QCRYPT

Secure High-Speed Communication based on Quantum Key Distribution

In todays information society data security is of highest importance

e-commerce, e-banking, backup (banks)

Goal Transfer of secret messages between Alice and Bob

Alice Bob

Requirements Secrecy: the message cannot be read by an unauthorized party Authenticity: message cannot be changed by an unauthorized party

Goal Transfer of secret messages between Alice and Bob

Alice Bob

Encryption Encoding the messages with a shared secret key

Network encryptor

Network encryptor

Goal Transfer of private messages between Alice and Bob

Alice

Bob

Authentication Attach authentication tag to verify that message has been received as it was sent by Alice

Authentication device

Authentication device

The QCrypt Concept

High-speed Quantum Key Distribution
40 100Gbps enCRYPTion
100 Gb/s WDM

In line nano-tera key words: Security, Communication, Systems and Software

QCRYPT is multidisciplinary!
Nino Walenta1, Olivier Guinnard1, Raphael Houlmann1, Charles Lim Ci Wen1, Boris Korzh1, Tommaso Lunghi1, Nicolas Gisin1, Hugo Zbinden1, Andreas Burg2, Jeremy Constantin2, Matthieu Legr3, Patrick Trinkler3, Dario Caselunghe3, Natalia Kulesza3, Gregory Trolliet4, Fabien Vannel4, Pascal Junod5, Olivier Auberson5, Yoan Graf5, Gilles Curchod5, Gilles Habegger5, Etienne Messerli5,Christopher Portmann1,6, Luca Henzen7, Christoph Keller7, Christian Pendl7, Michael Mhlberghuber7, Christoph Roth7, Norbert Felber7, Frank Grkaynak8, Daniel Schni8, Beat Muheim8
1Group

Quantum Physics Mathematics Computer Science Telecommunication FPGA programming rf electronics PCB design Mechanical engineering Technology transfer

of Applied University of Geneva, 2Telecommunications Circuits Laboratory, EPF Lausanne, 3idQuantique SA, Geneva, 4University of Applied Sciences Western Switzerland ,Geneva. 5University of Applied Sciences Western Switzerland, Yverdon-les-Bains (HEIG-VD), 6Institute for Theoretical Physics, ETH Zurich, 7Integrated Systems Laboratory, ETH Zurich, 8Microelectronics Design Center, ETH Zurich,

Part A) QKD
Send key with individual photons (quantum states) The eavesdropper may not measure without perturbation (Heisenbergs uncertainty principle) Eavesdropping can be detected by Alice and Bob!

QKD is proven information theoretically secure!

Poster!

Efficient, rapid stable QKD scheme

QBER Visibility
0 1 e
2

Characteristics of coherent one way scheme: 1.25 GHz clock rate Security proof with finite key analysis

Reveals action of eavesdropper Input for key distillation

High speed hardware key distillation

Sifting
Error estimation Error correction Error verification Privacy amplification Authentication Timing and base information Random sampling for QBER LDPC forward error correction Universal hashing Toeplitz hashing Polynomial hashing

Distillation implemented in a single FPGA (Virtex 6) Secret key distillation at a rate of up to 4Mbit/s One-time-pad encryption implemented

Poster!

Efficient, rapid single photon detectors

Walenta et al. J. of App. Phys., 112, 063106 (2012).

InGaAs APD 1.25 GHz gate frequency High detection rates > 33 MHz Low afterpulse probability < 1% Low dead time of 8 ns Low timing jitter of ~70 ps (fwhm) Room temperature operation

1.25 GHz

130 ps (fwhm)

=10 % pdark=610-7 /gate

QKD Results

Detection rate: 5.3 MHz Sifted rate: 4.1 MHz Secret rate: 527 kHz

Distance up to 100km Secret bit rates up to 1Mbit/s

B) Encryption: Motivation and Challenges

High bit rate encryption and authentication based on QKD for nextgeneration communication systems (100Gb/s) Enhance the security against successful cipher attacks by replaceable alternative encryption and authentication architectures Error-free operation due to perfect debugging of the complex system with the aid of advanced testbenches Design of the fast encryption PCB as close as possible to industrial manufacturability with high quality electrical connections

Fast Encryptor
10x/4x 10 Gbit/s Ethernet
Full system/Demonstrator
10 GE TDM GHASH AES AES GHASH 100 GE GHASH AES GHASH 10 GE 10 GE TDM

Optical Link

100 GE

AES

10 GE

Key Management & Synchronization Key

100/40 Gbit/s

Key Management & Synchronization Key

10000 encryption keys per second

4 alternative Crypto Cores AES GCM AES + GCM OCB AES + OCB Serpent Serpent + GCM Serpent + OCB

AES = Advanced Encryption Standard GCM = Galois/Counter Mode

Poster!

10x/4x 10 Gbit/s Ethernet

QCrypt TestBench Debugging

Use of SystemVerilog TestBench to validate the Encryptor
Hardware analyzer + Very fast (10Gbit/s per channel) No control on the generated traffic Only BER is reported TestBench Very slow (250 bit/s per channel) + Driven test signal using random or fixed Ethernet frame settings: Payload Frame size + All internal signals available + Bitwise comparison

Poster!

QCrypt PCB Version V2

Challenges V2/V1
10Gbit/s differential line quality
The right material Rogers low-profile Controlled impedance differential pairs

Simulations for 10G Structures

3D simulations CST STUDIO SUITE

Manufacturability
The right company: Photochemie WIKO pcb Aspect ratio of vias 1:20 1:20 1:15 Symmetric layer stack no yes yes high-speed layers in center, back-drilled vias
Via model for 3D simulation: Differential via, traces and GND vias Cut through Cu planes of stackup Results before and after optimization

QCrypt PCB Version V2

PCB V1

Stackup

PCB V2

PCB with 26 layers

Very high speed signals up to 10 Gbit/s Routing FPGA with 2000 pins High current up to 40 A 26 different power supplies

GENERAL NELCO 4000

Power distribution
75 power planes / split planes for lower mutual influence 26 Layer PCB

HIGH-SPEED ROGERS LoPro

GENE POWE VENTEC VT-47 RAL R POWE GENE VENTEC VT-47 R RAL

Challenges V2/V1
POWER

F P G A

F P G A
Back-drilled Hole = copper removed

Industrial requirements
PCIe cable interface to QKD system ATCA form factor PCB V2 compliant EDC chips for six 10Gbit/s interfaces
Compensates for signal degradations Improved communication range

HIGH-SPEED
Copper

Poster!
Prepreg Core

Results Encryption
100/40 Gbit/s demonstrator with 4 exchangeable authentication/encryption cores

up to 10000 key updates per second

Measured bit error rates of <10-16 (PCBs V1)

Enhanced PCB V2 ready for fabrication

never develop a PCB which can only be manufactured by one company!

Thesis by Christoph Keller (ETHZ) on physical unclonable functions

Poster!

Conclusion
100 Gb/s

See live demo of QKD, OTP and 40Gb/s encrypted transmission!

Thank you very much!!!