has been developed. QKD is a technology enabling authorized parties to generate secret cryptographic keys at a distance.  These keys in turn are used in a provably secure one-time-pad protocol for secure communication.   The security of the key is assured by quantum physics, which dictates that the measurement of a quantum state necessarily changes the state.  If eavesdroppers attempt to intercept the key, they will change it, allowing the remote parties to identify their presence.  Through this research effort, Sandia has for the first time brought quantum key distribution to the microscale, enabling unprecedented advances in performance.

Top:  Conceptional drawing of QKD transceiver.  Left:  Realized continuous-variable QKD transceivers on a chip.  Right: Development of transceivers in a probe station.

Key research areas and outcomes include:

• Discrete-Variable (DV) and Continuous-Variable (CV) on-chip transceivers:  Integrated silicon photonics approaches to qubit encoding and decoding
• Entangled Photon Pair Sources
• New CV QKD protocol and implementation
• QKD Analysis Tool Software
• DV and CV Transmission Links with key distillation routines

Together, these components enable a chip-scale QKD system that offers future-proof encryption, the ability to detect eavesdroppers, and security redundancy for classical cryptography implementations.  The development work contributes broadly to quantum networks and efforts for distributed quantum information processing.

This technology has the potential to dramatically change the landscape of cyber-warfare, mitigate technology surprise in the post-quantum world, and allow for rapid exploration of weaknesses in similar systems adopted by adversaries.

Safeguarding critical national assets such as nodes in the electrical grid or nuclear facilities require measures that monitor and detect intrusion attacks.  In security applications involving protection of materials and equipment, fiber-optic seals are used to detect for tamper events such as the breaking of a container lid or access attempt on a grid device.  These monitoring capabilities must be robust against sophisticated tamper attacks that try to falsify sensor data and create holes in the security. 

Using elements of quantum key distribution, a fiber-optic quantum seal was developed to detect man-in-the-middle attacks on the seal fiber loop protecting a critical asset.  This unique sensing capability thwarts spoofing attacks on the seal signals.  A stream of encoded coherent states is delivered through the seal fiber channel and tracked for changes in their properties through quadrature measurements.  The Uncertainty Principle and the No Cloning Theorem prevent the intruder from spoofing the encoded pulses with high fidelity.  Noise introduced by the intruder signals his presence and trips an alarm.  A statistical hypothesis-test analysis is used to determine the tamper state of the seal in real time.  

Diagram of a fiber-optic seal transceiver configured for asset monitoring.  The seal consists of a transmitter which generates a stream of coherent states propagated through the fiber to the decoding receiver.  Changes induced on the light pulses are analyzed to determine tamper status.

The ultra-sensitive detection scheme and the data analysis package produce high probability of tamper detection with low false alarm rates.  Combined, these capabilities enable channel integrity checks and data authentication for the seal.

Left: Example of coherent state in phase space used for sensing.  Right: A distribution of coherent states used to determine changes in probe statistics which indicate tamper state.

This concept could play a role in enhancing monitoring capabilities for applications in physical security, nuclear safeguards, cybersecurity, energy grid, internet of things, among others.