Implementation of a Quantum Secure Network in a Metropolitan Area

Implementation of a Quantum Secure Network in a Metropolitan Area
Implementation of a Quantum Secure Network in a Metropolitan Area - The figure shows the solution schematically. There are two parties involved in the communication and they are connected point-to-point by common fiber-optic cable. Computing devices on the bottom (data plane shown in blue) communicate using quantum switches that are generated, distributed, and controlled on the top (control plane, shown in yellow).

The first test of quantum secure communications in a commercial environment has been successfully completed by the AWS Center for Quantum Networking (CQN). Collaborated with customers to assess the current level of technology and its suitability for cloud infrastructure to address key scientific and engineering challenges for developing quantum networks.

Customers have told us that they want to prepare for a time when quantum computers can decrypt existing asymmetric cryptography. AWS is taking several measures to ensure that quantum computers offer customers only opportunities and to minimize threats. One of the features explored is Quantum Key Distribution (QKD), which provides additional physical security in transmitting quantum states between remote parties, thereby generating tamper-proof encryption keys.

To test this theory, we built a point-to-point quantum secure network in Singapore. This network connected two facilities using production grade optical fiber. Working with the Center for Quantum Technologies (CQT), Horizon Quantum Computing (Horizon), and the National Quantum-Safe Network (NQSN) at Fortinet, we successfully connected two QKD devices between buildings three kilometers apart (corresponding to approximately 16 km of fiber cable). Also successfully established a VPN tunnel using both QKD technology and AWS Edge Compute hardware.

A field-deployed test environment called NQSN aims to demonstrate how to integrate quantum secure applications. NQSN can be used to facilitate testing of Singapore-related ideas and use cases. We are pleased to be able to support this collaboration between Amazon and Horizon.” Associate Professor Alexander Ling, NQSN (NUS) principal investigator of the National University of Singapore CQT.

Using a tool from Fortinet, an NQSN partner, we created two mirrored network stacks divided into management and service segments. The FortiGate 100F Next Generation Firewall has an enhanced capability to create an encrypted IPsec tunnel that can use encryption keys obtained through quantum mechanics. We use a pair of QKD devices with a maximum loss of 12 dB (usually up to 50 km) to secure key exchange via fibers (highlighted in yellow in the image below) in the management network, making it a metropolitan coverage of an area the size of Singapore (50 km east to west). makes it suitable for A Key Management System (KMS) that manages key requests and key transfers between QKD optics and FortiGate Next Generation Firewall is also integrated into this device. The service mesh (highlighted in blue) ends at paired compute nodes.

One of the nodes is in the CQT as seen in the diagram. This compute endpoint consists of an AWS Snowball Edge Compute Optimized appliance and an Amazon Elastic Compute Cloud (EC2) instance. AWS Hybrid-Edge services extend Amazon infrastructure and services to the edge, enabling applications to run and securely run in places without reliable network connectivity to AWS. Horizon uses an in-house Intel-based server as the endpoint at the other end of the connection. Endpoints use locally generated QKD keys, while both parties interact securely over an IPsec connection. This establishes a quantum secure connection that Horizon will leverage to create use cases:

Addressing this collaboration in Q2B 2022 Silicon Valley, the CEO of the company, Dr. Joe Fitzsimons said: “At Horizon, we are focused on making quantum computing accessible to businesses, not just through programming, but through distribution that aligns with industry requirements, including ensuring the confidentiality and integrity of authorized computing. “It has been a pleasure to collaborate with AWS to install a National Quantum-Secure Network node at our workplace. In order to securely deploy quantum applications, a secure infrastructure must first be established.

AWS Snowcone computing devices were used to monitor each component and provided storage of performance metrics, configuration of applications, and remote visualization of technical parameters including QKD key rates and synchronization status.

Our point-to-point quantum network architecture was a crucial step in examining how commercially available quantum technology works in a practical environment and showing our customers how it can be used with AWS services. At AWS CQN, we continue to explore the art of the possible, involving advanced networks that include QKD plus the creation of a quantum repeater for long distance communication. You can learn more about AWS for the Edge, read an illustrated introduction to quantum networks and repeaters, and keep an eye out for new developments in quantum network research and business.



Günceleme: 12/03/2023 22:22

Similar Ads