Page 53 - Kaleidoscope Academic Conference Proceedings 2021
P. 53

3.1.2   ITU-T  Y.3801  -  Functional requirements for   ・ In the QKDN control layer, a QKDN controller function
                  quantum key distribution networks               is to control QKDN resources to ensure secure, stable,
                                                                  efficient, and robust operations of a QKDN.
           There are  the  most common requirements  for  QKDNs  in   ・ In  the  QKDN management  layer, a  QKDN manager
           terms of key rate, link length, key usage, and robustness, and   function is to manage Fault, Configuration, Accounting,
           so on [2]. In the context of QKDNs, ITU-T Y.3801 specifies   Performance,  and  Security  (FCAPS) aspects of a
           the functional requirements for  quantum  layer, the key   QKDN as a whole, and support user  network
           management layer, the QKDN control layer and the QKDN   management.
           management layer. Based on the layered structure of QKDN
           shown in ITU-T Y.3800 and the functional requirements in   ・ In  the  service layer,  a  cryptographic  application
           ITU-T Y.3801 [11], the detailed functional architecture is   function consumes the shared key-pairs provided by a
           developed in ITU-T Y.3802 [12].                        QKDN and performs secure communications between
                                                                  remote parties.
           3.1.3   ITU-T Y.3802 - Quantum key distribution networks   ・ In the user network management layer, a user network
                  – Functional architecture                       manager function  performs FCAPS management
                                                                  features of a user network.
           ITU-T Y.3802 defines a functional architecture model of the
           QKDN, as shown in Figure 3. It specifies detailed functional   Based  on the architecture,  there are multiple  possible
           elements and reference points, architectural configurations   network configurations of interconnecting various entities. It
           and basic operational procedures of the QKDN.      illustrates 1) a distributed QKDN; 2) a centralized QKDN; 3)
                                                              a centralized QKDN with hierarchical QKDN nodes; and 4)
           The  functional  architecture model  includes the following   a centralized QKDN with a centralized key relay. In addition,
           architectural components: 1) Layered structure (i.e. Figure 3);   it describes  basic operational procedures  for  service
           2) With a cryptographic application, a user network manager,  provisioning and system initialization, key generation, key
           and an application link in the user network, basic functions  request and supply, key relay, and key relay rerouting.
           and links in the QKDN as follows:
           ・ QKD module:  a  set of  hardware and software    3.1.4   ITU-T Y.3803 - Quantum key distribution networks
               components that implement the cryptographic functions   – Key management
               and quantum  optical processes, including  QKD
               protocols, synchronization,  and  distillation  for key  ITU-T Y.3803 [13] provides help for the design, deployment,
               generation. It  is contained  within a defined  and operation of key management of a QKDN to fulfill the
               cryptographic boundary  to demarcate  one layer's  requirements specified in ITU-T Y.3801.
               responsibility on the keys.
           ・ Key Manager (KM): a functional module located in a
               QKD node  to perform  the  functions for  key
               management in the key management layer.
           ・ QKDN controller:  a  functional module, which is
               located in the QKDN control layer to control a QKDN.
           ・ QKDN manager: A functional module, which is located
               in the QKDN management layer to monitor and manage
               a QKDN.
           ・ QKD link:  a communication link between  two QKD
               modules to operate the QKD.
           ・ KM link:  a communication link connecting KMs to
               perform key management.
           3) Functional elements: Subfunctions contained in each basic
           function (e.g. a routing control function under the QKDN
           controller);  and  4)  Detailed reference points.  More
           specifically:                                            Figure 4 – Functional architecture model of
           ・ In the quantum layer, a pair of QKD modules connected          the key management layer
               by a QKD link generates quantum key distribution keys
               (QKD-keys) by using QKD protocols.             As shown Figure 4, the KM consists of a Key Management
           ・ In  the  key management  layer,  the  KM  function is to  Agent (KMA), a  Key  Supply  Agent (KSA), and a KM
                                                              control and management function. In addition, a KM link is
               receive and manage keys generated by QKD modules
               and QKD links, relay the keys, and supply the keys to  divided into the KMA link (Kx-1) and the KSA link (Kx-2)
                                                              corresponding to their independent roles.  ITU-T Y.3803
               cryptographic applications.
                                                              presents basic key management operations in a QKDN. Each



                                                          – xlix –
   48   49   50   51   52   53   54   55   56   57   58