This application provide quantum key distribution methods, devices, and storage media. In an implementation, a method comprises: determining, based on a first mapping, a first quantum key of N first quantum keys corresponding to an i.sup.th node on a target routing path; determining, based on a second mapping, a second quantum key of N second quantum keys corresponding to the i.sup.th node; and generating, by the i.sup.th node based on the first quantum key corresponding to the i.sup.th node and the second quantum key corresponding to the i.sup.th node, a third quantum key corresponding to the i.sup.th node on the target routing path.

Quantum key distribution network security survivability can be provided by receiving, at a software defined networking controller operating in a control layer of a network, a recommendation from a global analytics service operating in an application layer of the network, the recommendation for replacing a failed communication link in a quantum key distribution layer of the network, the failed communication link being detected by a quantum edge computing device operating in the quantum key distribution layer. The software defined networking controller can generate a command to cause a quantum key distribution resource to perform an action to mitigate impact from the failed communication link. The command can be sent to the quantum key distribution resource and the quantum key distribution resource can perform the action to mitigate the impact from the failed communication link.

The present disclosure relates to a method and apparatus for control action based on software-defined networking associated with quantum key distribution network (QKDN) management in a quantum key distribution network. A method for performing a control action associated with QKDN management in a QKDN according to an embodiment of the present disclosure may include: receiving, by a first control entity, control action information from a QKDN manager; determining, by the first control entity, a target of the control action based on the control action information; classifying, by the first control entity, the control action sequentially as one of a routing or rerouting-related control action, a provisioning-related control action, a protection or recovery-related control action, and a charge-related control action based on the target of the control action; and transmitting, by the first control entity, information for performing the control action for a target associated with the classified control action.

The present disclosure relates to a method and apparatus for key relay control based on software-defined networking in a quantum key distribution network. A method of controlling key relay in a quantum key distribution network (QKDN) according to an embodiment of the present disclosure includes: receiving, by a first control entity, a key relay route request from a key management (KM) layer; determining, by the first control entity, whether or not key relay is associated with a plurality of resource groups; and, transmitting a key relay route request from the first control entity to a second control entity, when key relay is associated with the plurality of resource groups, wherein key relay route information produced by the second control entity may be provided to the KM layer.

A node may receive, from a quantum key-distribution (QKD) device, a first message that includes an identifier associated with a key. The node may send, to another node, a second message that includes the identifier and a request to perform at least one task. A node may receive, from the other node, a third message that includes information associated with performance of the at least one task by the other node and information indicating a time of performance. The node may receive, from the QKD device, a fourth message that includes the key and information indicating a time window associated with the quantum key; wherein the fourth message is received after expiration of the time window. The node may process, based on the fourth message, the third message to determine whether the third message is valid and thereby cause one or more actions to be performed.

A system for quantum key synchronization within a server-cluster is provided. The system may include a plurality of silicon-based servers encapsulated in quantum cases. Each quantum case may include a quantum tunneling transmitter module, a quantum random number generator and a quantum entanglement module. The quantum cases may communicate with each other via the quantum tunneling transmitter module or any other suitable manner. The quantum cases may only communicate with cases with which they are entangled. Therefore, in the event of a compromise on one of the servers, the quantum entanglement module, included in the case that encapsulates the compromised server, may become disentangled, and therefore not be able to communicate with the other servers included in the cluster using an internal communications protocol.

Aspects of the subject disclosure may include, for example, identifying a request to facilitate communications between first and second processing nodes, determining that the communications are to be established via quantum teleportation between, and identifying a network path comprising a first path segment to obtain a quantum channel, wherein quantum entanglement is established between the first and second processing nodes based on transportation of a first quantum entangled object via the quantum channel. A classical communication channel is facilitated between the first and second processing nodes, adapted to exchange between the nodes, quantum state information of a measurement performed upon the first quantum entangled object. Information is exchanged between the first and second processing nodes via the quantum channel according to the transported first quantum entangled object and the exchanged quantum state information. Other embodiments are disclosed.

A system and method for securely distributing quantum keys in a network are disclosed. The method includes receiving request for generating pair of quantum keys between source quantum node and target quantum node. Further, the method includes generating first pair of quantum keys based on the request. The method includes transmitting the first pair of quantum keys to the intermediate quantum node using a first quantum link. The method further includes generating intermediate pair of quantum key based on events detected at the intermediate quantum node. The method further includes interleaving the intermediate pair of quantum key with the first pair of quantum keys. Also, the method includes generating a second pair of quantum keys comprising interleaved intermediate pair of quantum key and first pair of quantum keys. Further, the method includes encoding and transmitting the second pair of quantum keys to target quantum node using second quantum link.

A first node of a network includes a quantum transmitter, a classical transceiver, and an initial-key generator that cooperate with a second node to transmit an initial key via the quantum transmitter. The first node includes a key-series generator that (i) encrypts a first unencrypted key of a series of unencrypted keys to generate a first encrypted key of a series of encrypted keys and (ii) encrypts each subsequent unencrypted key of the series of unencrypted keys with a preceding unencrypted key of the series of unencrypted keys to generate a subsequent encrypted key of the series of encrypted keys. The encrypted keys are transmitted to the second node. The first node includes one or both of a decryptor and an encryptor. The decryptor decrypts encrypted data using a last unencrypted key of the series of unencrypted keys. The encryptor encrypts unencrypted data using the last unencrypted key.

A first information sharing device shares secret information with each relay device adjacent to the first information sharing device along a plurality of paths. A second information sharing device shares secret information with each relay device adjacent to the second information sharing device along the plurality of path. Each of the plurality of relay devices shares secret information with each relay device adjacent to each of the relay devices along the plurality of paths, generates public information using the shared secret information, and transmits the generated public information to the second information sharing device. The first information sharing device generates shared information using the secret information shared with each relay device adjacent to the first information sharing device along the plurality of paths. The second information sharing device generates shared information using the secret information shared with each relay device adjacent to the second information sharing device along the plurality of paths and the public information received from the relay device.