1 High Performance Networks Group
Fully meshed dynamically switched
QKD Metro network
Dr. George T. KanellosProf. Reza Nejabati
Prof. Dimitra Simeonidou
2 High Performance Networks Group
Dynamic Optical Networking for the Metro/Edge
Need for:Ø High BandwidthØ Low LatencyØ Very Dynamic
Dynamic Optical Networkingfor metro/edge
Security?
3 High Performance Networks Group
Dynamic QKD networking
Enablers:q Shorter Reach (<20km) + Low loss OXC
• Compatibility with classical optical networks
• Fit dynamic networking scenariosAllow co-existence of classical-quantum channels
Overcome physical transmission and switching limitations
- unamplified classical channels (à no ASE)- lower power classical channels (à low crosstalk)- Reduced insertion losses- Negligible fiber non-linearities
q Advanced Management Schemes- SDN to decide and implement routing- Optimal Path Computation- Re-arrange wavelengths to minimize non-
linearities (FWM)
4 High Performance Networks Group
Dynamic QKD networking
1) Resource Usage Optimizationà sharing
2) Path optimization and DOS Attack mitigationà rerouting
* HPN, IEEE JLT December, 2017
*HPN, Invited IEEE-JOCN, 2019
Operational Advantages:
5 High Performance Networks Group
The Q-ROADMChallenge:
dynamic, flexible, simultaneous quantum and classical resource allocation
Our contribution:• Four-degree quantum- reconfigurable add/drop
multiplexer (ROADM) • Low loss ROADM design ( < 5.3dB loss for QKD channel)• Flexigrid classical channels routing• Any combination of classical and quantum channels on the
same port• Dynamically reconfigurable routing of quantum channels
• HPN, invited IEEE JLT, July 2019
6 High Performance Networks Group
6
Q1
VNF 12
...
VNF 1X
Compute Node
Data Encryptor/Decryptor A 1
VOYAGER
Corsa Switch De
Mux
AWG
WSS
BVT4BVT3BVT2BVT1
Island Proxy
ISLAND SDN Controller
Island Orchestrator
VLAN Trunk
VLAN Trunk
VIM Voyager
PluginOpenFlow
REST API
QKD
WSS
R2 R3 R4R1
5G Island 1
Optical FrontHaul
5G Island 2
VNF 22
...
VNF 2X
Compute Node
Data Encryptor/Decryptor A 2
VOYAGER
Corsa Switch De
Mux
AWG
WSS
BVT4BVT3BVT2BVT1
Island Proxy Island
Orchestrator
VLAN Trunk
VLAN Trunk
VIM
QKD
WSS
R2 R3 R4R1
ISLAND SDN ControllerVoyager Plugin
OpenFlow
REST API
Optical FrontHaul
Q1
Q2
WSS
WSS
WSSW
SS
WSS
BYPASS PORT
BYPASS PORT
BYPASS PORT
DROP PORTS
Q CL
DROP PORTS
QCL
DROP PORTS
QCL
DROP PORTS
QCL
q-ROADM
VNF 41
5G Island 4
WSS
VNF 42
...
VNF 4X
Compute Node
Data Encryptor/Decryptor
VOYAGER
Corsa Switch
BVT4BVT3BVT2BVT1
Island Proxy
ISLAND SDN Controller
VLAN Trunk
VLAN Trunk
VIMVoyager Plugin
OpenFlow
REST API
R3 R2 R1R4
B2DeM
uxAW
G
QKD
Island Orchestrator
Optical FrontHaul
BYPASS PORT
Optical Fibre SwitchEDFA
Multiple EDFA
OFS
Bandwidth Variable TransceiverBVTWSSWSS Wavelength Selective Switches
Dashed Components are not implemented
VNF 31
WSS VNF 32
...
VNF 3X
Compute Node
Data Encryptor/Decryptor
VOYAGER
Corsa Switch
BVT4BVT3BVT2BVT1
Island Proxy
ISLAND SDN Controller
VLAN Trunk
VLAN Trunk
VIMVoyager Plugin
OpenFlow
REST API
R3 R2 R1R4
B1DeM
uxAW
G
QKD
Island Orchestrator
5G Island 3
Optical FrontHaul
7 High Performance Networks Group
Demo2: Fully meshed dynamically switched QKD Metro network
IDQ CL2IDQ CL3
IDQ CL2IDQ CL3
IDQ CL2
IDQ CL21.9 km
1.2 km
2 km
8 High Performance Networks Group
Demo2: Fully meshed dynamically switched QKD Metro networkGOALS:1. Demonstrate Classical-Quantum Channel Co-Existence over Mesh Network
- 4x100G (QPSK) Unamplified Optical Channels- 1x Quantum Ch. (IDQ CL.2)- 2x optical switches
2. Demonstrate Q-Ch. Denial of Service Mitigation over Mesh Network- Quantum Channel Rerouted over Mesh Network- 3x optical switches
3. Demonstrate QKD Resource Usage Optimization using dynamic QKD switching- 2x QKD pairs à 4x QKD links
4. Software Defined Control plane:- Monitor the q-channel- rerouting
9 High Performance Networks Group
Demo 2 Scenario Step 0 Step 1 Step 2
§ 2 Secure Links established§ WTC-HPN§ 1CS-NSQI§ Co-existence in WTC-HPN
§ DOS Attack and mitigation§ WTC-HPN link co-existing
channels violate Q-Ch§ SDN controller reroutes Q-ch§ Q-ch new path through 3 switches
§ Establish 2 new Secure links§ WTC-NSQI§ 1CS-HPN
10 High Performance Networks Group
Demo 2 - Step 0Step 0 Flowchart:
User defines 2 Secure LinksWTC-HPN (Co-exist)
1CS-NSQI
DOS Attack:Co-exist Cl-Ch. Shifts w/l close
to Q-ch
Q-ch error msg:Final key size=0
Secure Link 1 interrupted
11 High Performance Networks Group
Step 0 Actual Network topology WTC
HPN
NSQI
1CSBS
Data link 1: WTC-HPNQ1Data link 2: 1CS-NSQIQ2
12 High Performance Networks Group
Video step 0
Side channel attack
Secure Link interrupted Final Key Size=0
200G BVT SWITCH WTC DB TRANSFER HPN (CL2 BOB1)
NSQI (CL2 BOB2)1CS DB TRANFER
13 High Performance Networks Group
Demo 2 Step 1Phase 1 Flowchart:
SDN controller detects Attack(msg: Final Key Size=0)
SDN Controller defines Q-chrerouting through NSQI-HPN
Cl-Ch remains unaffetced
SDN Controller Switches OXC1/OXC3à establish WTC-
NSQI for Q-chOXC3/OXC4 à establish NSQI-
HPN for Q-ch
Key Points:Secure Link 1 re-established
14 High Performance Networks Group
Step 1 Actual Network topology Data link 1: WTC-HPNQ1: WTC-NSQI-HPNData link 2: 1CS-NSQIQ2
WTC
HPN
NSQI
1CSBS
OXC1
OXC4
OXC3
OXC2
Alice1
Bob1
Bob2
Alice2
SDNSRV
EncryptionSRV1
EncryptionSRV4
EncryptionSRV3
EncryptionSRV2
C)
15 High Performance Networks Group
Video phase 1
WTC DB TRANSFER HPN (CL2 BOB1)
NSQI (CL2 BOB2)1CS DB TRANFER
NSQI OXC
HPN OXC
WTC OXC
Secure Link still interrupted
Successful Key GenerationSecure Link re-initiated
Secure Link 2 Remains unaffected
16 High Performance Networks Group
Demo 2 Step 2Phase 2 Flowchart:
User defines new Secure Links
SDN Controller Switches OXC2/OXC4 à 1CS-HPN (Green)
SDN Controller Switches OXC3 à WTC-NSQI (Yellow)
Key Points:
2 New Secure Links established
17 High Performance Networks Group
Step 2 Actual Network topology Data link 3: WTC-NSQIQ3Data link 4: 1CS-HPNQ4
WTC
HPN
NSQI
1CSBS
18 High Performance Networks Group
Video phase 2WTC DB TRANSFER HPN (CL2 BOB1)
NSQI (CL2 BOB2)1CS DB TRANFER
NSQI OXC
HPN OXC
WTC OXC
Secure Link 1 interrupted
Secure Link 2 interrupted
Secure Link 3 initialization
Secure Link 4 initializationSecure Link 3 initiated
Secure Link 4 initiated
SKR=3kB/s
SKR=1kB/s
19 High Performance Networks Group
Summary
q First public, field-deployed QKD switched mesh network
q Optical switch in each node
q Co-existence capabilities
20 High Performance Networks Group
Acknowledgements
Mr Anderson Bravalheri
Dr. Emilio Hugues Salas
Dr Rodrigo Stange Tessinari
Dr Djeylan Aktas Mr Richard Collins
High Performance Networks Group