skip to main content

Attention:

The NSF Public Access Repository (PAR) system and access will be unavailable from 11:00 PM ET on Friday, December 13 until 2:00 AM ET on Saturday, December 14 due to maintenance. We apologize for the inconvenience.


Title: Quantum Key Distribution for Critical Infrastructures: Towards Cyber-Physical Security for Hydropower and Dams

Hydropower facilities are often remotely monitored or controlled from a centralized remote control room. Additionally, major component manufacturers monitor the performance of installed components, increasingly via public communication infrastructures. While these communications enable efficiencies and increased reliability, they also expand the cyber-attack surface. Communications may use the internet to remote control a facility’s control systems, or it may involve sending control commands over a network from a control room to a machine. The content could be encrypted and decrypted using a public key to protect the communicated information. These cryptographic encoding and decoding schemes become vulnerable as more advances are made in computer technologies, such as quantum computing. In contrast, quantum key distribution (QKD) and other quantum cryptographic protocols are not based upon a computational problem, and offer an alternative to symmetric cryptography in some scenarios. Although the underlying mechanism of quantum cryptogrpahic protocols such as QKD ensure that any attempt by an adversary to observe the quantum part of the protocol will result in a detectable signature as an increased error rate, potentially even preventing key generation, it serves as a warning for further investigation. In QKD, when the error rate is low enough and enough photons have been detected, a shared private key can be generated known only to the sender and receiver. We describe how this novel technology and its several modalities could benefit the critical infrastructures of dams or hydropower facilities. The presented discussions may be viewed as a precursor to a quantum cybersecurity roadmap for the identification of relevant threats and mitigation.

 
more » « less
Award ID(s):
2152168
PAR ID:
10516696
Author(s) / Creator(s):
; ; ; ;
Publisher / Repository:
MDPI
Date Published:
Journal Name:
Sensors
Volume:
23
Issue:
24
ISSN:
1424-8220
Page Range / eLocation ID:
9818
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. Abstract

    Quantum key distribution (QKD) has established itself as a groundbreaking technology, showcasing inherent security features that are fundamentally proven. Qubit-based QKD protocols that rely on binary encoding encounter an inherent constraint related to the secret key capacity. This limitation restricts the maximum secret key capacity to one bit per photon. On the other hand, qudit-based QKD protocols have their advantages in scenarios where photons are scarce and noise is present, as they enable the transmission of more than one secret bit per photon. While proof-of-principle entangled-based qudit QKD systems have been successfully demonstrated over the years, the current limitation lies in the maximum distribution distance, which remains at 20 km fiber distance. Moreover, in these entangled high-dimensional QKD systems, the witness and distribution of quantum steering have not been shown before. Here we present a high-dimensional time-bin QKD protocol based on energy-time entanglement that generates a secure finite-length key capacity of 2.39 bit/coincidences and secure cryptographic finite-length keys at 0.24 Mbits s−1in a 50 km optical fiber link. Our system is built entirely using readily available commercial off-the-shelf components, and secured by nonlocal dispersion cancellation technique against collective Gaussian attacks. Furthermore, we set new records for witnessing both energy-time entanglement and quantum steering over different fiber distances. When operating with a quantum channel loss of 39 dB, our system retains its inherent characteristic of utilizing large-alphabet. This enables us to achieve a secure key rate of 0.30 kbits s−1and a secure key capacity of 1.10 bit/coincidences, considering finite-key effects. Our experimental results closely match the theoretical upper bound limit of secure cryptographic keys in high-dimensional time-bin QKD protocols (Moweret al2013Phys. Rev.A87062322; Zhanget al2014Phys. Rev. Lett.112120506), and outperform recent state-of-the-art qubit-based QKD protocols in terms of secure key throughput using commercial single-photon detectors (Wengerowskyet al2019Proc. Natl Acad. Sci.1166684; Wengerowskyet al2020npj Quantum Inf.65; Zhanget al2014Phys. Rev. Lett.112120506; Zhanget al2019Nat. Photon.13839; Liuet al2019Phys. Rev. Lett.122160501; Zhanget al2020Phys. Rev. Lett.125010502; Weiet al2020Phys. Rev.X10031030). The simple and robust entanglement-based high-dimensional time-bin protocol presented here provides potential for practical long-distance quantum steering and QKD with multiple secure bits-per-coincidence, and higher secure cryptographic keys compared to mature qubit-based QKD protocols.

     
    more » « less
  2. null (Ed.)
    A Quantum Key Distribution (QKD) protocol describes how two remote parties can establish a secret key by communicating over a quantum and a public classical channel that both can be accessed by an eavesdropper. QKD protocols using energy-time entangled photon pairs are of growing practical interest because of their potential to provide a higher secure key rate over long distances by carrying multiple bits per entangled photon pair. We consider a system where information can be extracted by measuring random times of a sequence of entangled photon arrivals. Our goal is to maximize the utility of each such pair. We propose a discrete-time model for the photon arrival process, and establish a theoretical bound on the number of raw bits that can be generated under this model. We first analyze a well-known simple binning encoding scheme, and show that it generates a significantly lower information rate than what is theoretically possible. We then propose three adaptive schemes that increase the number of raw bits generated per photon, and compute and compare the information rates they offer. Moreover, the effect of public channel communication on the secret key rates of the proposed schemes is investigated. 
    more » « less
  3. null (Ed.)
    With the vastly growing need for secure communication, quantum key distribution (QKD) has been developed to provide high security for communications against potential attacks from the fast-developing quantum computers. Among different QKD protocols, continuous variable (CV-) QKD employing Gaussian modulated coherent states has been promising for its complete security proof and its compatibility with current communication systems in implementation with homodyne or heterodyne detection. Since satellite communication has been more and more important in developing global communication networks, there have been concerns about the security in satellite communication and how we should evaluate the security of CV-QKD in such scenarios. To better analyse the secure key rate (SKR) in this case, in this invited paper we investigate the CV-QKD SKR lower bounds under realistic assumptions over a satellite-to-satellite channel. We also investigate the eavesdropper's best strategy to apply in these scenarios. We demonstrate that for these channel conditions with well-chosen carrier centre frequency and receiver aperture size, based on channel parameters, we can optimize SKR correspondingly. The proposed satellite-based QKD system provides high security level for the coming 5G and beyond networks, the Internet of things, self-driving cars, and other fast-developing applications. 
    more » « less
  4. Abstract

    Two‐way quantum key distribution (QKD) protocols utilize bi‐directional quantum communication to establish a shared secret key. Due to the increased attack surface, security analyses remain challenging. Here a high‐dimensional variant of the Ping Pong protocol is investigated and an information theoretic security analysis in the finite‐key setting is performed. The main contribution in this work is to show a new proof methodology for two‐way quantum key distribution protocols based on the quantum sampling framework of Bouman and Fehr introduced in 2010 and also sampling‐based entropic uncertainty relations introduced by the authors in 2019. The Ping Pong protocol is only investigated here, but these methods may be broadly applicable to other QKD protocols, especially those relying on two‐way channels. Along the way, some fascinating benefits to high‐dimensional quantum states applied to two‐way quantum communication are also showed.

     
    more » « less
  5. Twin-field QKD (TF-QKD) protocols allow for increased key rates over long distances when compared to standard QKD protocols. They are even able to surpass the PLOB bound without the need for quantum repeaters. In this work, we revisit a previous TF-QKD protocol and derive a new, simple, proof of security for it. We also look at several variants of the protocol and investigate their performance, showing some interesting behaviors due to the asymmetric nature of the protocol. 
    more » « less