From 0679a9e506a23db75cc2f50ecf56932f7709b71d Mon Sep 17 00:00:00 2001 From: jaseg Date: Thu, 8 May 2025 17:38:19 +0200 Subject: [PATCH] Shortening WIP --- paper.tex | 58 ++++++------------------------------------------------- 1 file changed, 6 insertions(+), 52 deletions(-) diff --git a/paper.tex b/paper.tex index 39c39a0..9e31625 100644 --- a/paper.tex +++ b/paper.tex @@ -185,65 +185,19 @@ overlapping them, since the mesh's rotation makes any attack on such a joint exc \section{QKD in an IHSM} -\subsection{Physical requirements of QKD transceivers} +Since IHSMs are particularly suited to large payloads, fitting the components of a QKD node inside one is +straightforward. However, QKD links have one unique requirement: Many systems require several physical fibers for each +QKD link. Often, in addition to a fiber for classical communication, one fiber is needed to transmit a reference clock +to the other end of the link, and another fiber is needed for the quantum channel. With a QKD relay needing at least two +links, this results in at least five fibers assuming all classical networking can be multiplexed on a single fiber. -Putting a QKD relay node and associated machinery inside of an IHSM, we first need to answer two key questions. First, -\emph{will it fit?}, and second, \emph{Can we hook it up?}. In the following paragraphs, we will go through several -aspects of these general questions one by one. - -\paragraph{Physical dimensions.} -At this point, a number of commercial systems promising QKD exist. Common QKD protocols do not require any particularly -large or power-hungry components, and so commercial systems have generally adopted the 19 Inch rackmount enclosure -standard that is common to modern telecommunications equipment, with a width of $\approx\qty{50}{\centi\meter}$, a -height between $\approx\qtyrange{4}{30}{\centi\meter}$ and a depth below $\approx\qty{100}{\centi\meter}$. While -something of this size would be infeasible to protect with the security mesh of a traditional hardware security module, -placed vertically, even without modifications any of these systems are well within an envelope that can be protected -with a single IHSM cage. - -\paragraph{Power supply.} -QKD systems do not contain any particularly power-hungry components. Unlike quantum computers, most of the signal path -is optical, and as such can be implemented with room-temperature fiber-optic components. Only the single-photon -detectors may require cooling in some systems, but unlike something like an ion trap quantum computer's processor, -energy-intensive deep cryogenic cooling is not necessary. Most manufacturers don't quote the power requirements of their -systems, but we were able to find that IDQuantique specifies their QKD systems to be able to run off a single -\qty{300}{\watt} power supply\cite{ClavisXGQKD2024}. In an inertial HSM, power up to several \unit{\kilo\watt} can -easily be transferred to the payload with through-axis cables. - -\paragraph{Cooling.} -While the few hundred Watt of power that QKD systems require could easily be transported through the mesh of a a -traditional HSM as well, cooling that amount of thermal load purely by heat conduction through centimeters of epoxy -resin would make implementation infeasible in traditional HSM. In an IHSM on the other hand, up to several -\unit{\kilo\watt} can easily be dissipated through forced-air cooling since the rotating security mesh can have an -arbitrary amount of longitudinal openings. - -\paragraph{Data and signals.} -A QKD transceiver has a number of ports in addition the port for the fiber optic quantum channel. Depending on the -system, one or more additional optical links may be necessary for clock distribution, allowing both endpoints to tune -their lasers into precise alignment. QKD protocols require a classical link used for information reconciliation, which -along with the key stream output and management links requires one or more classical network ports. - -In a QKD relay node, the key stream never leaves the security envelope. The management and information reconciliation -links can be combined into a single, classical network link, requiring a single fiber when using a standard wavelength -division multiplexing transceiver. The QKD link's reference clock channel and the quantum channel require a dedicated -fiber each, adding up to a total of five fibers for a uni-directional QKD relay, or nine fibers for a bidirectional one. -Since fiber pigtails have an outer diameter of usually about \qty{1}{\milli\meter}, this amount of fibers can be fed +Fiber pigtails have an outer diameter of usually about \qty{1}{\milli\meter}, so this amount of fibers can be fed through an IHSM's axis of rotation. The mechanical challenge in such a multi-fiber signal and data feedthrough is to observe the fiber's minimum bending radius, which for common fibers is usually in the range of \qtyrange{5}{15}{\milli\meter}\cite{fs1M12FSC,ProductPageFiber,CorningSMF28Ultra2024}. -In conclusion, a QKD node is not a particularly challenging payload for an IHSM. The most problematic -requirement is feeding through a number of fibers for its various input and output signals, but fundamentally it is no -different from any server or other piece of IT equipment. - \section{Multi-fiber passthrough with active secondary mesh} -The primary weak spot of a simple IHSM is its axis of rotation. While the stationary axis allows for wired data and -power connections to penetrate the mesh, it also provides an easy target for an attacker who wants to insert some sort -of physical probe into the IHSM's security envelope. While to a certain extent this attack vector can be made more -difficult though simple construction techniques such as making the shaft as thin as possible, and getting the mesh as -close to it as possible, as well as using a solid steel shaft on the motor end of the mesh, the level of security that -these mitigations provide is much below that of the remainder of the mesh. Thus, a better solution is needed. - \textcite{gotteCantTouchThis2022} list some \emph{shielding} methods that use a independently rotating secondary mesh on the inside of the primary mesh, located right next to the primary mesh's axis opening. In this section, we will go into some more detail on four variations of this solution. In order of increasing complexity, these variations are a