DESC:EARLIEST PRIORITY DATE:
[0001] This Application claims priority from a Provisional patent application filed in India having Patent Application No. 202341004659, filed on January 24, 2023, and titled “HUB AND SPOKE CONFIGURATION BASED QUANTUM KEY DISTRIBUTION NETWORK”.
FIELD OF INVENTION
[0002] Embodiments of a present disclosure relate to quantum communication systems and more particularly to a system and a method for interconnecting multi-devices by a source-destination based Quantum Key Distribution (QKD) Network through a secure quantum communication channel.
BACKGROUND
[0003] Generally, Quantum Key Distribution (QKD) technology employs principles of quantum mechanics to establish a secure communication method through the implementation of a cryptographic protocol. The QKD technology facilitates the generation of a shared random secret key exclusive to two communicating parties, allowing for the encryption and decryption of messages. The Quantum Key Distribution (QKD) technology is proficient to realize unconditionally secure secret communication theoretically by means of basic principles of Quantum mechanics. The potential of the QKD technology extends to the realization of multi-user, high-speed, remote, and networked secure key distribution, a vital aspect for the practical application of the QKD technology. Although a successful small-scale and experimental QKD network has been established, further research is necessary to expand the coverage range and network scale of quantum key distribution, including the exploration of wide-area quantum key distribution networks.
[0004] However, early implementations of the QKD network mainly focus on the communication between two endpoints. Conventional point-to-point QKD networks are limited by the transmission distance, which is limited by the key rate. Therefore, the development of wide area network is challenging.
[0005] In a conventional point-to-point QKD system, establishing connections among three nodes necessitates the use of two distinct sets of QKD devices. However, the scalability of the conventional point-to-point QKD systems is constrained. Additionally, the conventional point-to-point QKD system becomes less effective when the number of nodes to connect to become greater than three. Moreover, with increase in the number of nodes to be connected to, the conventional point-to-point QKD systems become exorbitant with respect to cost and equipment.
[0006] Hence, there is a need for an improved system and method for interconnecting multi-devices by a source-destination based Quantum Key Distribution Network, to address the at least aforementioned issues.
SUMMARY
[0007] This summary is provided to introduce a selection of concepts, in a simple manner, which is further described in the detailed description of the disclosure. This summary is neither intended to identify key or essential inventive concepts of the subject matter nor to determine the scope of the disclosure.
[0008] An aspect of the present disclosure provides a system for interconnecting multi-devices by a source-destination based Quantum Key Distribution (QKD) Network. The system includes one or more source Quantum Key Distribution (QKD) devices, and each source QKD device of the one or more source QKD devices includes a state preparation unit. The state preparation unit is configured to generate one or more quantum states comprising a series of N coherent pulses with one or more phases of the one or more quantum states. The one or more quantum states comprises a signal state generated using a signal unit, and a decoy state generated using a decoy unit.
[0009] The state preparation unit is further configured to encode the one or more phases of the one or more quantum states based on a phase modulator (or an encoding unit) of the state preparation unit. Each source QKD device further includes a key generation and management unit configured to generate one or more symmetric keys with the one or more phase encoded quantum states, on a round-robin time-sharing basis with control over a ratio of time slots allocated to each source QKD device based on a key rate required between each source QKD device and a destination QKD device.
[0010] Each source QKD device further includes a state transmission unit configured to transmit weak-coherent based phase encoded quantum states to the destination QKD device through one or more secure quantum communication channels.
[0011] The system further includes a controllable optical switch configured to connect each source QKD device of the one or more source QKD devices with the destination QKD device at a pre-defined time duration (i.e., a user configurable time duration). Each source QKD device is connected with the destination QKD device, one at a time based on on-priority mechanism (or round robin mechanism).
[0012] The system further includes the destination QKD device. The destination QKD device includes a delay line interferometer unit configured to receive one or more signal pulses of the one or more signal states and one or more decoy pulses of the one or more decoy states, with one or more random phase values, from the state transmission unit of each source QKD device. The delay line interferometer unit is further configured to generate self-interference between the one or more signal pulses of the one or more signal states and the one or more decoy pulses of the one or more decoy states by combining one or more neighboring signal pulses and one or more neighboring decoy pulses.
[0013] The destination QKD device further includes a single photon detection unit configured to determine a self-interference result between at least two neighboring pulses in the delay line interferometer unit. The self-interference result indicates optimization of a neighboring pulse among the at least two neighboring pulses based on a phase difference determined between the one or more neighboring signal pulses and the one or more neighboring decoy pulses.
[0014] The destination QKD device further includes a demodulation unit configured to receive information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses from the single photon detection unit. The demodulation unit is further configured to decode the weak-coherent based phase encoded quantum states based on the information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses.
[0015] The system further includes a synchronization channel configured to exchange timing information of each source QKD device of the one or more source QKD devices with the destination QKD device, and coordinate transmission and detection of the one or more quantum states, for synchronizing clocks of each source QKD device of the one or more source QKD devices with the destination QKD device to correlate the exchanged timing information, at each switch of each source QKD device.
[0016] In an embodiment, the security analysis unit is configured to determine at least one of: a photon number dependent yield and a photon number dependent quantum bit error rate (QBER) based on detection information received from the destination QKD device.
[0017] In another embodiment, the one or more source QKD devices and the destination QKD device are based on a novel scheme of decoy-differential phase shift (decoy-DPS) resilient to a Photon-Number-Splitting (PNS) attack. The one or more source QKD devices and the destination QKD device are basic entities of a quantum network topology.
[0018] In yet another embodiment, the state preparation unit comprises one or more optical components comprising at least one of: (a) an intensity modulator (IM) configured to modulate an intensity of optical source pulses for randomly generating the one or more signal pulses and the one or more decoy pulses, (b) a true random number generator (TRNG) configured to generate a random sequence of number for controlling an intensity of the one or more signal pulses and the one or more decoy pulses generated by the intensity modulator, (c) the phase modulator (PM) configured to modulate the one or more phases of the one or more signal pulses and the one or more decoy pulses for encoding one or more secret key bits into the one or more quantum states, and (d) a variable optical attenuator (VOA) configured to attenuate transmission power of the optical source pulses for creating the one or more decoy states with one or more mean photon numbers.
[0019] In yet another embodiment, the controllable optical switch is further configured to (a) connect a first source QKD device with the destination QKD device when the first source QKD device needs to be connected with the destination QKD device at the pre-defined time duration (i.e., user configurable time duration), on a priority; and (b) connect a second source QKD device with the destination QKD device in the round robin mechanism upon the connection between the first source QKD device and the destination QKD device is completed.
[0020] In yet another embodiment, each source QKD device of the one or more source QKD devices is communicated through the destination QKD device by: (a) initiating, by the destination QKD device, a connection with each source QKD device of the one or more source QKD devices; (b) receiving, by the destination QKD device, the weak-coherent based phase encoded quantum states from each source QKD device of the one or more source QKD devices; (c) performing, by the destination QKD device, one-time pair operation with the weak-coherent based phase encoded quantum states received from each source QKD device of the one or more source QKD devices, wherein the destination QKD device comprises a time control master unit configured to respond to a control request of the destination QKD device; (d) transmitting, by the destination QKD device, the one-time paired weak-coherent based phase encoded quantum states to each source QKD device of the one or more source QKD devices; and (e) establishing, by the destination QKD device, the connection between each source QKD device of the one or more source QKD devices based on the one-time paired weak-coherent based phase encoded quantum states transmitted to each source QKD device of the one or more source QKD devices.
[0021] In yet another embodiment, the controllable optical switch comprises a controller. The controller is connected to an external control circuit for selecting an optical path for each source QKD device by configuring at least four data bits as an input to the controllable optical switch.
[0022] In another aspect of the present disclosure provides a method for interconnecting multi-devices by a source-destination based Quantum Key Distribution (QKD) Network. The method includes generating, by a state preparation unit of each source Quantum Key Distribution (QKD) device associated with a system, one or more quantum states comprising a series of N coherent pulses with one or more phases of the one or more quantum states. The one or more quantum states comprises one or more signal states generated by a signal unit and one or more decoy states generated by a decoy unit.
[0023] The method further includes encoding, by a phase modulator (or an encoding unit) of the state preparation unit of each source QKD device, the one or more phases of the one or more quantum states. The method further includes generating, by a key generation and management unit of each source QKD device, one or more symmetric keys with the one or more phase encoded quantum states, on a round-robin time-sharing basis with control over a ratio of time slots allocated to each source QKD device based on a key rate required between each source QKD device and a destination QKD device.
[0024] The method further includes transmitting, by a state transmission unit of each source QKD device, weak-coherent based phase encoded quantum states to the destination QKD device through one or more secure quantum communication channels. The method further includes connecting, by a controllable optical switch, each source QKD device of the one or more source QKD devices with the destination QKD device at a pre-defined time duration. Each source QKD device is connected with the destination QKD device, one at a time based on on-priority mechanism (or round robin mechanism).
[0025] The method further includes receiving, by a delay line interferometer unit of the destination QKD device, one or more signal pulses of the one or more signal states and one or more decoy pulses of the one or more decoy states, with one or more random phase values, from the state transmission unit of the source QKD device. The method further includes generating, by the delay line interferometer unit of the destination QKD device, self-interference between the one or more signal pulses of the one or more signal states and the one or more decoy pulses of the one or more decoy states by combining one or more neighboring signal pulses and one or more neighboring decoy pulses.
[0026] The method further includes determining, by a single photon detection unit of the destination QKD device, a self-interference result between at least two neighboring pulses in the delay line interferometer unit. The self-interference result indicates optimization of a neighboring pulse among the at least two neighboring pulses based on a phase difference determined between the one or more neighboring signal pulses and the one or more neighboring decoy pulses. The method further includes receiving, by a demodulation unit of the destination QKD device, information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses from the single photon detection unit. The method further includes decoding, by the demodulation unit of the destination QKD device, the weak-coherent based phase encoded quantum states based on the information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses.
[0027] To further clarify the advantages and features of the present disclosure, a more particular description of the disclosure will follow by reference to specific embodiments thereof, which are illustrated in the appended figures. It is to be appreciated that these figures depict only typical embodiments of the disclosure and are therefore not to be considered limiting in scope. The disclosure will be described and explained with additional specificity and detail with the appended figures.
BRIEF DESCRIPTION OF DRAWINGS
[0028] The disclosure will be described and explained with additional specificity and detail with the accompanying figures in which:
[0029] FIG. 1 illustrates an exemplary block diagram representation of a system for interconnecting multi-devices by a source-destination based Quantum Key Distribution (QKD) network, through one or more secure quantum communication channels, in accordance with an embodiment of the present disclosure;
[0030] FIG. 2A illustrates an exemplary block diagram representation of a source Quantum Key Distribution (QKD) device as shown in FIG 1, in accordance with an embodiment of the present disclosure;
[0031] FIG. 2B illustrates an exemplary block diagram representation of a destination Quantum Key Distribution (QKD) device as shown in FIG 1, in accordance with an embodiment of the present disclosure;
[0032] FIG. 3 illustrates an exemplary block diagram representation of a state preparation unit associated with the source Quantum Key Distribution (QKD) device, in accordance with an embodiment of the present disclosure;
[0033] FIG 4 illustrates an exemplary block diagram representation of a trusted relay between one or more source QKD devices by the destination Quantum Key Distribution (QKD) device acting as a quantum resistant device, in accordance with an embodiment of the present disclosure; and
[0034] FIG 5 is an exemplary flow diagram representation of a method for interconnecting the multi-devices by the source-destination based Quantum Key Distribution (QKD) network, through the one or more secure quantum communication channels, in accordance with an embodiment of the present disclosure.
[0035] Further, those skilled in the art will appreciate that elements in the figures are illustrated for simplicity and may not have necessarily been drawn to scale. Furthermore, in terms of the construction of the device, one or more components of the device may have been represented in the figures by conventional symbols, and the figures may show only those specific details that are pertinent to understanding the embodiments of the present disclosure so as not to obscure the figures with details that will be readily apparent to those skilled in the art having the benefit of the description herein.
DETAILED DESCRIPTION OF THE DISCLOSURE
[0036] For the purpose of promoting an understanding of the principles of the disclosure, reference will now be made to the embodiment illustrated in the figures and specific language will be used to describe them. It will nevertheless be understood that no limitation of the scope of the disclosure is thereby intended. Such alterations and further modifications in the illustrated system, and such further applications of the principles of the disclosure as would normally occur to those skilled in the art are to be construed as being within the scope of the present disclosure. It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the disclosure and are not intended to be restrictive thereof.
[0037] In the present document, the word "exemplary" is used herein to mean "serving as an example, instance, or illustration." Any embodiment or implementation of the present subject matter described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments.
[0038] The terms "comprise", "comprising", or any other variations thereof, are intended to cover a non-exclusive inclusion, such that one or more devices or sub-systems or elements or structures or components preceded by "comprises... a" does not, without more constraints, preclude the existence of other devices, sub-systems, additional sub-modules. Appearances of the phrase "in an embodiment", "in another embodiment" and similar language throughout this specification may, but not necessarily do, all refer to the same embodiment.
[0039] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by those skilled in the art to which this disclosure belongs. The system, methods, and examples provided herein are only illustrative and not intended to be limiting.
[0040] A computer system (standalone, client or server computer system) configured by an application may constitute a “module” or a “subsystem” that is configured and operated to perform certain operations. In one embodiment, the “subsystem” may be implemented mechanically or electronically, so a module or a subsystem may comprise dedicated circuitry or logic that is permanently configured (within a special-purpose processor) to perform certain operations. In another embodiment, a “module” or a “subsystem” may also comprise programmable logic or circuitry (as encompassed within a general-purpose processor or other programmable processor) that is temporarily configured by software to perform certain operations.
[0041] Accordingly, the term a “module” or a “subsystem” should be understood to encompass a tangible entity, be that an entity that is physically constructed permanently configured (hardwired) or temporarily configured (programmed) to operate in a certain manner and/or to perform certain operations described herein.
[0042] Embodiments of the present disclosure provide a system and a method for interconnecting multi-devices by a source-destination based Quantum Key Distribution (QKD) network through a secure quantum communication channel. The present disclosure provides a hub and spoke that is a networking model for efficiently managing communication or security requirements. The hub is a central network zone that is configured to control and inspect ingress or egress traffic between zones including at least one of: internet, on-premises, spokes, and the like. The hub often includes common service components that the spoke consume. The hub and spoke networking model (i.e., a hub and spoke topology) is an efficient way to enforce security policies at a central location. Further, the hub and spoke topology reduces the potential for misconfiguration and exploitation of the network.
[0043] In the hub and spoke configuration based Quantum Key Distribution (QKD) network (i.e., a source-destination based Quantum Key Distribution (QKD) network), a single hub known as a Bob (i.e., a destination QKD device), is used, and is connected to multiple spokes known as one or more Alices (one or more source QKD devices). The hub and spoke configuration based Quantum Key Distribution (QKD) network offers a cost-efficient way by reducing a total cost of ownership when multiple locations have to be interconnected to a single centralized system referred to as the hub in the present invention.
[0044] Referring now to the drawings, and more particularly to FIGs. 1 through 5, where similar reference characters denote corresponding features consistently throughout the figures, there are shown preferred embodiments and these embodiments are described in the context of the following exemplary system and/or method.
[0045] FIG. 1 illustrates an exemplary block diagram representation of a system 100 for interconnecting multi-devices by a source-destination based Quantum Key Distribution (QKD) network, through one or more secure quantum communication channels 110, in accordance with an embodiment of the present disclosure. The system 100 includes one or more source QKD devices 102A-E, and a destination QKD device 106, communicatively connected through a network. The network may be a wired communication network and/or a wireless communication network. Further, the one or more secure quantum communication channels 110 may be associated with the network. The one or more secure quantum communication channels 110 may include at least one of, but not limited to, a quantum communication channel and/or a classical communication channel 114. Therefore, the one or more source QKD devices 102A-E, and the destination QKD device 106 may be connected via at least three channels, one is the one or more secure quantum communication channels 110, second one is one or more synchronization channels 112, and third one is one or more classical communication channels 114.
[0046] In an embodiment, the one or more source QKD devices 102A-E and the destination QKD device 106 are based on a novel scheme of decoy-differential phase shift (decoy-DPS) resilient to a Photon-Number-Splitting (PNS) attack. In another embodiment, the one or more source QKD devices 102A-E and the destination QKD device 106 are basic entities of a quantum network topology (e.g., mesh and ring network topology).
[0047] In an embodiment, each source QKD device 102, and the destination QKD device 106 may enable a point-to-point quantum communication link. The one or more source QKD devices 102A-E, and the destination QKD device 106 are the quantum key distribution systems. The Point-to-point quantum key distribution (QKD) is a cryptographic technique that uses the principles of quantum mechanics to exchange secret cryptographic keys between two parties, such as the one or more source QKD devices 102A-E and the destination QKD device 106, over a communication channel. The security of the key exchange is guaranteed by the laws of quantum mechanics, which state that any attempt to eavesdrop on the one or more secure quantum communication channels 110 may be detected by the one or more source QKD devices 102A-E and the destination QKD device 106. The key generated through QKD can be used to encrypt and decrypt messages, providing a secure means of communication.
[0048] A classical network such as a classical network of the system 100 may be any known network type, may be used for post-processing. The classical network may be comprised by an arrangement of free space transmitters and receivers forming a free space network. In an embodiment, the classical network may also comprise waveguide links between the nodes, for instance fibre optic. The classical network may be implemented purely for QKD purposes, i.e., the classical network may be a backbone carrying QKD signals only, to establish quantum keys between devices/nodes that can then be used to encrypt conventional communications between the devices/nodes sent via some other medium, for instance via another network—a wired electrical, wireless, or separate classical network for example.
[0049] The classical communication channel (i.e., a pre-authenticated classical communication channel) 114 may be wired or wireless network, and the one or more secure quantum communication channels 110 and the network can be a fibre channel, a quantum channel in free space, and the like. The classical communication channel 114 may be a direct point-to-point physical connection between two devices/nodes or can be a logic connection established by connecting the two devices/nodes to a classic network. The one or more secure quantum communication channels 110 are optical networks which may be any known type of optical network allowing exchange of suitable quantum signals.
[0050] In an embodiment, the source-destination based Quantum Key Distribution (QKD) network (i.e., Hub and Spoke network) comprises of two possible configurations: an upstream configuration and a downstream configuration. The upstream configuration requires the receiver (i.e., a destination QKD device 106) as a Hub (e.g., Bob) and different transmitters (i.e., one or more source QKD devices 102A-E) as Spokes (e.g., a plurality of Alice units) share a single photon detector by ensuring that only photons from one transmitter (i.e., one of the plurality of Alice units) at a time reach the receiver (i.e., Bob Hub). Further, in the downstream configuration, each source QKD device 102 is positioned at network node (i.e., Hub) and is randomly directed to one of the destination QKD devices by a switching mechanism. The shortcomings of the downstream configuration are that each user in the network requires single photon detectors, which are often expensive. Additionally, at a given interval, each of the one or more source QKD devices 102A-E should perform all functions such as sifting, error correction, privacy amplification and the like with all the Bob hub’s present in a network which may overload at least one of the one or more source QKD devices 102A-E. As a result of the aforementioned shortcomings, the present invention implements the upstream configuration.
[0051] In an aspect, each source QKD device 102 of the one or more source QKD devices 102A-E is configured to generate, by a state preparation unit, one or more quantum states comprising a series of N coherent pulses with one or more phases of the one or more quantum states. The one or more quantum states comprises one or more signal states generated by a signal unit and one or more decoy states generated by a decoy unit. The state preparation unit is further configured to encode the one or more phases of the one or more quantum states based on a phase modulator of the state preparation unit (as shown in FIG. 3).
[0052] Each source QKD device 102 of the one or more source QKD devices 102A-E is further configured to generate, by a key generation and management unit, one or more symmetric keys with the one or more phase encoded quantum states, on a round-robin time sharing basis with control over a ratio of time slots allocated to each source QKD device 102 based on a key rate required between each source QKD device 102 and a destination QKD device 106. Each source QKD device 102 of the one or more source QKD devices 102A-E is further configured to transmit, by a state transmission unit, weak-coherent based phase encoded quantum states to the destination QKD device 106 through one or more secure quantum communication channels 110.
[0053] In an embodiment, a controllable optical switch 104 is configured to connect each source QKD device 102 of the one or more source QKD devices 102A-E with the destination QKD device 106 at a pre-defined time duration (i.e., a user configurable time duration). In an embodiment, each source QKD device 102 is connected with the destination QKD device 106, one at a time based on on-priority mechanism (i.e., round robin mechanism). In an embodiment, the controllable optical switch 104 may be configured within the destination QKD device 106.
[0054] The destination QKD device 106 is configured to receive, by a delay line interferometer unit, one or more signal pulses of the one or more signal states and one or more decoy pulses of the one or more decoy states, with one or more random phase values, from the state transmission unit of each QKD device 102. The destination QKD device 106 is further configured to generate, by the delay line interferometer unit, self-interference between the one or more signal pulses of the one or more signal states and the one or more decoy pulses of the one or more decoy states by combining one or more neighboring signal pulses and one or more neighboring decoy pulses. The destination QKD device 106 is further configured to determine, by a single photon detection unit, a self-interference result between at least two neighboring pulses in the delay line interferometer unit of the destination QKD device 106. The self-interference result indicates optimization of a neighboring pulse among the at least two neighboring pulses based on a phase difference determined between the one or more neighboring signal pulses and the one or more neighboring decoy pulses.
[0055] The destination QKD device 106 is further configured to receive, by a demodulation unit, information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses from the single photon detection unit of the destination QKD device 106. The destination QKD device 106 is further configured to decode, by the demodulation unit, the weak-coherent based phase encoded quantum states based on the information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses.
[0056] In an embodiment, the one or more synchronization channels 112 are configured to exchange timing information of each source QKD device 102 of the one or more source QKD devices 102A-E with the destination QKD device 106, and coordinate transmission and detection of the one or more quantum states, for synchronizing clocks of each source QKD device 102 of the one or more source QKD devices 102A-E with the destination QKD device 106 to correlate the exchanged timing information, at each switch of each source QKD device 102.
[0057] The components of the one or more source QKD devices 102A-E, and a destination QKD device 106 is described in more detail in FIG. 2A and 2B, respectively. Though only five source QKD devices 102A-E are indicated as 102A, 102B, 102C, 102D, and 102E in the present invention, the system 100 represents a scenario where any number of source QKD devices constitute the one or more source QKD devices 102A-E.
[0058] Those of ordinary skilled in the art will appreciate that the hardware depicted in FIG. 1 may vary for particular implementations. For example, other peripheral devices such as an optical disk drive and the like, Local Area Network (LAN), Wide Area Network (WAN), Wireless (e.g., Wi-Fi) adapter, graphics adapter, disk controller, input/output (I/O) adapter also may be used in addition or in place of the hardware depicted. The depicted example is provided for the purpose of explanation only and is not meant to imply architectural limitations with respect to the present disclosure.
[0059] Those skilled in the art will recognize that, for simplicity and clarity, the full structure and operation of all data processing systems suitable for use with the present disclosure is not being depicted or described herein. Instead, only so much of a quantum key distribution system as is unique to the present disclosure or necessary for an understanding of the present disclosure is depicted and described. The remainder of the construction and operation of the quantum key distribution system may conform to any of the various current implementation and practices known in the art.
[0060] FIG. 2A illustrates an exemplary block diagram 200 representation of the source Quantum Key Distribution (QKD) device 102 as shown in FIG 1, in accordance with an embodiment of the present disclosure. Each source Quantum Key Distribution (QKD) device 102 includes a memory 202-A, a system bus 206-A, a secure storage unit 208-A, a hardware processor(s) 210-A, one or more units 212-A, and tamper proof monitoring unit 214-A.
[0061] Each source QKD device 102 may include a quantum source (not shown) emits pairs of photons in a desired entangled state. The memory 202-A and the hardware processor 210-A may be communicatively coupled by the system bus 206-A or a similar mechanism. The hardware processor(s) 210-A, as used herein, means any type of computational circuit, such as, but not limited to, a microprocessor unit, microcontroller, complex instruction set computing microprocessor unit, reduced instruction set computing microprocessor unit, very long instruction word microprocessor unit, explicitly parallel instruction computing microprocessor unit, graphics processing unit, digital signal processing unit, or any other type of processing circuit. The hardware processor(s) 210-A may also include embedded controllers, such as generic or programmable logic devices or arrays, application specific integrated circuits, single-chip computers, and the like.
[0062] The memory 202-A may be non-transitory volatile memory and non-volatile memory. The memory 202-A may be coupled for communication with the hardware processor(s) 210-A, such as being a computer-readable storage medium. The hardware processor(s) 210-A may execute machine-readable instructions and/or source code stored in the memory 202-A. A variety of machine-readable instructions may be stored in and accessed from the memory 202-A. The memory 202-A may include any suitable elements for storing data and machine-readable instructions, such as read only memory, random access memory, erasable programmable read only memory, electrically erasable programmable read only memory, a hard drive, a removable media drive for handling compact disks, digital video disks, diskettes, magnetic tape cartridges, memory cards, and the like. In the present embodiment, the memory 202-A includes a plurality of subsystems stored in the form of machine-readable instructions on any of the above-mentioned storage media and may be in communication with and executed by the hardware processor(s) 210-A.
[0063] The memory 202-A includes a plurality of modules 204-A in the form of programmable instructions executable by the one or more hardware processors 210-A. The plurality of modules 204-A may also include a computation engine 205-A. The plurality of modules 204-A may be configured to execute the one or more units 212-A. The one or more units 212-A includes the state preparation unit 216, the security analysis unit 218, the key generation and management unit 220, the state transmission unit 222, and a time control unit 224.
[0064] In an embodiment, the state preparation unit 216 may be configured to generate the one or more quantum states comprising the series of N coherent pulses with the one or more phases of the one or more quantum states. The one or more quantum states comprises the one or more signal states generated using the signal unit 216A and one or more decoy states generated using the decoy unit 216B. In an embodiment, the one or more signal states may be used for generating of secure symmetric keys, and the one or more decoy states may be used to detect eavesdropping.
[0065] The one or more phases comprises an initial phase of each of the one or more quantum states. The initial phase is a starting point or a reference point for the one or more phases of the N coherent pulses. The one or more phases comprises an encoded phase in which each of the series of N coherent pulses is encoded with a phase ?n. The phase ?n comprises at least one of a ‘0’ value and a ‘p’ value. The at least one of a ‘0’ value and a ‘p’ value of the phase ?n is used to encode information to generate a shared secret key for a secure communication over the one or more secure quantum communication channels 110. Further, the state preparation unit 216 may be configured to attenuate, a transmission power of the one or more signal states and the one or more decoy states to control average number of photons for each of the series of N coherent pulses less than unity for a signal state and a decoy state. The N coherent pulses correspond to the highly attenuated pulses whose mean photon number (MPN) is less than unity. Average number of photons are always less than 1 both for the signal and decoy pulse. For examples, for decoy pulses, average photon number is 0.2 and for signal it is around 0.7. For both signal and decoy state, Mean Photon Number (MPN) is less than 1. Attenuating the transmission power comprises a plurality of levels of attenuation of the N coherent pulses. The transmission power is attenuated to establish average number of photons for each of the N coherent pulses is less than unity for the signal state and the decoy state.
[0066] The one or more quantum states are generated using a chain of optical components (not shown in FIG. 1) comprising a laser, an inline polarizer, a True Random Number Generator (TRNG), an intensity modulator, a Delay Line Interferometer (DLI), the phase modulator, and a variable optical attenuator (VOA). The intensity modulator and the pulse modulator are used to randomly generate one or more signal pulses of the one or more signal states or one or more decoy pulses of the one or more decoy states. The TRNG is used to randomly select the one or more signal pulses and the one or more decoy pulses. Further, the variable optical attenuator (VOA) may be configured to attenuate a transmission power of the one or more signal states and the one or more decoy states to control average number of photons for each of the series of N coherent pulses less than unity for a signal state and a decoy state.
[0067] In an embodiment, the phase modulator (or the encoding unit) of the state preparation unit 216 is configured to encode the one or more phases of the one or more quantum states. In an embodiment, the security analysis unit 218 of each source QKD device 102 may be configured to analyze a drop in yield for the one or more signal states and the one or more decoy states due to one or more factors, based on received time information. In an embodiment, the security analysis unit 218 may be configured to determine at least one of: a photon number dependent yield and a photon number dependent quantum bit error rate (QBER) based on detection information received from the destination QKD device 106.
[0068] In an embodiment, the key generation and management unit 220 is configured to generate the one or more symmetric keys with the one or more phase encoded quantum states, on the round-robin time-sharing basis with the control over the ratio of time slots allocated to each source QKD device 102 based on the key rate required between each source QKD device 102 and the destination QKD device 106. In an embodiment, the key generation and management unit 220 may be configured to perform at least one of a termination and a continuation of generating the one or more symmetric keys, based on a baseline decoy Quantum Bit Error Rate (QBER) and a baseline signal Quantum Bit Error Rate (QBER) and the photon number dependent yield of the one or more signal pulses and the one or more decoy pulses, and performing privacy amplification based on the upper bound of the single photon signal QBER to generate the one or more symmetric keys and to assign a key-id.
[0069] In an embodiment, the time control unit 224 is configured to respond to a control request of the destination QKD device 106. The time control unit 224 is configured to ensure the connection time requests of the one or more source QKD devices 102A-E are addressed efficiently. The time control unit 224 may have at least one of: a default round-robin mode of operation, a user configurable operation, and the like. In an embodiment, the state transmission unit 222 is configured to transmit the weak-coherent based phase encoded quantum states to the destination QKD device 106 through the one or more secure quantum communication channels 110.
[0070] FIG. 2B illustrates an exemplary block diagram 200B representation of the destination Quantum Key Distribution (QKD) device 106 as shown in FIG 1, in accordance with an embodiment of the present disclosure. The destination Quantum Key Distribution (QKD) device 106 includes a memory 202-B, a system bus 206-B, a secure storage unit 208-B, a hardware processor(s) 210-B, one or more units 212-B, and a tamper-proof monitoring unit 214-B.
[0071] The memory 202-B and the hardware processor(s) 210-B may be communicatively coupled by a system bus 206-B or a similar mechanism. The hardware processor(s) 210-B, as used herein, means any type of computational circuit, such as, but not limited to, a microprocessor unit, microcontroller, complex instruction set computing microprocessor unit, reduced instruction set computing microprocessor unit, very long instruction word microprocessor unit, explicitly parallel instruction computing microprocessor unit, graphics processing unit, digital signal processing unit, or any other type of processing circuit. The hardware processor(s) 210-B may also include embedded controllers, such as generic or programmable logic devices or arrays, application specific integrated circuits, single-chip computers, and the like.
[0072] The memory 202-B may be non-transitory volatile memory and non-volatile memory. The memory 202-B may be coupled for communication with the hardware processor(s) 210-B, such as being a computer-readable storage medium. The hardware processor(s) 210-B may execute machine-readable instructions and/or source code stored in the memory 202-B. A variety of machine-readable instructions may be stored in and accessed from the memory 202-B. The memory 202-B may include any suitable elements for storing data and machine-readable instructions, such as read only memory, random access memory, erasable programmable read only memory, electrically erasable programmable read only memory, a hard drive, a removable media drive for handling compact disks, digital video disks, diskettes, magnetic tape cartridges, memory cards, and the like. In the present embodiment, the memory 202-B includes a plurality of subsystems stored in the form of machine-readable instructions on any of the above-mentioned storage media and may be in communication with and executed by the hardware processor(s) 210-B.
[0073] The memory 202-B includes a plurality of modules 204-B in the form of programmable instructions executable by the one or more hardware processors 210-B. The plurality of modules 204-B may also include a computation engine 205-B. The plurality of modules 204-B may be configured to execute the one or more units 212-B. The one or more units 212-B includes the delay line interferometer unit 226, the single photon detection unit 228, the demodulation unit 230, and a time control master unit 232.
[0074] In an embodiment, the delay line interferometer unit 226 is configured to receive the one or more signal pulses of the one or more signal states and the one or more decoy pulses of the one or more decoy states, with the one or more random phase values, from the state transmission unit 222 of each source QKD device 102. The delay line interferometer unit 226 is further configured to generate the self-interference between the one or more signal pulses of the one or more signal states and the one or more decoy pulses of the one or more decoy states by combining the one or more neighboring signal pulses and the one or more neighboring decoy pulses.
[0075] In an embodiment, the single photon detection unit 228 is configured to determine the self-interference result between at least two neighboring pulses in the delay line interferometer unit 226. The self-interference result indicates optimization of the neighboring pulse among the at least two neighboring pulses based on the phase difference determined between the one or more neighboring signal pulses and the one or more neighboring decoy pulses.
[0076] In an embodiment, the demodulation unit 230 is configured to receive the information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses from the single photon detection unit 228. The demodulation unit 230 is further configured to decode the weak-coherent based phase encoded quantum states based on the information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses. In an embodiment, the time control master unit 232 is configured to respond to a control request of the destination QKD device 106.
[0077] In an embodiment, the destination QKD device 106 may include the controllable optical switch 104 that is configured to connect each source QKD device 102 of the one or more source QKD devices 102A-E with the destination QKD device 106 at the pre-defined time duration. In an embodiment, each source QKD device 102 is connected with the destination QKD device 106, one at a time based on round robin mechanism.
[0078] In an exemplary scenario, the controllable optical switch 104 is configured to connect a first source QKD device 102A with the destination QKD device 106 when the first source QKD device 102A needs to be connected with the destination QKD device 106 at the pre-defined time duration, on a priority (i.e., a demand on the connection between the first source QKD device 102A with the destination QKD device 106). The controllable optical switch 104 is further configured to connect a second source QKD device 102B with the destination QKD device 106 in the round robin mechanism upon the connection between the first source QKD device 102A and the destination QKD device 106 is completed.
[0079] In an embodiment, the controllable optical switch 104 may include a controller 108. The controller 108 is connected to an external control circuit for selecting an optical path for each source QKD device 102 by configuring at least four data bits as an input to the controllable optical switch 104.
[0080] FIG. 3 illustrates an exemplary block diagram 300 representation of the state preparation unit 216 associated with each source QKD device 102 of the one or more source QKD devices 102A-E, in accordance with an embodiment of the present disclosure. The state preparation unit 216 includes one or more state protocol blocks (i.e., one or more optical components) in quantum key distribution (QKD) including at least one of: the intensity modulator (IM) 302, the true random number generator (TRNG) 304A and 304-B, the phase modulator (PM) 306, the variable optical attenuator (VOA) 308. The destination QKD device 106 includes at least one of: a Delay Line Interferometer (DLI) 310, a Single-Photon Detectors (SPD) 312-1 and 312-2 can enhance the security of the QKD system 100, and a laser source (i.e., an optical source pulse) 314.
[0081] For example, the source QKD device 102 may utilize the IM 302 to randomly generate the one or more signal and decoy pulses, which are then subjected to attenuation by the VOA 308. The IM 302 and the TRNG 304 are utilized together to generate random phase values that are applied to the one or more signal and decoy pulses by the PM 306. The one or more signal and decoy pulses are then combined using the DLI 310, which creates self-interference between the two consecutive pulses. The DLI 310 shifts the pulse train by one pulse in its longer path. The normal pulse train and the shifted pulse train self-interfere at either of the two channels of the DLI 310 depending upon the phase difference. Two consecutive pulses could be both signal and/or decoy pulses.
[0082] The resulting self-interference is detected by SPDs 312-1, and 312-2. The destination QKD device 106 utilizes the measurement results to extract the one or more symmetric keys.
[0083] By utilizing decoy states with different mean photon numbers, the destination QKD device 106 can detect if an eavesdropper is present and attempting to intercept the transmission. The use of the state protocol blocks (i.e., the optical components) with IM 302, TRNG 304, PM 306, VOA 308, DLI 310, and SPD 312, can significantly improve the security of the QKD system 100 and make it more resistant to attacks by eavesdroppers. In the state protocol blocks, in quantum key distribution (QKD), several components are commonly used to prepare and manipulate the quantum states, as well as to measure them. These components can include the Intensity Modulator (IM) 302, where the source QKD device 102 utilizes the IM 302 to modulate the intensity of the laser pulses 314, allowing the source QKD device 102 to randomly generate the one or more signal and decoy pulses. The True Random Number Generator (TRNG) 304 is used to generate a random sequence of numbers, which is used to control the intensity of the laser pulses 314 generated by the IM 302. Further, the Phase Modulator (PM) 306 is used to modulate the phase of the laser pulses 314, allowing the source QKD device 102 to encode the secret key bits into the quantum states. The source QKD device 102 utilizes the Variable Optical Attenuator (VOA) 308 to attenuate the transmission power of the laser pulses 314, creating the one or more decoy states with different mean photon numbers. Further, the Delay Line Interferometer (DLI) 310 is used to separate the one or more signal and decoy states and to align them in time. Additionally, the Single-Photon Detector (SPD) 312 is used by the destination QKD device 106 to measure the quantum states sent by the source QKD device 102 and to detect any potential eavesdropping.
[0084] FIG 4 illustrates an exemplary block diagram 400 representation of a trusted relay between the one or more source QKD devices 102A-E by the destination Quantum Key Distribution (QKD) device 106 acting as a quantum resistant device 402, in accordance with an embodiment of the present disclosure. The destination QKD device 106 as the quantum resistant device 402 is initially configured to initiate a connection with each source QKD device 102 of the one or more source QKD devices 102A-B (as shown in FIG. 4). The destination QKD device 106 as the quantum resistant device 402 is further configured to receive, the weak-coherent based phase encoded quantum states from each source QKD device 102 of the one or more source QKD devices 102A-B.
[0085] The destination QKD device 106 as the quantum resistant device 402 is further configured to perform one-time pair operation with the weak-coherent based phase encoded quantum states received from each source QKD device 102 of the one or more source QKD devices 102A-B. In an embodiment, destination QKD device 106 may include the time control master unit 232 configured to respond to the control request of the destination QKD device 106.
[0086] The destination QKD device 106 as the quantum resistant device 402 is further configured to transmit the one-time paired weak-coherent based phase encoded quantum states to each source QKD device 102 of the one or more source QKD devices 102A-B. The destination QKD device 106 as the quantum resistant device 402 is further configured to establish the connection between each source QKD device 102 of the one or more source QKD devices 102A-B based on the one-time paired weak-coherent based phase encoded quantum states transmitted to each source QKD device 102 of the one or more source QKD devices 102A-B.
[0087] FIG 5 is an exemplary flow diagram representation of a method 500 for interconnecting the multi-devices by the source-destination based Quantum Key Distribution (QKD) network, through the one or more secure quantum communication channels 110, in accordance with an embodiment of the present disclosure.
[0088] At block 502, the method 500 includes generating, by the state preparation unit 216 of each source Quantum Key Distribution (QKD) device 102 associated with the system 100, the one or more quantum states including the series of N coherent pulses with the one or more phases of the one or more quantum states. The one or more quantum states includes the one or more signal states generated by the signal unit 216A and the one or more decoy states generated by the decoy unit 216B.
[0089] At block 504, the method 500 further includes encoding, by the phase modulator 306 (or the encoding unit) of the state preparation unit 216 of each source QKD device 102, the one or more phases of the one or more quantum states.
[0090] At step 506, the method 500 further includes generating, by the key generation and management unit 220 of each source QKD device 102, the one or more symmetric keys with the one or more phase encoded quantum states, on the round-robin time-sharing basis with the control over the ratio of time slots allocated to each source QKD device 102 based on the key rate required between each source QKD device 102 and the destination QKD device 106.
[0091] At step 508, the method 500 further includes transmitting, by the state transmission unit 222 of each source QKD device 102, the weak-coherent based phase encoded quantum states to the destination QKD device 106 through the one or more secure quantum communication channels 110.
[0092] At step 510, the method 500 further includes connecting, by the controllable optical switch 104, each source QKD device 102 of the one or more source QKD devices 102A-E with the destination QKD device 106 at the pre-defined time duration. Each source QKD device 102 is connected with the destination QKD device 106, one at the time based on the on-priority mechanism (or the round robin mechanism).
[0093] At step 512, the method 500 further includes receiving, by the delay line interferometer unit 226 of the destination QKD device 106, the one or more signal pulses of the one or more signal states and one or more decoy pulses of the one or more decoy states, with the one or more random phase values, from the state transmission unit 222 of the source QKD device 102.
[0094] At step 514, the method 500 further includes generating, by the delay line interferometer unit 226 of the destination QKD device 106, the self-interference between the one or more signal pulses of the one or more signal states and the one or more decoy pulses of the one or more decoy states by combining the one or more neighboring signal pulses and the one or more neighboring decoy pulses.
[0095] At step 516, the method 500 further includes determining, by the single photon detection unit 228 of the destination QKD device 106, the self-interference result between at least two neighboring pulses in the delay line interferometer unit 226. The self-interference result indicates optimization of the neighboring pulse among the at least two neighboring pulses based on the phase difference determined between the one or more neighboring signal pulses and the one or more neighboring decoy pulses.
[0096] At step 518, the method 500 further includes receiving, by the demodulation unit 230 of the destination QKD device 106, the information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses from the single photon detection unit 228.
[0097] At step 520, the method 500 further includes decoding, by the demodulation unit 230 of the destination QKD device 106, the weak-coherent based phase encoded quantum states based on the information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses.
[0098] The method 500 may be implemented in any suitable hardware, software, firmware, or combination thereof. The order in which the method 500 is described is not intended to be construed as a limitation, and any number of the described method blocks may be combined or otherwise performed in any order to implement the method 500 or an alternate method. Additionally, individual blocks may be deleted from the method 500 without departing from the spirit and scope of the present disclosure described herein. Furthermore, the method 500 may be implemented in any suitable hardware, software, firmware, or a combination thereof, that exists in the related art or that is later developed. The method 500 describes, without limitation, the implementation of the system 100. A person of skill in the art will understand that method 500 may be modified appropriately for implementation in various manners without departing from the scope and spirit of the disclosure.
[0099] The present invention has the following advantages. The system 100 with the source-destination based Quantum Key Distribution (QKD) network is configured to optimize an overall setup and reduces the total number of equipment that would be required in any conventional QKD network. The present invention implements the system 100 with the source-destination based Quantum Key Distribution (QKD) network over longer distances in a cost-efficient manner.
[0100] The system 100 with the source-destination based Quantum Key Distribution (QKD) network has applicability in circumstances where communication between critical infrastructure is to be protected. The system 100 with the source-destination based Quantum Key Distribution (QKD) network finds applications in various domains such as defence, critical Infrastructure, secret service agencies, financial service companies, telecom and data centre service providers, health care organizations, and the like. Additionally, the system 100 with the source-destination based Quantum Key Distribution (QKD) network can be utilized to secure communication between data centres, multiple defence units, branches of financial institutes or to secure the backbone of a telecommunication network.
[0101] Traditionally, single Alice (Transmitter) establishes connection with multiple Bobs (receiver). However, this is not the cost-efficient P2M QKD. The present invention have reversed the approach by considering single Bob and multiple Alices. Thus, the system 100 with the source-destination based Quantum Key Distribution (QKD) network are 40% more effective and cost efficient than the conventional QKD networks.
[0102] The embodiments herein can comprise hardware and software elements. The embodiments that are implemented in software include but are not limited to, firmware, resident software, microcode, etc. The functions performed by various modules described herein may be implemented in other modules or combinations of other modules. For the purposes of this description, a computer-usable or computer readable medium can be any apparatus that can comprise, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
[0103] The medium can be an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium. Examples of a computer-readable medium include a semiconductor or solid-state memory, magnetic tape, a removable computer diskette, a random-access memory (RAM), a read-only memory (ROM), a rigid magnetic disk and an optical disk. Current examples of optical disks include compact disk-read only memory (CD-ROM), compact disk-read/write (CD-R/W) and DVD.
[0104] Input/output (I/O) devices (including but not limited to keyboards, displays, pointing devices, etc.) can be coupled to the system either directly or through intervening I/O controllers. Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks. Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
[0105] A representative hardware environment for practicing the embodiments may include a hardware configuration of an information handling/computer system in accordance with the embodiments herein. The system 100 herein comprises at least one processor or central processing unit (CPU). The CPUs are interconnected via system bus to various devices such as a random-access memory (RAM), read-only memory (ROM), and an input/output (I/O) adapter. The I/O adapter can connect to peripheral devices, such as disk units and tape drives, or other program storage devices that are readable by the system 100. The system 100 can read the inventive instructions on the program storage devices and follow these instructions to execute the methodology of the embodiments herein.
[0106] The system 100 further includes a user interface adapter that connects a keyboard, mouse, speaker, microphone, and/or other user interface devices such as a touch screen device (not shown) to the bus to gather user input. Additionally, a communication adapter connects the bus to a data processing network, and a display adapter connects the bus to a display device which may be embodied as an output device such as a monitor, printer, or transmitter, for example.
[0107] A description of an embodiment with several components in communication with each other does not imply that all such components are required. On the contrary, a variety of optional components are described to illustrate the wide variety of possible embodiments of the invention. When a single device or article is described herein, it will be apparent that more than one device/article (whether or not they cooperate) may be used in place of a single device/article. Similarly, where more than one device or article is described herein (whether or not they cooperate), it will be apparent that a single device/article may be used in place of the more than one device or article or a different number of devices/articles may be used instead of the shown number of devices or programs. The functionality and/or the features of a device may be alternatively embodied by one or more other devices which are not explicitly described as having such functionality/features. Thus, other embodiments of the invention need not include the device itself.
[0108] The specification has described the method 500 and the system 100 for distributing quantum keys on a quantum device. The illustrated steps are set out to explain the exemplary embodiments shown, and it should be anticipated that ongoing technological development will change the manner in which particular functions are performed. These examples are presented herein for purposes of illustration, and not limitation. Further, the boundaries of the functional building blocks have been arbitrarily defined herein for the convenience of the description. Alternative boundaries can be defined so long as the specified functions and relationships thereof are appropriately performed. Alternatives (including equivalents, extensions, variations, deviations, etc., of those described herein) will be apparent to persons skilled in the relevant art(s) based on the teachings contained herein. Such alternatives fall within the scope and spirit of the disclosed embodiments. Also, the words “comprising,” “having,” “containing,” and “including,” and other similar forms are intended to be equivalent in meaning and be open-ended in that an item or items following any one of these words is not meant to be an exhaustive listing of such item or items or meant to be limited to only the listed item or items. It must also be noted that as used herein and in the appended claims, the singular forms “a,” “an,” and “the” include plural references unless the context clearly dictates otherwise.
[0109] It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the disclosure and are not intended to be restrictive thereof.
[0110] While specific language has been used to describe the disclosure, any limitations arising on account of the same are not intended. As would be apparent to a person skilled in the art, various working modifications may be made to the method in order to implement the inventive concept as taught herein.
[0111] The figures and the foregoing description give examples of embodiments. Those skilled in the art will appreciate that one or more of the described elements may well be combined into a single functional element. Alternatively, certain elements may be split into multiple functional elements. Elements from one embodiment may be added to another embodiment. For example, the order of processes described herein may be changed and are not limited to the manner described herein. Moreover, the actions of any flow diagram need not be implemented in the order shown; nor do all the acts need to be necessarily performed. Also, those acts that are not dependent on other acts may be performed in parallel with the other acts. The scope of embodiments is by no means limited by these specific examples.
,CLAIMS:CLAIMS
We claim:
1. A system (100) for interconnecting multi-devices by a source-destination based Quantum Key Distribution (QKD) Network, the system (100) comprising:
one or more source Quantum Key Distribution (QKD) devices (102A-E), wherein each source QKD device (102) of the one or more source QKD devices (102A-E) comprising:
a state preparation unit (216) configured to:
generate one or more quantum states comprising a series of N coherent pulses with one or more phases of the one or more quantum states, wherein the one or more quantum states comprises one or more signal states generated by a signal unit (216A) and one or more decoy states generated by a decoy unit (216B);
encode the one or more phases of the one or more quantum states by a phase modulator (306) of the state preparation unit (216);
a key generation and management unit (220) configured to generate one or more symmetric keys with the one or more phase encoded quantum states, on a round-robin time-sharing basis with control over a ratio of time slots allocated to each source QKD device (102) based on a key rate required between each source QKD device (102) and a destination QKD device (106); and
a state transmission unit (222) configured to transmit weak-coherent based phase encoded quantum states to the destination QKD device (106) through one or more secure quantum communication channels (110);
a controllable optical switch (104) configured to:
connect each source QKD device (102) of the one or more source QKD devices (102A-E) with the destination QKD device (106) at a pre-defined time duration, wherein each source QKD device (102) is connected with the destination QKD device (106), one at a time based on on-priority mechanism;
the destination QKD device (106) comprising:
a delay line interferometer unit (226) configured to:
receive one or more signal pulses of the one or more signal states and one or more decoy pulses of the one or more decoy states, with one or more random phase values, from the state transmission unit (222) of each source QKD device (102); and
generate self-interference between the one or more signal pulses of the one or more signal states and the one or more decoy pulses of the one or more decoy states by combining one or more neighboring signal pulses and one or more neighboring decoy pulses;
a single photon detection unit (228) configured to:
determine a self-interference result between at least two neighboring pulses in the delay line interferometer unit (226), wherein the self-interference result indicates optimization of a neighboring pulse among the at least two neighboring pulses based on a phase difference determined between the one or more neighboring signal pulses and the one or more neighboring decoy pulses;
a demodulation unit (230) configured to:
receive information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses from the single photon detection unit (228); and
decode the weak-coherent based phase encoded quantum states based on the information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses; and
one or more synchronization channels (112) configured to exchange timing information of each source QKD device (102) of the one or more source QKD devices (102A-E) with the destination QKD device (106), and coordinate transmission and detection of the one or more quantum states, for synchronizing clocks of each source QKD device (102) of the one or more source QKD devices (102A-E) with the destination QKD device (106) to correlate the exchanged timing information, at each switch of each source QKD device (102).

2. The system (100) as claimed in claim 1, wherein the security analysis unit (218) is configured to determine at least one of: a photon number dependent yield and a photon number dependent quantum bit error rate (QBER) based on detection information received from the destination QKD device (106).

3. The system (100) as claimed in claim 1, wherein:
the one or more source QKD devices (102A-E) and the destination QKD device (106) are based on a novel scheme of decoy-differential phase shift (decoy-DPS) resilient to a Photon-Number-Splitting (PNS) attack, and
the one or more source QKD devices (102A-E) and the destination QKD device (106) are basic entities of a quantum network topology.

4. The system (100) as claimed in claim 1, wherein the state preparation unit (216) comprises one or more optical components comprising at least one of:
an intensity modulator (IM) (302) configured to modulate an intensity of optical source pulses (314) for randomly generating the one or more signal pulses and the one or more decoy pulses;
a true random number generator (TRNG) (304) configured to generate a random sequence of number for controlling an intensity of the one or more signal pulses and the one or more decoy pulses generated by the intensity modulator (302);
the phase modulator (PM) (306) configured to modulate the one or more phases of the one or more signal pulses and the one or more decoy pulses for encoding one or more secret key bits into the one or more quantum states; and
a variable optical attenuator (VOA) (308) configured to attenuate transmission power of the optical source pulses (314) for creating the one or more decoy states with one or more mean photon numbers.

5. The system (100) as claimed in claim 1, wherein the controllable optical switch (104) is further configured to:
connect a first source QKD device (102A) with the destination QKD device (106) when the first source QKD device (102A) needs to be connected with the destination QKD device (106) at the pre-defined time duration, on a priority; and
connect a second source QKD device (102B) with the destination QKD device (106) in the round robin mechanism upon the connection between the first source QKD device (102A) and the destination QKD device (106) is completed.

6. The system (100) as claimed in claim 1, wherein each source QKD device (102) of the one or more source QKD devices (102A-E) is communicated through the destination QKD device (106) by:
initiating, by the destination QKD device (106), a connection with each source QKD device (102) of the one or more source QKD devices (102A-E);
receiving, by the destination QKD device (106), the weak-coherent based phase encoded quantum states from each source QKD device (102) of the one or more source QKD devices (102A-E);
performing, by the destination QKD device (106), one-time pair operation with the weak-coherent based phase encoded quantum states received from each source QKD device (102) of the one or more source QKD devices (102A-E), wherein the destination QKD device (106) comprises a time control master unit (232) configured to respond to a control request of the destination QKD device (106);
transmitting, by the destination QKD device (106), the one-time paired weak-coherent based phase encoded quantum states to each source QKD device (102) of the one or more source QKD devices (102A-E); and
establishing, by the destination QKD device (106), the connection between each source QKD device (102) of the one or more source QKD devices (102A-E) based on the one-time paired weak-coherent based phase encoded quantum states transmitted to each source QKD device (102) of the one or more source QKD devices (102A-E).

7. The system (100) as claimed in claim 1, wherein the controllable optical switch (104) comprises a controller (108), and wherein the controller (108) is connected to an external control circuit for selecting an optical path for each source QKD device (102) by configuring at least four data bits as an input to the controllable optical switch (104).

8. A method (500) for interconnecting multi-devices by a source-destination based Quantum Key Distribution (QKD) Network, the method (500) comprising:
generating (502), by a state preparation unit (216) of each source Quantum Key Distribution (QKD) device (102) associated with a system (100), one or more quantum states comprising a series of N coherent pulses with one or more phases of the one or more quantum states, wherein the one or more quantum states comprises one or more signal states generated by a signal unit (216A) and one or more decoy states generated by a decoy unit (216B);
encoding (504), by a phase modulator (306) of the state preparation unit (216) of each source QKD device (102), the one or more phases of the one or more quantum states;
generating (506), by a key generation and management unit (220) of each source QKD device (102), one or more symmetric keys with the one or more phase encoded quantum states, on a round-robin time-sharing basis with control over a ratio of time slots allocated to each source QKD device (102) based on a key rate required between each source QKD device (102) and a destination QKD device (106);
transmitting (508), by a state transmission unit (222) of each source QKD device (102), weak-coherent based phase encoded quantum states to the destination QKD device (106) through one or more secure quantum communication channels (110);
connecting (510), by a controllable optical switch (104), each source QKD device (102) of the one or more source QKD devices (102A-E) with the destination QKD device (106) at a pre-defined time duration, wherein each source QKD device (102) is connected with the destination QKD device (106), one at a time based on on-priority mechanism;
receiving (512), by a delay line interferometer unit (226) of the destination QKD device (106), one or more signal pulses of the one or more signal states and one or more decoy pulses of the one or more decoy states, with one or more random phase values, from the state transmission unit (222) of the source QKD device (102);
generating (514), by the delay line interferometer unit (226) of the destination QKD device (106), self-interference between the one or more signal pulses of the one or more signal states and the one or more decoy pulses of the one or more decoy states by combining one or more neighboring signal pulses and one or more neighboring decoy pulses;
determining (516), by a single photon detection unit (228) of the destination QKD device (106), a self-interference result between at least two neighboring pulses in the delay line interferometer unit (226), wherein the self-interference result indicates optimization of a neighboring pulse among the at least two neighboring pulses based on a phase difference determined between the one or more neighboring signal pulses and the one or more neighboring decoy pulses;
receiving (518), by a demodulation unit (230) of the destination QKD device (106), information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses from the single photon detection unit (228); and
decoding (520), by the demodulation unit (230) of the destination QKD device (106), the weak-coherent based phase encoded quantum states based on the information associated with the phase difference between the one or more neighboring signal pulses and the one or more neighboring decoy pulses.

9. The method (500) as claimed in claim 8, further comprising determining, by the security analysis unit (218), at least one of: a photon number dependent yield and a photon number dependent quantum bit error rate (QBER) based on detection information received from the destination QKD device (106).

10. The method (500) as claimed in claim 8, wherein:
the one or more source QKD devices (102A-E) and the destination QKD device (106) are based on a novel scheme of decoy-differential phase shift (decoy-DPS) resilient to a Photon-Number-Splitting (PNS) attack, and
the one or more source QKD devices (102A-E) and the destination QKD device (106) are basic entities of a quantum network topology.

11. The method (500) as claimed in claim 8, further comprising:
exchanging, by one or more synchronization channels (112), timing information of each source QKD device (102) of the one or more source QKD devices (102A-E) with the destination QKD device (106); and
coordinating, by the one or more synchronization channels (112), transmission and detection of the one or more quantum states, for synchronizing clocks of each source QKD device (102) of the one or more source QKD devices (102A-E) with the destination QKD device (106) to correlate the exchanged timing information, at each switch of each source QKD device (102).

12. The method (500) as claimed in claim 8, further comprising:
modulating, by an intensity modulator (IM) (302) of the state preparation unit (216), an intensity of optical source pulses (314) for randomly generating the one or more signal pulses and the one or more decoy pulses;
generating, by a true random number generator (TRNG) (304) of the state preparation unit (216), a random sequence of number for controlling an intensity of the one or more signal pulses and the one or more decoy pulses generated by the intensity modulator (302);
modulating, by the phase modulator (PM) (306) of the state preparation unit (216), the one or more phases of the one or more signal pulses and the one or more decoy pulses for encoding one or more secret key bits into the one or more quantum states; and
attenuating, by a variable optical attenuator (VOA) (308) of the state preparation unit (216), transmission power of the optical source pulses (314) for creating the one or more decoy states with one or more mean photon numbers.

13. The method (500) as claimed in claim 8, further comprising:
connecting, by the controllable optical switch (104), a first source QKD device (102A) with the destination QKD device (106) when the first source QKD device (102A) needs to be connected with the destination QKD device (106) at the pre-defined time duration, on a priority; and
connecting, by the controllable optical switch (104), a second source QKD device (102B) with the destination QKD device (106) in the round robin mechanism upon the connection between the first source QKD device (102A) and the destination QKD device (106) is completed.

14. The method (500) as claimed in claim 8, further comprising communicating each source QKD device (102) of the one or more source QKD devices (102A-E) through the destination QKD device (106) by:
initiating, by the destination QKD device (106), a connection with each source QKD device (102) of the one or more source QKD devices (102A-E);
receiving, by the destination QKD device (106), the weak-coherent based phase encoded quantum states from each source QKD device (102) of the one or more source QKD devices (102A-E);
performing, by the destination QKD device (106), one-time pair operation with the weak-coherent based phase encoded quantum states received from each source QKD device (102) of the one or more source QKD devices (102A-E), wherein the destination QKD device (106) comprises a time control master unit (232) configured to respond to a control request of the destination QKD device (106);
transmitting, by the destination QKD device (106), the one-time paired weak-coherent based phase encoded quantum states to each source QKD device (102) of the one or more source QKD devices (102A-E); and
establishing, by the destination QKD device (106), the connection between each source QKD device (102) of the one or more source QKD devices (102A-E) based on the one-time paired weak-coherent based phase encoded quantum states transmitted to each source QKD device (102) of the one or more source QKD devices (102A-E).

15. The method (500) as claimed in claim 8, wherein the controllable optical switch (104) comprises a controller (108), and wherein the controller (108) is connected to an external control circuit for selecting an optical path for each source QKD device (102) by configuring at least four data bits as an input to the controllable optical switch (104).
Dated this 23rd day of January 2024

Vidya Bhaskar Singh Nandiyal
Patent Agent (IN/PA-2912)
Agent for applicant