A system for quantum key synchronization within a server-cluster is provided. The system may include a plurality of silicon-based servers encapsulated in quantum cases. Each quantum case may include a quantum tunneling transmitter module, a quantum random number generator and a quantum entanglement module. The quantum cases may communicate with each other via the quantum tunneling transmitter module or any other suitable manner. The quantum cases may only communicate with cases with which they are entangled. Therefore, in the event of a compromise on one of the servers, the quantum entanglement module, included in the case that encapsulates the compromised server, may become disentangled, and therefore not be able to communicate with the other servers included in the cluster using an internal communications protocol.

A method for quantum-key-distribution-based encrypted data transmission in an optical/radio-access network, having a plurality of end nodes, includes, at a first node of the network: (a) via an optical quantum channel, exchanging photonic qubits with a second node, wherein the photonic qubits are processable to derive therefrom an initial key such that each of the first and second nodes have a copy of the initial key, (b) via a classical channel, exchanging a series of encrypted keys with the second node, wherein a first encrypted key is encrypted by the initial key, and each subsequent encrypted key is encrypted by a preceding encrypted key, and (c) via the classical channel, exchanging encrypted data with the second node, wherein the encrypted data is encrypted by a last encrypted key in the series of encrypted keys. One, but not both, of the first and second nodes is an end node.

A method of exchanging a combined cryptographic key between a first node and a second node,

the first node and the second node being connected through a first communication and a second communication network, wherein the first communication network is a quantum communication network wherein information is encoded on weak light pulses; and

the first node and the second node being configured to:

exchange one or more first cryptographic keys on the first communication network;

exchange one or more second cryptographic keys using the second communication network; and

form the combined cryptographic key by combining the one or more first cryptographic keys and the one or more second cryptographic keys, such that the first node and the second node share knowledge of the combined cryptographic key.

A method of exchanging a combined cryptographic key between a first node and a second node, the first node and the second node being connected through a first communication and a second communication network, wherein the first communication network is a quantum communication network wherein information is encoded on weak light pulses; and the first node and the second node being configured to: exchange one or more first cryptographic keys on the first communication network; exchange one or more second cryptographic keys using the second communication network; and form the combined cryptographic key by combining the one or more first cryptographic keys and the one or more second cryptographic keys, such that the first node and the second node share knowledge of the combined cryptographic key.

The concepts and technologies disclosed herein are directed to quantum key distribution (“QKD”) networking as a service. According to one aspect disclosed herein, a microservices controller can establish a plurality of quantum connections with a plurality of virtual quantum connection managers (“vQCMs”) deployed in association with a set of quantum user nodes (“QUNs”) in a QKD network. The microservices controller can receive a request to initialize the QKD network. The microservices controller can coordinate with the plurality of vQCMs to handle initialization of the QKD network. The microservices controller can receive a QKD service request from a QKD network operator. The microservices controller can invoke a plurality of microservices to handle the QKD service request.

A system of transmitting optical pulses from a transmitter to first and second receivers for the purposes of quantum key distribution is disclosed. The system can include a transmitter configured to transmit a plurality of optical pulses; first and second receivers configured to receive some or all of the plurality of optical pulses; a guide for guiding the plurality of optical pulses, the guide having first and second output ports, the first output port being in optical communication with the first receiver and the second output port being in optical communication with the second receiver, the guide being configured to output a proportion of the optical pulses at the first output port and a proportion of the optical pulses at the second output port, modification means for modifying the guide so as to change the proportion of the optical pulses output at the first output port.

A key management system is disclosed, including: a control node; multiple computing nodes, all the multiple computing nodes are connected to the control node; and multiple Quantum Key Distribution (QKD) nodes, all the multiple QKD nodes are connected to the control node, and each QKD node is connected to one of the computing nodes, where each QKD node is configured to generate a root key, generate Key Encryption Keys (KEKs) between the QKD node and a plurality of other QKD nodes according to a first instruction sent by the control node, and generate, according to a second instruction sent by the control node, a Data Encryption Key (DEK) corresponding to a user on the computing node connected to the QKD node.

An apparatus for random key transmission comprising a laser (101) configured to generate a coherent source optical signal; a quantum random number generator, QRNG, (105) configured to generate random bits (R1); an electro-optical modulator (107) configured to modulate the coherent source optical signal to generate a modulated optical signal including Quadrature Phase Shift Keying, QPSK, pilot symbols temporally multiplexed with quantum key distribution, QKD, symbols representing the random bits, wherein quadratures values of the modulated optical signal follow a modulation map, wherein the modulation map is a quadrature amplitude modulation, QAM, based Probabilistic Constellation Shaping, PCS, modulation map defining a mapping function for the random bits.

Quantum key distribution network security survivability can be provided by receiving, at a software defined networking controller operating in a control layer of a network, a recommendation from a global analytics service operating in an application layer of the network, the recommendation for replacing a failed communication link in a quantum key distribution layer of the network, the failed communication link being detected by a quantum edge computing device operating in the quantum key distribution layer. The software defined networking controller can generate a command to cause a quantum key distribution resource to perform an action to mitigate impact from the failed communication link. The command can be sent to the quantum key distribution resource and the quantum key distribution resource can perform the action to mitigate the impact from the failed communication link.

A method for use in a quantum communication network comprising a first node, a second node and a third node, the method performed by the third node, the method comprising: receiving, from the first node, a request for authentication key data for authenticating communication with the second node; in response to the request: generating the first authentication key data; sending, to the first node, a first message comprising first authentication key data for authenticating communication between the first node and the second node, wherein the first message is authenticated using second authentication key data stored on the first node and the third node, and wherein the first message is encrypted using a first cryptographic key exchanged with the first node on the quantum communication network; and sending, to the second node, a second message comprising the first authentication key data, wherein the second message is authenticated using third authentication key data stored on the second node and the third node, and wherein the second message is encrypted using a second cryptographic key exchanged with the second node on the quantum communication network.