Dr. Hannes Hübel
AIT Austrian Institute of Technology GmbH
Giefinggasse 4
1210 Vienna, Austria
Inter-government cross-border link (Use-Case 20)
The national governments of the European Union do have to be able to communicate in a private and secret manner. Prior to any voting of the respective council at EU level, every eligible member has to have access to all required information. Hence any EU member state has to intrinsically trust all the others. Therefore a QKD network is initiated and implemented between the cities Vienna (AT), Prague (CZ), Bratislava (SK), Budapest (HU) and potentially also Zagreb (CR) and Ljubljana (SI). While the decision making process has to be public, it should be possible to distribute and discuss the respective issue in full secrecy. The possibility for the latter shall be provided based on a QKD layer network infrastructure. Various QKD protocols and systems for compensating temporal varying environmental influences will be tested and refined.
Vienna, AT
With use case #09 we intend to connect the PSNC datacenter in Poznań and a banking datacenter that provide critical digital banking services for citizens. PSNC site is also the main Point Of Presence of the PIONIER network (Polish National Research and Education Network), GEANT network and other international PSNC and PIONIER partners. The banking datacenter site is one of the PSNC metro area POZMAN sites. The banking sector relies heavily on advanced, fast digital services delivered to end users and between the bank data centers themselves. Large amounts of confidential data is being sent, backed up and synchronized between various banking institutions and divisions. Digital trading platforms are delay and speed sensitive. The services and communication channels between banking institutions are to be secured with advanced QKD network layer infrastructure. The nodes will be deployed in Poznan between PSNC data centers and data centers that host services for the banking sector. The investigated impact will include maximum possible key exchange rate, delay introduced for the services and management overhead of QKD network layer, number of interconnected, synchronized and secured by QKD network layer systems/platforms, distance vs key rate vs optical power. It is proposed to investigate also concept of “quantum money” and possible implementation in exemplary transactions.
All these services are to be secured and further enhanced with QKD network layer infrastructure and its impact is to be evaluated. The nodes will be deployed in Poznan between PSNC data centers and banking data centers. These use cases introduce specific requirements for the data security and potential QKD integration. The QKD network services must run on various hardware and software platforms. Impact on services and infrastructure will be investigated. The route is 8 km in distance. A QKD system will be installed along with an encryptor to ensure that network traffic and services may relay on secure connection and critical messages are forwarded to the PIONIER and POZMAN Network Operator Center.
Poznan, PL
Data security and privacy are among the top concerns of the European Union as well as of the member states. The national governments have large amounts of confidential data which must be shared between different ministries and other government agencies. Highly sensitive data are being sent, backed up and synchronized between various stakeholders. Therefore, a first initial QKD network is initiated and implemented between different ministries in Vienna (AT) to secure data in transit.
Vienna, AT
GÉANT prides itself on providing what commercial operators cannot: a highspeed network that pushes the boundaries of networking technology whilst delivering a cost-effective, pan-European infrastructure. Almost all large Educational and research institutions in Europe rely on GÉANT for outstanding service availability and service quality, which is to be secured through QKD layer equipment. Within a project running under the name QUAPITAL, OEAW will be interfacing capital cities and their Internet eXchange points and further connect them to one or more academic partners directly. As of today, three nodes in Vienna (Austria), two in Bratislava (Slovak) and three in Budapest (Hungary) will be participating in this network until 2021. The individual QKD links will be established using systems based on direct detection (DV) and ultimate security will be provided due to the fact that no trusted nodes will be implemented in between the cities. Still, the average generation rate of secret keys will be on the order of 1kbps during 24/7 operation. The infrastructure established within the QUAPITAL project will be openly provided not only to all partners of the OPENQKD team, but also to any team from around the world interested in testing and benchmarking their systems on the same fiber Network.
Vienna, AT
A 3D-Scanner generates sensitive medical imaging “big” data at MUG. The data is split by a FRX cluster storage appliance into 3 shares with information-theoretic security and transported to 2 datacenters from CYC with dark fibre and QKD protection. Adding a public or private S3 storage for more resilience and data error protection will be also demonstrated. The Hospital Saint Johns of God in Graz is also connected to all CYC datacenters and can retrieve the images securely. Biometric and security token access will be implemented as an integral part of the use-case.
Graz, AT
With use case #11 we intend to connect one of the PSNC nodes and PoPs that include devices and infrastructure for the distribution of the reference time and frequency signals. PSNC takes part in national and international projects that are focused on establishing reference time and frequency signals distribution system. The signals are transmitted either on separate dark fibers (with specially designed transmission system) or within the spectrum of existing optical data transmission system. The latest project involves transmission of reference optical carrier that can be used in various metrological systems using optical combs at the transmission terminals. Already established reference T&F transmission system use PIONIER (Polish National Research and Education Network) and POZMAN, GEANT network and other international PSNC and PIONIER partners network nodes and infrastructure. The links require also special monitoring and maintenance procedures due to calibration requirements. A QKD system will be installed along and together with reference T&F links with an encryptor. Performance and influence of both systems will be analyzed and performance evaluated, In order to ensure that network traffic, and services are properly analyzed, critical messages will be forwarded and analyzed in the PIONIER Network Operator Center. The system and use case has the capability to be extended on cross-border international links.
Poznan, PL
With use case #10 we intend to connect the PSNC datacenter in Poznań and the local police datacenter that provide critical services for police infrastructure. The PSNC site is also the main Point Of Presence of the PIONIER network (Polish National Research and Education Network), GEANT network and other international PSNC and PIONIER partners. The police datacenter site is one of the PSNC metro area POZMAN sites. The police currently uses different advanced digital tools in its operational activities. Such tools frequently use large amount of confidential, operational data, big data analytics and deep learning techniques. The data is being collected and stored from a large number of different digital sources and its integrity and security is essential. Such services are planned to be secured and enhanced with QKD network layer equipment. The nodes will be deployed in Poznan between PSNC data centers, City Hall divisions and local Police departments. Investigated aspects will include: speed and key exchange rate, management overhead, delay connected with QKD network layer integration with various operational software tools, distance vs key speed vs optical power dependency.
All these services are to be secured and further enhanced with QKD network layer infrastructure and its impact is to be evaluated. These use cases introduce specific requirements for the data security and potential QKD integration. The QKD network services must run on various hardware and software platforms. The impact on services and infrastructure will be investigated. The route is 5 km in distance. A QKD system will be installed along with an encryptor to ensure that network traffic and services may relay on secure connection and critical messages forwarded to the PIONIER and POZMAN Network Operator Center.
Poznan, PL
With use case #08 we intend to connect the PSNC datacenter in Poznań and Poznan city hall branches that provide critical IT services for citizens. PSNC site is also the main Point Of Presence of the PIONIER network (Polish National Research and Education Network), GEANT network and other international PSNC and PIONIER partners. City hall site is one of the main PSNC metro area POZMAN sites. Currently more and more local and central government institutions—in particular city halls—provide a large number of services for citizens using digital platforms. Large numbers of confidential, private and state documents are being digitized, confirmed and sent between various institutions that generally use different software and hardware platforms for the each specific service. Most of these services were and are developed independently and use different technologies, software solutions, architecture and hardware solutions. An important element of such platforms is user authentication (trusted profiles etc.). Apart from the documents aspect, local state institutions provide different services like registration to schools, exam evaluations, digital libraries etc. All these services are to be secured and further enhanced with QKD network layer infrastructure and its impact is to be evaluated. The nodes will be deployed in Poznan between PSNC data centers and Poznan city hall branches. These use cases introduce specific requirements for the data security and potential QKD integration. The QKD network services must run on various hardware and software platforms. The nodes will be deployed in Poznan between city hall branches and PSNC data centers. Impact on services and infrastructure will be investigated. The route have 4 km in distance. A QKD system will be installed along with an encryptor to ensure that network traffic, services, may relay on secure connection and critical messages forwarded to the PIONIER and POZMAN Network Operator Center.
Poznan, PL
With use case #06 we intend to connect the VSB and PSNC datacenters in Ostrava and Poznań. These sites are also Point Of Presence of HPC infrastructures and National Research and Education Network infrastructures, GEANT network and other international VSB, PSNC partners. Load balancing of work schedule of supercomputers or parallel processing of “big data” within a network of supercomputers involves the transport of virtual machines, which is to be secured through QKD layer equipment. Compression techniques of virtual machines will be evaluated for fast data exchange optimized for QKD technology. Two nodes will be deployed at the Cieszyn and Ostrava supercomputing centers and the impact of QKD on HPC traffic pattern and services will be investigated. The QKD link is planned to be implemented with one trusted relay along the route and a key rate in the rage of 1 Mbps. The HPC traffic from Cieszyn – remote HPC site will be forwarded using PSNC PIONIER network to PSNC datacenter in Poznań. Due to segment lengths and required number of QKD trusted nodes it is not possible to connect directly by QKD PSNC and VSB datacenters in Ostrava and Poznan.
A QKD system will be installed along with an encryptor to ensure that network traffic, backup services, data from HPC machines may relay on secure connection and critical messages forwarded to the PIONIER Network Operator Center.
Poznan, PL
With use case #01 we intend to connect the PSNC datacenters (primary and backup) in Poznań. These sites are also the main Point Of Presence of PIONIER network (Polish National Research and Education Network), GEANT network and other international PSNC and PIONIER partners. Due to resilience and Service Level Agreement requirements these datacenters are connected using two independent optical cables, different cable route and cable pipes. The two routes are 4 and 10 km in distance. A QKD system will be installed along with an encryptor to ensure that network traffic, backup services, data from HPC machines may relay on secure connection and critical messages forwarded to the PIONIER Network Operator Center.
Poznan, PL
Globally deployed critical infrastructure that combines links in space and on earth (like Galileo GNSS) has to be protected on a long-term scale. To supply keys to this end, an additional “last mile” terrestrial link interfaced to the satellite ground segment is needed. This is done via fiber infrastructure and trusted interface node. Within the OPENQKD testbed we will study the important interfaces of this future satellite-QKD infrastructure to the ground-based optical fiber network. As the satellite infrastructure most likely will not yet be available during the testbed run time the satellite-fiber interface will be tested by emulating the satellite input used in the fiber QKD link. The emulation will be based on real-time parameters derived from channel measurements with optical ground stations as input. Optical ground stations will be situated at Oberpfaffenhofen (DE) and Matera (IT), with the option to add more later on. This situation resembles interfacing satellite links to fiber carrier infrastructure as well as securing critical infrastructure of satellite command & control and critical data exchange on a continental and global scale. One concrete example will be securing communication between distant ground control centers and other critical infrastructure of the Galileo system. The use case will study the availability of final key over various situation including realistic orbits and weather situation. Optimal parameters for final key buffer size and priority of key usage will be tested.
Oberpfaffenhofen, DE
In order to combine satellite with terrestrial QKD infrastructure it is necessary to have an interface between free-space link and fiber connections. This could be done by a trusted or untrusted node ground station. In the case of a trusted node, a ground station will be connected by a fiber link to a different ground location and to a (virtual) satellite by a daylight QKD link with polarization encoding. The trusted node will be used to share the key between the satellite and the ground location. In the case of an untrusted ground station, the station will act as a relay between a (virtual) satellite and a different ground location connected with a fiber link with the ground station. No key information is acquired by the untrusted node. Also in this case the use-case will be carried out in daylight with polarization encoding. “Virtual satellite” means a free-space link simulating a satellite link. The optical ground stations for this use-case will be located in Padua (IT), at the Department of Information Engineering of the University, and in Matera (IT), at the Matera Laser Ranging Observatory of the Italian Space Agency.
Padua, IT
As any communication network, and in particular communication networks that are part of critical infrastructure, a future quantum internet that will allow blind or networked quantum computation requires all control information to be authenticated. By developing QKD into a tool that authenticates network control traffic, we will enable this goal in an information-theoretic secure, that is unbreakable, fashion. This task will furthermore ensure that near-term developments within OPENQKD remain valid, useful, and will be used in a future quantum network based on quantum repeaters and nodes that share long-lived entanglement.
Delft, NL
UC99
UC99
Test bla bla