CORDIS - EU research results

Open European Quantum Key Distribution Testbed

Periodic Reporting for period 1 - OPENQKD (Open European Quantum Key Distribution Testbed)

Reporting period: 2019-09-02 to 2021-03-01

The economic, political and social well-being of European citizens relies on secure information and communication technologies (ICT). Our current ICT security relies in a large part on algorithmic methods that are threatened by constant progress in computing hardware and software, among which quantum computing must be seriously considered. Its potential realization has triggered the development of alternatives to currently-used public key encryption, in particular quantum key distribution (QKD), where security is built within the physical layer and based on the laws of quantum physics. The promise that QKD holds for the future of ICT-dependent societies has been recognized world-wide, including in China and the USA, but the creation of widely-available QKD-based ICT infrastructure and its broad adoption remain an open challenge. A key asset to bridge this gap between QKD technology providers and end users is the establishment and operation of an experimental facility that serves, and helps developing, the quantum communication ecosystem. This is where the OPENQKD projects comes into play. Its main aim is to raise awareness of the maturity of QKD and its seamless integration into existing security solutions and networks for a wide range of use-cases. This is done by working directly with end-users to test and validate end-to-end security for various businesses and industry sectors based on QKD. In particular, the OPENQKD project will set up many testbed sites across Europe (4 large testbeds and 12 smaller demo sites) to bring the technology to as many potential customers as possible. The testbeds will provide the optical fiber infrastructure and locations to house the QKD and other network equipment. In order to demonstrate seamless integration into the security chain, both QKD and classical encryption devices are adapted, according to standardized specifications, to allow a direct hand over of keys. Since the use-case demonstration are core to the project, a selection has been made with more than 30 demonstration planned in a wide range of sectors such as, critical infrastructure protection, data center interconnect, securing of medical data, banking, securing governmental communication and many others. To attract more than just the partners of the consortium, the testbed infrastructure is open also to other interested parties. The project even actively invites additional contribution by opening 2 tender phases where third-parties can bid for financial support in order to work with the project to implement new use-cases or demonstrate new technology. As a pilot project for the much larger vision of deploying a Pan-European quantum communication infrastructure (EuroQCI) within the next decade, OPENQKD tries to evaluate long-distance QKD, either in the form of trusted nodes chains or with an additional satellite QKD component. For the ambitious EuroQCI, it is imperative to have a European quantum eco-system and a well-trained work force in place. OPENQKD supports this growth of European innovations by investing in the manufacturing of next generation QKD systems. Finally, the project will also assist the certification activities for QKD systems to allow them to enter the cyber security market and take-up as fully trustworthy products.
The first part of the project was mainly spent on preparation of the use-case demonstration and manufacturing of the QKD systems and network equipment, that was to be installed at the demonstrator sites. 25 commercial-grade QKD systems were manufactured together with AES encryptors featuring the standardized key interface. With those devices the first three use-cases were successfully implemented in Graz (Austria) and Geneva (Switzerland). In Geneva two uses-cases were demonstrated, the first one with a bank, where crypto tokens were encrypted with QKD and safely stored. The second demonstration involved a utility provider that runs back-ups between data centers. This back-up traffic was successfully encrypted using keys from a QKD link. The use-case in Graz, shown in Fig. 1, was based on securing medical data generated at two local hospitals. The data was safely stored in data centers in the city and could be retrieved by other health care providers. All four communication links in this network were secured by QKD. The upcoming testbeds in Madrid, Poznan and Berlin are just starting their installations and should be operational within 1-2 months. Advancements on the other project objectives has also been made. In addition to the vertical interface between the QKD system and encryptor, work on a horizontal interface was started. Such an interface will allow key transfer between QKD systems from different vendors in a single network. The project also attracted much external attention and selected 9 outstanding proposals in the first tendering phase, enriching the use-case diversity and gaining access to the optical fiber back-bone of GEANT to test long-distance QKD. The QKD satellite component was also analysed in great detail with a recommendation report of which ground-satellite interfaces and satellite orbits are most suitable. To assist the European strategy on standardization of quantum communication an extensive status report of the current standardization landscape was compiled by the project. The project partners also started to work on a common criteria protection profile for QKD within the standardization organization ETSI.
As part of the support for the creation of a European quantum eco-system, OPENQKD brings together stakeholders from many industries on various levels, from component and equipment suppliers to network providers and operators and end-users. This action will create a very lasting impact, as many different sectors that previously have had no connection to quantum technologies are suddenly aware of them and even more importantly use them. As examples can be listed here hospitals, banks, governmental agencies and other stakeholder groups in OPENQKD. The large concentration of QKD systems, only second to China, made available by the project for testing and demonstration purposes, will lead to new innovations in Europe in the field of quantum communication and beyond, as QKD is only one part in the whole cybersecurity chain. With the achievements of OPENQKD, the realization of a Pan-European quantum network comes very much closer, as this project proves the technological readiness of quantum communication devices and the ability to promote our ICT security into the quantum age with the help of QKD.
Schematic overview of the use-case demonstration in Graz (Austria) securing data from two hospitals.