From 84e80a194461d83e34122ed668705acc7607c777 Mon Sep 17 00:00:00 2001 From: jaseg Date: Thu, 2 Oct 2025 06:56:52 +0200 Subject: [PATCH] Bring over improved and shortened paper version of QKD chapter --- chapter-qkd/chapter-old.tex | 889 +++++++++++++++++++++++++++ chapter-qkd/chapter.tex | 1131 +++++++++++++---------------------- 2 files changed, 1309 insertions(+), 711 deletions(-) create mode 100644 chapter-qkd/chapter-old.tex diff --git a/chapter-qkd/chapter-old.tex b/chapter-qkd/chapter-old.tex new file mode 100644 index 0000000..3a28245 --- /dev/null +++ b/chapter-qkd/chapter-old.tex @@ -0,0 +1,889 @@ +\chaptertitle{Physical Security in Quantum Key Distribution} + +\section{Cryptography in the Age of Quantum Computers} + +For a decade or two now, Quantum Computing has been creating a buzz that nobody in Computer Science and adjacent fields +could evade. Originating in the 1980ies as a highly academic thought experiment applying ideas from Computer Science in +Quantum Physics, \todo{Add citation on QKD origins} its concepts have long found their way into popular science +articles. Quantum Computing encompasses a model of computation that is fundamentally different from the +\emph{classical}\footnote{ In Quantum Computing, the term \emph{classical} is used as the complement of \emph{quantum}, +and refers to the digital computers we know and (sometimes) love. This terminology stems from the distinction between +classical and quantum physics.} digital circuits that underly all of modern computing. While at first this might seem +like a step backwards into the era of early 1900s analog computing,\todo{Add citation on early analog computing} the +capabilites of a future quantum computer promise to outpace those of any possible classical computer. Key to this +improved processing capability is a property called \emph{Quantum Parallelism}, referring to the fact that inside of a +quantum computer, a single \emph{quantum state} can simultaneously represent a multitude of states of a classical, +digital computer, encoded into a quantum \emph{superposition}. Furthermore, the quantum computer can operate on all +those states at once using a single \emph{quantum gate}. + +The quantum gates of a quantum computer do not correspond directly to classical, digital logic. Applying Quantum +Parallelism to practical problems is more complicated than, simply translating a digital circuit that computes a +solution to a quantum circuit. Nevertheless, for certain problems \emph{quantum algorithms} have already been developed +that for large inputs promise to solve these problems much faster than any classical computer ever could. Two of these +algorithms, one by Shor and one by Grover \todo{Add citations on Shor's and Grover's algorithm} are what caused most of +the buzz around the field of quantum computing because they spell trouble for a large part of modern cryptography. +While neither is a threat under the current state of the art in quantum computing, assuming a sufficiently advanced +quantum computer both algorithms provide solutions to problems that are classically assumed to be \emph{hard} with +vastly improved asymptotical time complexity. + +Besides the computational speed-up promised by Quantum Parallelism, there is one more interesting aspect of Quantum +Computing where it radically deviates from classical computing. The reason modern cryptography exists is that when we +transmit (or store!) classical information through some channel (or storage!) that we do not control, there is nothing +we can do to prevent an attacker from reading this information. Even with cryptography we cannot prevent this, but +cryptography gives us tools to very effectively make whatever information the attacker is able to read useless to them. + +A basic principle of Quantum Physics is the \emph{No-Cloning Theorem}, which states that it is impossible to create an +identical, independent copy of an arbitrary, unknown quantum state. \todo{Add citation on No-Cloning Theorem} +An implication of this theorem is that when we encode classical information into quantum states in just the right way, +we can make it so that an attacker attempting to eavesdrop on our quantum information can only decode this information +by destroying the underlying quantum states it in the process, which can be detected statistically. This property can be +exploited to replace a number of classical asymmetric primitives in interactive settings, \todo{Add citation on +substitution, check if interactive only} the most popular application of which is replacing an asymmetric Diffie-Hellman +key exchange \todo{Add citation on DH-Kex} with a quantum process called Quantum Key Distribution (QKD) that yields much +of the same properties. + +In the past decades, the field of cryptography has been fundamentally shaped by the development of Quantum Computing and +Quantum Key Distribution. However, the popular conception that all of today's cryptography will be broken and that we +have to start from scratch is not accurate. Quantum Computing poses an unique threat to modern cryptography, and Quantum +Key Distribution is a promising new tool, but the practical implications of both are much more subtle than how they are +often portrayed. In the remainder of this chapter, we will look into the practical implications of these quantum +technologies, and we will come to two major conclusions: First, that while the underlying cryptographic primitives will +change, apart from some engineering issues cryptography as a whole will remain largely the same. Second, that while +Quantum Key Distribution is hailed as a revolution for network security, its practical advantages will remain far short +of how it is usually conceptualized, and hardware security will assume a pivotal role in the practical security of +Quantum Key Distribution systems. The central role of hardware security in Quantum Key Distribution is a stark departure +from its relative irrelevance in today's applied cryptography. + +Building on these conclusions, we will end this chapter with a study of a use case that illustrates a practical design +for a secure network employing Quantum Key Distribution. Relying on both established classical and quantum primitives +with known security properties we will elaborate how one can construct a large-scale network from those primitives +that uses IHSMs to provide practical security beyond the---surprisingly limited---extent of quantum security proofs. + +\subsection{Computational Assumptions and Information\Hyphdash Theoretic Security} +\label{qc_comp_assum} + +We have briefly mentioned that Quantum Computing promises to eventually provide a significant speed-up that can be +applied to solve many cryptographic problems fast enough for it to become a problem, but we have not elaborated on what +that means in practice. In this section, we will attempt convey a more concrete intuition of the magnitude of the threat +that both Shor's and Grover's algorithm and variants pose to modern cryptography. + +\textcite{shorAlgorithmsQuantumComputation1994, shorPolynomialTimeAlgorithmsPrime1997} introduced several algorithms to +solve problems in polynomial time on a quantum computer that are still believed to be hard on classical computers today. +In the original conference paper and journal article, Shor introduces several algorithms based on a similar fundamental +approach. Depending on context, \emph{Shor's algorithm} usually refers to one of two of these algorithms that solve +integer factorization as used in RSA, and the discrete logarithm problem as used in the Diffie-Hellman key exchange, +respectively. + +While Shor's algorithm attacks the foundations of most modern asymmetric cryptography, Grover's algorithm can be applied +to hash functionss and symmetric cryptography. Fundamentally, Grover's algorithm is a search algorithm that allows a +quantum computer to find one target entry out of an \emph{unstructured} list of $N$ source entries in +$\mathcal{O}\left(\sqrt{N}\right)$ time instead of the $\mathcal{O}\left(N\right)$ time that a classical computer would +require for an exhaustive search. Applied to cryptography, we model the key space of a symmetric cipher as the +unstructured list that is input to the algorithm, and set it to search for the key that results in the successful +decryption of a given ciphtertext. + +An important nuance applying these algorithms to cryptography is that while both provide significant speed-ups over +classical computers, the speed-up of Shor's algorithm is exponential and effectively breaks most modern asymmetric +cryptography as it erases the asymmetric nature of the underlying mathematical problem's computational complexity. That +is, for an asymmetric cryptosystem susceptible to Shor's algorithm, there is no set of parameters that is large enough +to be safe. + +In contrast to this, while Grover's algorithm radically speeds up the breaking of a symmetric cryptosystem, this +speed-up is only quadratic. In practice this means that it halves the security level \todo{definition, citation of +security level} of a given symmetric cipher. While this is bad news for applications that parameterize these symmetric +primitives to a security level at the lower end of what is considered secure today, the advantage provided by Grover's +algorithm can easily be compensated by doubling key size. Longer key sizes require more storage or bandwidth for the +additional bits and result in slightly slower operation of the cipher, but this additional cost is easily manageable +even without any improvement in today's hardware. + +\textcite{impagliazzoPersonalViewAveragecase1995} provided a colloquial but useful analysis characterizing the +implications of which kinds of hard problems are solvable in practice, based on the observation that the fact that an +\emph{average} problem out of a class like $NP$ is solvable does not mean that most, or even many \emph{practical} +problems are solvable. \textcite{impagliazzoPersonalViewAveragecase1995} was published after Shor's algorithm was +discovered, and before Grover's algorithm was published. Impagliazzo foresaw that fast quantum algorithms could threaten +public key security, and their analysis remains relevant facing the outlook of quantum computing today. + +Impagliazzo proposes a set of five scenarios that provide increasingly extensive computational hardness properies, +dubbed \emph{Algorithmica}, \emph{Heuristica}, \emph{Pessiland}, \emph{Minicrypt}, and \emph{Cryptomania}. In +Algorithmica, $P = NP$. In Heuristica, $P \ne NP$, but $NP$ problems are only intractable in the worst case, and +tractable on average. In Pessiland, problems exist that are hard on average, but there are no one-way functions and thus +there is no way to efficiently sample solved instances of hard problems. + +The next scenario, Minicrypt is frequently cited in cryptographic works. In it, one-way functions exist, but there is no +public key cryptography. Minicrypt aligns well with a world in which fast quantum algorithms exist that solve the +computational problems underlying public key cryptosystems. Impagliazzo's last scenario is Cryptomania, which extends +Minicrypt with public key cryptography and aligns with the world view that is commonly assumed in cryptography today. + +In Minicrypt, we assume that all computational problems that are amenable to public key cryptography fall. However, it is +not specified \emph{how} specifically this fall will happen---whether it will be classically, or by quantum +algorithms---leading to two sub-variants of the Minicrypt scenario. The pessimistic sub-variant is one where classical +algorithms solving all those problems are discovered. This scenario leads to identical conclusions to those Impagliazzo +drew. However, if we base our Minicrypt assumption instead on the availability of \emph{quantum } algorithms for these +problems, and thus on quantum computers being both powerful enough and generally available, we end up with an +interesting spin on the original Minicrypt scenario that recently has garnered some academic attention, receiving the +name Mini\textbf{Q}Crypt\cite{griloObliviousTransferMiniQCrypt2021, barootiPublicKeyEncryptionQuantum2023}. In +MiniQCrypt, on one hand, conventional public key cryptography is broken by quantum computers running Shor's algorithm, +but the key observation is that on the other hand, we can then use those quantum computers to do \emph{quantum} +cryptography, re-gaining some of what we have lost. The (im)possibility results for MiniQCrypt are nuanced, and provide +something between the intact conventional public key cryptography in Cryptomania, and the total absence of it in +classical Minicrypt. + +In the discourse on quantum computing and its application to cryptography, it is important to be mindful of which +security notion the authors of some source, or the implementors of some device base their work on. Especially in +academic work, Pessiland assumptions are often implicitly made\cite{ + diamantiPracticalChallengesQuantum2016, + kwekChipbasedQuantumKey2021, + mehicQuantumKeyDistribution2021, + loSecureQuantumKey2014, +}. Here, the speedup provided by Grover's algorithm is considered to make symmetric primitives like hash functions or +symmetric ciphers unusable, leaving only information-theoretically secure cryptographic schemes such as +one time pads available. In this framework, secret key rate becomes paramount because it is assumed that QKD keys will +be used with an information-theoretically secure encryption scheme, requiring an infinite, high-bitrate secret key +stream. +\todo{introduce notions of asymmetric/symmetric ciphers, OTPs before} + +While in academic sources Pessiland assumptions are common, commercial systems usually are based on Minicrypt +assumptions. That is, commercial systems propose QKD as an alternative to classical asymmetric cryptography for +cryptographic key exchange, but then continue to use classical symmetric cryptography for purposes such as key +derivation and secret-key encryption. Using a computationally secure key derivation function such as Argon 2, a small, +fixed amount of precious QKD secret key bits can be expanded into a key of almost unbounded length\footnote{Key +derivation functions have limited output size}. Similarly, a +computationally secure symmetric cipher such as AES can be used to encrypt almost arbitrary amounts of data using a +single, short key\footnote{ + We write that the amount of data that can be encrypted with a computationally secure block cipher is only + \emph{almost} unbounded because the cipher operates on blocks of a fixed, short size and depending on the cipher + mode, in most applications, collisions of two such blocks enable stochastic \emph{Birthday + Attacks}\cite{giraultGeneralizedBirthdayAttack1988}. Usually, for a primitive of block size $n\;\unit{\bit}$, an + amount of $2^\frac{n}{2}$ extracted blocks is used as an upper bound for safe usage. For a cipher using the + currently common block size of \qty{128}{\bit}, this bound lies at \qty{256}{\exa\byte} of + data\cite{bhargavanPracticalSecurity64bit2016,}. +}. + +\subsection{The Practical Security Implications of Quantum Computing} +\label{qc-practical-implications} + +Given that as of yet, noone has claimed to have a quantum computer powerful enough to pose a threat to current +cryptographic protocols\cite{roettelerQuantumResourceEstimates2017}, one may ask the fair question why the possible +future development of such a machine would be consequential for today's cryptographic practice. The answer to this +question lies in \emph{Store-Now-Decrypt-Later} attacks. In such attacks, the attacker records all data transmitted +between a cryptographic protocol's parties. The security of any key exchange protocol rests on a computational hardness +assumption about some particular problem. When this assumption falls, for example because of a powerful quantum computer +becoming available, the attacker can then retroactively break the security of those stored protocol instances and +decrypt all traffic. + +Modern cryptographic protocols such as TLS or the Signal messenger's key ratchet are designed with facilities to provide +some degree of protection against key compromise called \emph{(Perfect) Forward Secrecy}. Forward Secrecy means that a +compromise of keys at one protocol step will not break the secrecy of past protocol steps. Forward Secrecy is achieved +by repeatedly mixing fresh key material called \emph{Ephemeral Keys} into the protocol's secret state. For a +post-quantum attacker, this implies that to decrypt a run of a forward-secret cryptographic protocol, the quantum +algorithm breaking the protocol's computational assumption must be run a number of times, but this results only in a +linear increase of both protocol and attack complexity, which turns out to no advantage for the defender. + +Store-Now-Decrypt-Later attacks are considered a serious threat today based on the stark discrepancy between the +capacity of today's inexpensive storage media, and the comparatively tiny bandwidth of cryptographic protocols in +applications such as End-To-End Encrypted (E2EE) text messaging. A single hard drive can conceivably store years of a +person's encrypted digital communications. + +There has been ongoing work on quantum secure cryptographic algorithms, and standardization of several such algorithms +is progressing. However, in the time frame of cryptosystems, these algorithms are still rather young and the recent +discovery of a catastrophic key recovery attack against the Supersingular Isogeny Diffie-Hellman protocol +(SIDH)\cite{castryckEfficientKeyRecovery2023} illustrates the risk in the use of immature cryptographic primitives. Thus, +recommendations on the concrete steps that should be taken today to mitigate Store-Now-Decrypt-Later attacks vary. For +instance, under its threat model as laid out in \textcite{schmiegGoogleThreatModel2024}, Google recommends a list of +quantum secure counterparts to classically secure cryptographic algorithms, but recognizes the relative immaturity of +these quantum secure algorithms and consequently recommends \emph{Hybrid Deployment}, where a young, quantum secure +algorithm is paired with a mature classically secure algorithm such that \emph{both} algorithms would have to be broken +to compromise the composite protocol's security. Given that quantum secure public key cryptography tends to have both a +much larger key and/or ciphertext size and worse performance compared to state-of-the-art Elliptic Curve-based key +exchange or signature algorithms, pairing it with a classically secure alternative incurs only a negligible overhead in +key storage, network communication and computation costs. + +\todo{research some more policies.} + +\section{The Physics of Quantum Computing} +\todoplaceholder{missing} + +\section{Quantum Key Distribution} + +As we discussed in Section \ref{qc_comp_assum}, Quantum Computers promise novel attacks on many contemporary +cryptographic systems. At the same time, quantum technology also promises new cryptographic primitives that support +security guarantees beyond what can be realized with the best classical computers. The core of this nascent field of +Quantum Cryptography is a set of methods that are collectively called Quantum Key Distribution. + +Informally speaking, a Quantum Key Distribution system is a system that distributes a secret key between two\footnote{ + Although the key distribution problem can conceptually be framed for any number $n\ge 2$ of parties, practical + treatment is almost always limited to the two-party case. In case of QKD, problem instances for $n > 2$ parties can + trivially be reduced to $(n^2 - n)/2$ invocations of the two-party protocol, combined with any + information-theoretically secure secret sharing scheme. +} parties such that after a successful execution of the protocol, each of the two parties holds a copy of a randomly +generated secret key, and the probability that an attacker was able to extract some portion of the key during the +protocol's execution can be bounded to some negligible $\epsilon$ by each of the parties. + +Quantum Key Distribution provides a similar service to cryptographic key exchange protocols such as the classic +Diffie-Hellman key exchange provide. The core difference between QKD and cryptographic key exchange protocols is that +QKD provides information-theoretic security based on the No-Cloning Theorem, where cryptographic protocols provide only +computational security based on the computational hardness assumption underlying some public key cryptosystem. + +QKD is attractive in that it gives practically useful security guarantees without relying on any computational hardness +assumptions. This way, QKD would remain secure even in a scenario where a hybrid deployment of a classically secure but +mature algorithm paired with a quantum secure but young algorithm as discussed in Section +\ref{qc-practical-implications} poses too much of a risk---a scenario where both large quantum computers arrive and a +flaw in the quantum secure algorithm is found. Note that here, because we assume we have large quantum computers, the +possibility of a flaw in the quantum secure algorithm extends beyond mathematical flaws leading to practical attacks +with classical computers, and includes novel quantum algorithms. + +\subsection{Security assumptions in QKD} + +While QKD protocols provide information-theoretic security, part of these protocols is always an authenticated channel +that is used by the protocol's parties to exchange information necessary to align both parties' quantum measurements so +that they can reconstruct the same secret key bit stream\cite{loSecureQuantumKey2014}. In the security model of QKD, +this authenticated channel does some heavy lifting. While the QKD protocol provides key exchange--an asymmetric +primitive--based on this authenticated channel--which in its most simple implementation requires only symmetric +primitives, an implementation of QKD using symmetric primitives such as HMAC or CMAC for the authenticated channel would +not achieve information-theoretic security. To achieve information-theoretic security, the authenticated channel itself +must use an information-theoretically secure authentication method. The issue with that is that +information-theoretically secure authentication methods are (provably)\todo{citation on ``provably''} rather inefficient +in their key use. While symmetric MACs can use a single, short key for a very long time, information-theoretically +secure MACs need a continuous stream of fresh key bits. + +In QKD, the authenticated channel can be bootstrapped by taking these MAC key bits from the QKD channel itself. The +disadvantage of doing that is that it consumes a fraction of the system's precious secure key rate. As a consequence, at +this point there is ongoing research\todo{citations on ongoing research} on both systems based on symmetric MACs and +systems using information-theoretically secure MACs, with commercial systems often choosing the +latter\cite{bibakQuantumKeyDistribution2021} owing to the low secret key rates that are the state of the art. +\todo{Finish this section} + +\subsection{The Technical Implementation of QKD} + +On the technical level, QKD must be distinguished from general Quantum Computing. While QKD systems employ the +No-Cloning Theorem and sometimes quantum entanglement in their operation, the scope of their quantum operations is very +limited. QKD systems always operate on photons, while general quantum computers use a variety of physical +implementations for their qubits that include photons and squeezed light, but extend over atom nuclei, trapped ions, +various aspects of currents in superconducters as well as phonons\cite{berriosHighFidelityQuantum2012}. + +\todoplaceholder{Add concrete description of at least one QKD protocol (BB84?)} + +\subsection{Practical Challenges} + +The central challenge in general quantum computers is extending the lifetime of the quantum state encoding a qubit. +Quantum states are extremely sensitive to disturbances, and despite the best efforts to shield them against external +influence, their lifetime is still inconveniently short compared to the timescales required for quantum computation, +resulting in significant amounts of noise in the output of quantum algorithms run on contemporary quantum +computers\cite{yetisInvestigationNoiseEffects2021}. Quantum Key Distribution systems use photons and only perform a +handful of operations on each photonic state between generation and measurement, with the vast majority of the state's +lifetime spent in transit between the two endpoints of the QKD protocol. + +While QKD systems are easy to build and operationally robust compared to general quantum computers, at their core they +still exchange information through quantum states that physically need to transit the distance from one endpoint to the +other. For classical computer networks, bridging distances of hundreds or thousands of kilometers is no big challenge. +Using appropriate high-power transceivers, a single, \emph{unrepeatered} span of an optical link can bridge hundreds of +kilometers while simultaneously achieving data rates of several terabits per second. Longer ranges are regularly +achieved through the use of (analog!) optical amplifiers, with recent \emph{repeatered} systems approaching the petabit +per second boundary +\footnote{ + cf.\ this encyclopedic entry \cite{JUNOSubmarineNetworks}, press releases by participating companies + \cite{NECBuildNew, NewCompanyBuilds}. +}. These classical optical systems operate at hundreds of milliwatts of optical power, a limit resulting from nonlinear +effects in the optical fibers used, power limitations of optical amplifiers, and limitations in power delivery to these +amplifiers. + +In contrast, QKD systems operate on signals that are weaker by several orders of magnitude. While classical optical +signals use millions of photons per bit, the quantum states at the core of QKD systems must necessarily be ``weak''. A +single quantum state in the fiber on average should consist of approximately a single photon. If the system's quantum +states consisted of more than one photon carrying the same information, this would enable a \emph{Photon Number +Splitting Attack}, in which an attacker extracts one of the state's photons for later analysis, and forwards the +remaining photons to the receiver\cite{loSecureQuantumKey2014}. The attacker can then later measure the captured photons +to extract the same information that the receiver measured. In practical QKD setups, attenuated pulsed lasers are often +used, as there are no practical single-photon sources. The laser and its attenuator are tuned such that the average +photon count of a pulse is in the order of $0.1$ \cite{loSecureQuantumKey2014}. For such setups, mitigations exist that +prevent photon number splitting attacks\cite{wangBeatingPhotonNumberSplittingAttack2005}. However, while these +mitigations patch this security weakness for weak, attenuated pulsed lasers, they still do not allow for higher transmit +power. + +The practical implication of this is that the optical brightness of a QKD system is directly proportional to the rate at +which the system can prepare, and later measure the individual quantum states. The primary limitation is the speed and +recovery time of the single-photon detector. In contrast to e.g.\ a simple photodiode that (mostly) linearly converts +incident photons into electron flow, SPDs are designed to provide a large intrinsic gain. This improves their bandwidth +as each photon's pulse must charge the detector's own parasitic capacitance as well as that of any wiring between it and +the frontend preamplifier, but in many detector designs this intrinsic amplification process is also the origin of a +long recovery time that limit's the detector's possible repetition rate. With today's electronics, repetition rates up +to a few \unit{\GHz} are feasible\cite{grunenfelderFastSinglephotonDetectors2023}. Alas, the brightness limit interacts +poorly with the reality of optical communication, especially through fibers. Even modern, high-quality fiber-optic +cables have attenuation in the order of \qty{0.2}{\dB\per\km}\cite{chesnoyUnderseaFiberCommunication2015}, which +corresponds to roughly half of the signal being lost every \qty{15}{\km}. In classical optical networks, this can be +compensated by increasing transmit power--i.e. packing more photons into each bit--or by optically amplifying the signal +partway through the fiber. cIn QKD systems however, the signal's quantum states cannot be amplified both out of a +concern of photon number splitting attacks and because of decoherence\footnote{ + Note that this impossibility is not a consequence of the No-Cloning Theorem. The No-Cloning Theorem only asserts + that it is impossible to create a second, \emph{independent} copy of an arbitrary quantum state, which can then + independently be measured without disturbing the original state. Despite this, a hypothetical ``quantum amplifier'' + could increase the quantum state's photon number, adding entangled photons that share the original quantum state. + Alas, doing this would not gain us much in a QKD system because an interaction of any of the quantum state's photons + with the fiber---that is, the same loss as before---would disturb the entire entangled state. +}, and thus the system's bit rate decreases exponentially with distance due to attenuation. Some QKD systems can reach +ranges of several hundred kilometers, but the resulting payload data rate---usually called \emph{secret key rate}---of +these long distance systems is measured in kilobits per second. An interesting observation from theoretical work on +quantum key distribution algorithms is that not only is this exponential rate decay a fundamental limit for a given QKD +implementation, but it is even possible to determine a protocol-independent upper bound for a noiseless, lossy optical +channel's secret key rate. This upper bound shows the same exponentail decay and, notably, is independent of the optical +power, which is directly proportional to the repetition rate of the QKD protocol's measurements. Modulo some small, +constant factor, this upper bound cannot be circumvented with any amount of protocol engineering, or source or detector +improvements\cite{takeokaFundamentalRatelossTradeoff2014}. + +\subsection{Loss in optical fibers} + +When transmitted over a fiber, there are multiple effects that degrade the quantum-optical signal of a QKD system, which +are collectively referred to as \emph{loss}. We can coarsely classify these degrading effects into two categories: +\emph{decoherence}, and \emph{attenuation}. Decoherence effects result in the quantum state being changed in transit, +which depending on the QKD implementation may mean destroying information contained within the state such as by +disturbing the pulse's polarization, or destruction of entanglement between the in-flight state and another local state. +In contrast, attenuation means the quantum state is not ever leaving the channel. + +In practice, attenuation is the primary factor limiting the length of an individual fiber run in QKD. Even modern, +ultra-low loss optical fiber has an attenuation in the order of \qty{0.15}{\decibel\per\kilo\meter}, resulting in a loss +of half the signal's power, equivalent to half of all QKD pulses, in just \qty{20}{\kilo\meter}. For longer reaches, +these losses ar multiplicative, so after only \qty{200}{\kilo\meter} only one in a thousand single-photon pulses entering +the fiber will exit it at the other end \cite{chesnoyUnderseaFiberCommunication2015}. + +Decoherence effects are less relevant for the distance limitation, and mostly limit which fiber-optic technologies can be +utilized in the first place. Due to decoherence, QKD systems usually use Single-Mode (SM) fiber over Multi-Mode (MM) +fiber\cite{amitonovaQuantumKeyEstablishment2020}, and decoherence makes it more difficult to utilize Wavelength Division +Multiplexing (xWDM) to send multiple either quantum or classical optical signals through a single fiber.\todo{is this +right?} + +Attenuation in optical fibers has a number of origins. The main factor is scattering of photons on the fiber core, with +absorbtion due to interactions between photons and the fiber core's molecular structure or embedded contaminants only +playing a minor role. The primary component of scattering is fluctuations in the fiber core's molecular structure, with +scattering on phonons (Brillouin scattering) or photons (Raman scattering) only adding a samll amount of +loss\cite{wandelAttenuationSilicabasedOptical2006}. + +Like attenuation, decoherence can also result from a number of different mechanisms. Two optically \emph{linear} +mechanisms, i.e.\ ones that do not depend on incident signal power, are chromatic dispersion and polarization mode +dispersion (PMD). PMD disturbs the signal's polarization. PMD strongly depends on wavelength and is highly sensitive to +environmental factors such as temperature or vibration \cite{brodskyPolarizationModeDispersion2006}. QKD systems +frequently use polarization-based encodings, which are sensitive to PMD. PMD is usually mitigated by continuously +measuring the fiber's end-to-end PMD, and adjusting a polarization controller placed +in-line\cite{wangLongdistanceCopropagationQuantum2017, ImpactPolarizationMode, +agnesiAllfiberSelfcompensatingPolarization2019} with the fiber to cancel out the fiber's PMD. + +Chromatic dispersion arises from the fiber's materials' refractive index not being perfectly constant across +the spectral bandwidth of the optical signal, leading some frequency components of the signal to traverse the fiber +faster than others, resulting in pulses being spread out as they continue along the fiber. Chromatic dispersion is a +concern in some long-distance QKD systems that need to operate at a timing precision down to a few dozen picoseconds, +but like PMD it can be compensated at the endpoint \cite{neumannExperimentallyOptimizingQKD2021, +kiselevAnalysisChromaticDispersion2020}. + +Besided linear Brillouin and Raman Scattering, nonlinear effects such as the AC Kerr Effect, Stimulated Raman Scattering +as well as Stimulated Brillouin Scattering can produce intermodulation and crosstalk when a quantum optical signal is +sent through the same fiber as another, much brighter classical optical signal. These nonlinear effects are relevant for +QKD systems that either send a reference clock through the same fiber as the QKD pulses, or that aim for coexistence +between QKD pulses and classical optical networking on the same fiber, for instance in an in xWDM +setup\cite{choiQuantumKeyDistribution2010, grunenfelderLimitsMultiplexingQuantum2021}. + +In the AC Kerr effect, a strong optical signal influences the refractive index of the fiber core, which modulates other +signals propagating through the same fiber. Stimualated Brillouin Scattering arises when a high-power incident signal +causes the emission of phonons inside the fiber core, which then act as a source of Brillouin scattering. Stimulated +Raman Scattering is a similar effect based on Raman scattering\cite{chesnoyUnderseaFiberCommunication2015}. When a fiber +is shared between weak QKD and bright classical signals, both Brillouin and Raman scattering introduce noise in the QKD +channel as photons from the classical signal change their wavelength, and might end up inside the QKD channel's +bandwidth\cite{choiQuantumKeyDistribution2010}. + +\todo{Some detail on CV-QKD} + +\subsection{Relaying} +\todo{(one?) term of the art seems to be "repeater"} + +We cannot use conventional optical amplifiers to extend the range of a single continuous QKD link lest we destroy the +signal or we might enable attacks. What remains as ways to extend the range of a QKD link are \emph{relaying} methods, +where one QKD link is terminated at a relay station partway to its destination, and another is started, with the relay +proxying information between the two. We can separate relay implementations into two broad categories. + +\begin{description} + \item[Classical relays] encompass the trivial implementation of a relay, where the QKD link is formed by simply + stitching two QKD links together by connecting one link's receiver to the other link's transmitter. The key + characteristic of classical relays is that inside the relay, the link's cryptographic payload information is + handled in its classical plaintext form. Classical relays are practically feasible, but because they must handle + the payload in plaintext form, they are security-critical. + + \item[Quantum relays] are relays that forward the QKD payload information from one link to the other in the quantum + realm, without translating it to classical information and back. QKD relays are currently not practically + feasible, but if they become available in the future, they would allow range extension without compromising the + QKD link's security as the same tamper-detecting properties that the QKD links provide can be extended to cover + the quantum forwarding process inside the relay. +\end{description} + +For practical purposes, classical relays are the only relevant option. A long-range QKD system employing classical +relays would be able to cover arbitrary distances, trading off reliance upon physical security of the trusted relay +stations. Academic work on QKD recognizes this limitation, but few proposals to its solution have been put forth. + +\subsection{Range extension in Measurement Device Independent (MDI)-QKD} + +One technology closest to a solution on the trusted relay issue is Measurement Device Independent (MDI)-QKD. Broadly +speaking, in an MDI-QKD system two QKD endpoints are connected through exactly one relay (or router). The key idea of +MDI-QKD is to move all trusted components of the protocol out of this central relay, and into the trusted nodes at both +ends of the link. Instead of directly measuring the photons sent by both endpoints, the relay node has them interfere +and measures the result of this interference. This measurement result does not allow the relay to draw any conclusions +on the individual qubits that the endpoints exchange, but when the relay communicates these measurements to the +endpoints, the endpoints can reconstruct their shared secret key bits. Although in MDI-QKD the relay node still performs +quantum measurements and participates in the overall QKD protocol, the protocol guarantees that even a malicious relay +cannot learn anything about the exchanged keys from its limited vantage point. + +MDI-QKD effectively doubles the range of a QKD system. Unfortunately, the approach from MDI-QKD cannot be adapted to +multiple chained relays, and thus it is mostly interesting for hub and spoke-style quantum network topologies. In a +relay-assisted long-range QKD system, MDI-QKD could only be used to eliminate trust in half of the relays, which in the +grand scheme of things does not reduce attack surface by much. + +\todo{Mention entanglement swapping range extension} + +\section{Quantum Networking} + +So far we have focused on the range limitation of a single QKD link with classical relays as the only practical solution +at this point in time. Quantum Networks naturally follow from a relay-assisted QKD link, if we consider a type of +``relay'' that is connected to more than two links. Just like switches and routers can be meshed to construct complex +topologies in classical wide-area networks (WANs), such multi-fanout relays, or \emph{routers} can be used to provide +QKD services over complex network topologies. + +There exists a large corpus of academic research on the theory of such large-scale QKD networks ranging from the +technical implementation of management protocols to specialized QKD systems for QKD networks that improve on standard +two-party QKD in areas such as complexity or performance. \todo{lots of citations here} +In the past decades, a number of proof-of-concept QKD networks have been put into practice. None of these systems +provide any practical utility yet, and their raison d'ĂȘtre lies in the political realm more than it arises out of +technical necessity considering that any of today's city-scale demonstrations can easily be simulated more compactly in +a lab using a few spools of fiber as a near-perfect stand-in for long-range fiber links. + +Many of the technical challenges in the deployment of QKD networks coincide with similar technical challenges in +classical packet-switched networks. An unique challenge to QKD networks is how their routing problem is different to the +one in classical computer networks. In a classical network, each link has a known, fixed capacity. A router decides +which packet to send through which link, and when the rate of incoming packets momentarily exceeds the capacity of the +outgoing links, packets must either be dropped, or put into a growing queue. QKD networks are different in that +information is not exchanged through the network, but instead the network \emph{generates} information in the form of +secret key material. The measurement of individual pulses that underly key generation conform to a stochastic process, +but amortized across the large time spans required for the subsequent selection and privacy amplification steps that +converts these raw measurements into usable secret key bits, key generation rate is constant. Each node of a QKD network +thus accumulates secret key bits for each of its links, storing them for later use. The routing problem in this scenario +revolves around managing the levels of these key stores to avoid depletion. + +\section{Securing QKD Networks with Inertial HSMs} + +As we discussed above, when it comes down to practical, end-to-end security properties, Quantum Key Distribution +removes trust in the hardness of particular mathematical problems (good!), but increases trust in the physical +integrity of the transceivers of the QKD link (bad!). In scenarios where the communicating parties are all located +within physical proximity---in QKD, meaning within at most a few hundred kilometers from each other depending on secret +key rate requirements---this added trust is of no consequence because the communcating parties' hardware must be trusted +in either QKD-assisted or purely classical setups. However, this trust requirement becomes a burden as soon as at least +one party is too far away or when higher secret key rates are required, as now physically trusted relays become necessary. + +Extrapolating to practical deployments, we can make two predictions. First, as QKD only solves key distribution, but the +actual data transfer still happens through normal off-the-shelf telecommunications components in QKD networks, there is +no reason for a practical QKD setup to \emph{not} also use classical cryptography as an additional layer for defense in +depth, +\todo{citation on defense in depth, and on this hybrid scenario} +meaning the QKD setup will at worst degrade to the same security a purely classical system would provide, never less. + +The second prediction we can make is that any practical QKD network will have to use trusted relays to bridge large +distances. While in certain specialized applications such as the proposed financial QKD network in Switzerland +\todo{citation on swiss deployment} smaller, isolated networks are conceivable, in every telecommunication system from +the telegraph through the telephone system and up to the internet it has been shown conclusively that considering +utility, a global, interconnected network is greater than the sum of its parts\footnote{In fact, history repeats, and +the enthusiasm that Quantum Key Distribution networks have kindled parallels the one that the first trans-atlantic +telegraph cables brought forth as described by \textcite{mullerWiringWorldSocial2016}. Both parallel not just in the +extensive promises attributed to their respective technologies, but also in the facade of technological determinism that +in both cases hides a number of social and political motivations.}\cite{mullerWiringWorldSocial2016}. \todo{at least one +more citation on historic networks} + +In this section, we will outline a solution that provides practical, end-to-end security in large-scale QKD networks by +delegating the hardware trust issue of QKD relays to Inertial Hardware Security Modules. The primary design challenges +we will address are the systems' overall envelope design, optical passthroughs, and matching the cryptographic +assumptions behind the IHSM's heartbeat and alarm subsystem to those of the QKD application. + +\subsection{The anatomy of a QKD node} + +With the exception of special cases such as the middle node in a MDI-QKD system, a general QKD relay contains the same +components that the endpoint of a QKD connection uses. Only in a QKD relay, two transceivers are connected back-to-back +to one another. QKD provides physical security for the photons traversing the fiber that forms the system's channel, and +the security envelope of the system begins where this fiber is terminated in the power splitters, single-photon +detectors, lasers, and interferometers of the QKD transmitter and receiver. To process the raw measurements of the QKD +system into a usable stream of secret key bits, in addition to these components implementing the physics of the QKD +system, a classical computer is needed. On top of the remote monitoring and management tasks that any piece of +networking equipment is expected to perform nowadays, this computer is tasked with the information reconciliation and +privacy amplification that form the information-theoretic part of the QKD system. Since this computer must necessarily +handle secret key bits in their plain text form, it, too, must be inside the relay node's physical protection envelope. + +\subsection{Physical requirements of QKD transceivers} + +Putting a QKD relay node and associated machinery inside of an IHSM, we first need to answer two key questions. First, +\emph{will it fit?}, and second, \emph{Can we hook it up?}. In the following paragraphs, we will go through several +aspects of these general questions one by one. + +\paragraph{Physical dimensions.} +At this point, a number of commercial systems promising QKD exist. Common QKD protocols do not require any particularly +large or power-hungry components, and so commercial systems have generally adopted the 19 Inch rackmount enclosure +standard that is common to modern telecommunications equipment, with a width of $\approx\qty{50}{\centi\meter}$, a +height between $\approx\qtyrange{4}{30}{\centi\meter}$ and a depth below $\approx\qty{100}{\centi\meter}$.\todo{Re-check +these numbers shortly before submission} While something of this size would be infeasible to protect with the security +mesh of a traditional hardware security module, placed vertically, even without modifications any of these systems are +well within an envelope that can be protected with a single IHSM cage. + +\paragraph{Power supply.} +QKD systems do not contain any particularly power-hungry components. Unlike quantum computers, most of the signal path +is optical, and as such can be implemented with room-temperature fiber-optic components. Only the single-photon +detectors may require cooling in some systems, but unlike something like an ion trap quantum computer's processor, +energy-intensive deep cryogenic cooling is not necessary. Most manufacturers don't quote the power requirements of their +systems, but we were able to find that IDQuantique specifies their QKD systems to be able to run off a single +\qty{300}{\watt} power supply\cite{ClavisXGQKD2024}. In an inertial HSM, power up to several \unit{\kilo\watt} can +easily be transferred to the payload with through-axis cables. + +\paragraph{Cooling.} +While the few hundred Watt of power that QKD systems require could easily be transported through the mesh of a a +traditional HSM as well, cooling that amount of thermal load purely by heat conduction through centimeters of epoxy +resin would make implementation infeasible in traditional HSM. In an IHSM on the other hand, up to several +\unit{\kilo\watt} can easily be dissipated through forced-air cooling since the rotating security mesh can have an +arbitrary amount of longitudinal openings. + +\paragraph{Data and signals.} +A QKD transceiver has a number of ports in addition the port for the fiber optic quantum channel. Depending on the +system, one or more additional optical links may be necessary for clock distribution, allowing both endpoints to tune +their lasers into precise alignment. QKD protocols require a classical link used for information reconciliation, which +along with the key stream output and management links requires one or more classical network ports. + +In a QKD relay node, the key stream never leaves the security envelope. The management and information reconciliation +links can be combined into a single, classical network link, requiring a single fiber when using a standard wavelength +division multiplexing transceiver. The QKD link's clock channel and the quantum channel require a dedicated fiber each, +adding up to a total of five fibers for a QKD relay. Since fiber pigtails have an outer diameter of usually about +\qty{1}{\milli\meter}, this amount of fibers can be fed through an IHSM's axis of rotation. The mechanical challenge in +such a multi-fiber signal and data feedthrough is to observe the fiber's minimum bending radius, which for common fibers +is usually in the range of \qtyrange{5}{15}{\milli\meter}\cite{fs1M12FSC,ProductPageFiber,CorningSMF28Ultra2024}. + +Concluding the above paragraphs, a QKD node is not a particularly challenging payload for an IHSM. The most problematic +requirement is feeding through a number of fibers for its various input and output signals, but fundamentally it is no +different from any server or other piece of IT equipment. In the following section, we will present a design that +provides a combined power and multi-fiber passthrough that is sufficient for QKD applications before concluding with an +analysis of post-quantum heartbeat signal security. +% FIXME stuff on heartbeat + +\subsection{Multi-fiber passthrough with active secondary mesh} + +The primary weak spot of a simple IHSM is its axis of rotation. While the stationary axis allows for wired data and +power connections to penetrate the mesh, it also provides an easy target for an attacker who wants to insert some sort +of physical probe into the IHSM's security envelope. While to a certain extent this attack vector can be made more +difficult though simple construction techniques such as making the shaft as thin as possible, and getting the mesh as +close to it as possible, as well as using a solid steel shaft on the motor end of the mesh, the level of security that +these mitigations provide is much below that of the remainder of the mesh. Thus, a better solution is needed. + +Previously, in Chapter \todoplaceholder{provide link to mesh protection overview from OG IHSM paper} we have alluded to +several \emph{shielding} methods that use a independently rotating secondary mesh on the inside of the primary mesh, +located right next to the primary mesh's axis opening. In this section, we will go into some more detail on four +variations of this solution. In order of increasing complexity, these variations are a simple disc cover, coaxial +labyrinth meshes, offset labyrinth meshes, and interlocking gear meshes. We will demonstrate a functional prototype of +the simple disc cover, present a design and mechanical prototypes of the offset labyrinth meshes, and provide details on +the design of a interlocking gear mesh. + +\subsection{Simple disc cover} + +\todo{Update these graphics with final color scheme, and update caption text here} + +\begin{figure}[h!] + \centering + \includegraphics[width=\textwidth,page=1]{shaft_countermeasures_b.pdf} + \caption[Coaxial disc mesh schema]{\draftgraphics Coaxial disc mesh schema, cross-section and top-down views. The + outer mesh is shown in red, and the inner mesh in blue. The dashed line indicates the two meshes' shared axis of + rotation. The gray areas indicate the shape of the volume that remains undisturbed by the mesh, and that is + available for structural support and cable routing.} + \label{qkd_fig_disc_mesh} +\end{figure} + +In Chapter \todoplaceholder{Provide link to single-board IHSM chapter here}, we have shown how an IHSM that has been +shrunk to a single, disc-shaped PCB is still useful because we can delegate key management functionality to the mesh +monitoring circuit's microcontroller---or a separate processor sitting next to it---on the rotating mesh PCB, yielding a +solution close in both its cryptographic capabilities and its security level to commercial traditional HSMs, and +exceeding those of a smartcard. In the following paragraphs, we will show how we can deploy the same single-board IHSM +(SB-IHSM) as a mitigation for through-axis attacks, exploiting its mechanical shape and its simple, low-cost +implementation. + +By placing an adapted single-board IHSM close to the primary mesh's axis opening as shown in Figure\ +\ref{qkd_fig_disc_mesh}, an attacker is forced to either first circumvent or at least dislodge the single-board IHSM +through the primary mesh's axis opening without disturbing either mesh to gain direct access to the payload behind it, +or to conduct their attack through the keyhole-sized opening in the primary mesh while bending their tool by +approximately \qty{90}{\degree} at least twice, once to avoid the SB-IHSM mesh, and once more to re-orient the tool +towards the payload. The distance between the inside of the primary mesh and the SB-IHSM is limited by the tolerance in +mechanical alignment between the two axes of rotation, by the space necessary for a sufficiently stable mount of the +payload cage to the hollow shaft, and by the minimum bend radius of the power and data wiring that needs to pass through +the shaft. In QKD applications, the fibers' minimum bend radius is the largest contributing factor. Power and electrical +data signals can be supplied through flexible flat cables that can be bent in sharp corners without issue. Optical +fibers on the other hand are limited in their minimum bend radius, as their optical loss rises sharply with decreasing +bend radius\footnote{Note that the issue here is not that the glass core of the fiber would degrade or break, as one +might intuitively assume. Being only a few dozen micrometers in diameter, an optical fiber's core is remarkably +flexible. Instead, the issue is that both multimode as well as singlemode fibers are optical waveguides. Bending them +distorts the electromagnetic field inside the waveguide, and allows some small portion of it to escape from the fiber's +core, leading to loss in the form of both attenuation and dispersion\cite{schermerImprovedBendLoss2007}.}. With QKD +being especially sensitive to even small amounts of loss, care has to be taken to maximize the bend radius of the fiber +optic connections. A common specification of minimum bend radius in telecom singlemode fibers taking into account not +just optical loss but also the mechanical stability of the fiber's polymer coating is $10\times$ the coated fiber's +diameter\cite{fs1M12FSC,ProductPageFiber,CorningSMF28Ultra2024}, which equates to \qty{9}{\milli\meter} for common +\qty{0.9}{\milli\meter} fiber pigtails, corresponding to approximately \qty{1}{\decibel} of loss in the +\qty{1550}{\nano\meter} band\cite{schermerImprovedBendLoss2007}. Based on these specifications and on a conservative +estimate of \qty{2.5}{\milli\meter} for the vertical mesh clearance, we arrive at a minimum inter-mesh spacing of +approximately \qty{11}{\milli\meter} when using minimal overlap between tab heights. + +\begin{figure} + \centering + \subcaptionbox[Helical transition of single fiber]{Single fiber}{\includegraphics[width=.45\textwidth]{\scaledgraphics{helix_transition.png}}} + \hfill + \subcaptionbox[Helical transition of fiber bundle]{Fiber bundle}{\includegraphics[width=.45\textwidth]{\scaledgraphics{helix_bundle.png}}} + \caption[Helically coiling fibers inside the axis tube]{ + The necessary mesh spacing can be reduced by coiling the fibers inside of the axis tube. The coiled fibers enter + the inter-mesh space at an angle equal to the helix lead angle, which reduces the amount of space necessary to + complete the transition to horizontal along a circular arc. In this example, a \qty{6}{\milli\meter} outer + diameter tube with a \qty{0.5}{\milli\meter} wall thickness is shown with 6 fibers with \qty{0.9}{\milli\meter} + outer diameter coiled to a constant bend radius of \qty{9}{\milli\meter}. The lead angle of the resulting helix + is \qty{61.5}{\degree}, and past the tube exit, only \qty{5.16}{\milli\meter} of inter-mesh space are necessary. + \figureattrib{helix_transition.png}} + \label{qkd_fig_fiber_helix} +\end{figure} + +\todoplaceholder{Finish this part. Use the rev 1 SB-IHSM to build a practical prototype.} + +\subsection{Coaxial labyrinth meshes} + +\begin{figure}[h!] + \centering + \includegraphics[width=\textwidth,page=4]{shaft_countermeasures_b.pdf} + \caption[Coaxial labyrinth mesh schema]{\draftgraphics Coaxial labyrinth mesh schema, cross-section and top-down + views.} +\end{figure} + +In QKD applications, the simple disc cover design shown above has two main limitations. First, the distance between the +primary and secondary meshes' tab rings must be large enough to allow for the fibers' minimum bend radius, resulting in +more than \qty{10}{\milli\meter} of space available to an attacker. Second, the attacker only has to bend their tool in +a plane to reach the payload. + +To increase the difficulty of inserting a long and flexible tool through the axis shield, \todo{Axis shield might be a +nice term. Unify terminology for axis/shaft, the shield, the names of the two meshes, and the tabs sticking up from the +meshes. Also what do we call the space in between? Terminology for the sides with offset meshes?} the shape of the +interface layer between the two meshes can be made more complex. Introducing small mesh \emph{tabs} that stick out +into the inter-mesh space from both meshes creates a labyrinth-like structure between the axis opening and the IHSM's +inside. Structural support and cables can easily pass this structure in a series of \qty{90}{\degree} bends, while +inserting a probe avoiding both meshes would not be feasible as the probe would have to perform a series of sharp +bends. The type of manipulator that would be necessary for the placement of a probe in this system is conceptually +similar to snake-like robots used in minimally invasive surgery, but state-of-the-art systems from this area are both +too thick and don't have enough joints to fit even simple labyrinth layouts\cite{ + suhDesignDiscreteBending2017, + schmitzRollingTipFlexibleInstrument2019, + kimAdvancementFlexibleRobot2022, + hongDesignCompensationControl2020}. +For instance, if we assume \qty{3}{\milli\meter} material thickness on the radial bracket connecting the shaft with the +secondary mesh's mounting frame\todo{conceptual drawing here} along with \qty{10}{\milli\meter} of mesh tab overlap, +\qty{1.5}{\milli\meter} of clearance between radial bracket and each of the two meshes, and an inter-mesh spacing from +one tab ring to the next equal to the radial brackets' material thickness of \qty{4}{\milli\meter} plus the clearance +from bracket to mesh, we arrive at a meander \qty{6}{\milli\meter} in width completing four \qty{180}{\degree} turns +within less than \qty{40}{\milli\meter} of radial distance. + +Researching the security of nuclear weapons, \textcite{bellovinPermissiveActionLinks} references a quote characterizing +the tamper security of a Permissive Action Link, a tamper-proof component designed to authorize the use of a nuclar +weapon through a code, as follows. +\todo{Get the actual book from ULB, and properly attribute this quote.} + +\begin{quote} + Bypassinag a PAL should be, as one weapons designer graphically put it, about as complex as performing a + tonsillectomy while entering the patient from the wrong + end. \cite{caldwell1989reducing,bellovinPermissiveActionLinks} +\end{quote} + +With our discussion of surgical robots two paragraphs ago this quote is very on the nose, and it is probably fair to say +that we have made some progress to achieve this standard. While we are not quite there yet, we shall make it our goal to +achieve or even exceed this standard with our work in the following sections. + +\begin{figure} + \centering + \includegraphics[width=.7\textwidth]{\scaledgraphics{wikimedia_Four_Corners_Bank_Vault_cropped.jpg}} + \caption[Photo of a bank vault door]{\camerareadygraphics Photo of a bank vault door at the Four Corners building in + Bowling Green, Ohio, USA. The interface between the door and its frame is stepped all around to discourage would-be + intruders from inserting any sort of tool through the small gap around the closed door. In this instance, because + the door's sill is stepped, too, a small ramp has been placed over the sill so that people going in and out of the + open door don't stumble over the steps.\\ + \imgsource{Wikimedia Commons user Mbrickn}{2019}{CC-BY-SA}{https://commons.wikimedia.org/wiki/File:Four_Corners_Bank_Vault.jpg} + } + \label{qkd_fig_vault_door} +\end{figure} + +While long and narrow tabs are desirable for mesh security as they limit the size and mobility of an attacker's probe, +in QKD application, the need for fiber optic passthrough is the limiting factor. The obvious solution of passing through +the fibers in a series of in-plane S-bends requires a coarse tab spacing due to the fibers' large minimum bend radius. +However, we can apply the approach we proposed above for the shaft entrance here, too, and thread the fibers between the +meshes by helically coiling them, increasing the fibers' bend radius to one half of the distance between both mesh +discs minus the fibers' diameter and clearances\todo{Formulas here and elsewhere, define variables}. When the resulting +useable part of the distance is larger than twice the bend radius, the minimum tab spacing is only limited by the +fiber's diameter and the stability of the star bracket. When the discs are placed closer, and a larger pitch is +necssary, the resulting pitch of the helix determines the minimum tab spacing. + +Designing a labyrinth mesh for intrusion prevention is similar to the design of the shape of the jamb of a safe door +such as the one shown in Figure\ \ref{qkd_fig_vault_door}, or of a high end apartment door. In these, the objective is +to prevent would-be burglars from inserting opening tools through the space between the closed door and its jamb and +attacking the door's interior handle or locking mechanism, not unlike an IHSM's defense against electrical or +electromagnetic probes. The one difference between these doors and what we can do in IHSMs is that these doors are +limited to outwards-facing steps because they must be opened and closed. In IHSM labyrinth meshes, we can use both +outwards-facing and inwards-facing steps. + +Concentric labyrinth meshes allow for a wide range of different configurations. The pitch from one mesh tab to the +next is the sum of the required width of the inter-mesh space and the safety margin needed betwween any cables or the +inter-mesh bracket and the tabs. When the mesh is constructed using rigid PCB tabs that are inserted as-is, without +bending them, and when all tabs have the same width and thickness, the radial width of the swept area decreases from tab +to tab going outwards as shown in Figure\ \ref{qkd_fig_mesh_ring_reduction}. A consequence of this is that when the +design target are constant width inter-mesh spaces, the tabs' pitch decreases going outwards. + +\begin{figure} + \centering + \includegraphics[width=\textwidth]{mesh_ring_reduction.pdf} + \caption[Coaxial labyrinth mesh tab swept area]{\draftgraphics Top-down view of a coaxial labyrinth mesh + with three tabs, with the area swept by each tab highlighted. When rigid, planar tabs of a single width $w$ are + used, the radial width of the swept areas decreases and approaches the tabs' thickness $t$ as their radius $r$ + increases. + } + \label{qkd_fig_mesh_ring_reduction} +\end{figure} + +The safety margin required to avoid collisions between the meshes and the stator\todo{stator is a nice word for the +entire non-rotating part of the assembly. stator/star bracket?} can be kept low for the primary mesh because this mesh +has high-quality bearings on both ends, leading to good axis alignment. In contrast, for the secondary mesh considerable +margins have to be included if the mesh is driven by a cooling fan motor, as the bearings in such fans are not very +precise. With loose bearings, angular axis misalignment can lead to several millimeters of deflection in both the radial +and axial dimensions as illustrated in Figure\ \ref{qkd_fig_mesh_ring_bearing_tolerance}. + +\begin{figure} + \centering + \includegraphics[width=\textwidth]{mesh_ring_bearing_tolerance.pdf} + \caption[Coaxial labyrinth mesh axis alignment tolerance illustration]{\draftgraphics Illustration of the effect of + angular misalignment of the axis of rotation caused by tolerances in motor bearings in a coaxial labyrinth mesh with + two tabs. The area swept by each tab, and its increase due to misalignment are highlighted. The left illustration + shows the ideal and misaligned meshes, and the right illustration superimposes the area increase from the left + illustration on the ideally aligned mesh. This illustration is not to scale.} + \label{qkd_fig_mesh_ring_bearing_tolerance} +\end{figure} + +\subsection{Offset labyrinth meshes} + +\begin{figure}[h!] + \centering + \includegraphics[width=\textwidth,page=2]{shaft_countermeasures_b.pdf} + \caption[Offset labyrinth mesh schema]{\draftgraphics Offset labyrinth mesh schema, cross-section and top-down + views. The two dashed lines indicate the two meshes' offset axes of rotation, shifted in $x$ direction in both + views.} + \label{qkd_fig_offset_lab_schema} +\end{figure} + +Concentric labyrinth meshes improve upon simple disc meshes in security, but they have two remaining weaknesses. One is +that in a concentric labyrinth mesh, the part of the inner mesh at the axis is easily accessible through the opening in +the outer mesh. As the axis of rotation is the most vulnerable spot in a mesh because the tangential velocity of the +mesh is lowest close to the axis, tampering can be made more difficult by placing the axis of rotation of the inner mesh +not concentric with that of the outer mesh, but at a radial \emph{offset}. + +A consequence of placing the axis of the inner mesh at an offset is that the inter-mesh rings formed by the tabs of the +two meshes now no longer form a set of concentric rings, but a set of nested non-concentric annulus shapes whose narrow +and wide sides alternate along the direction of the offset. We will show below how an optical fiber can still be wound +through this complex inter-mesh space without much trouble through a variation of the helical spiral trick from above to +avoid the annular rings' narrow sections. At the same time, the alternating narrow sections of the annular rings make it +more difficult to feed through the type of surgical robot we cited above, whose joints are designed for in-plane +operation for most of the manipulator, starting from the high-flexibility joints close to its end and down the neck. In +this section, we will show a design and a mechanical prototype of an offset labyrinth mesh design that improves on a +concentric labyrinth mesh on both the shielding of the secondary mesh axis and the feasibility of an attack with a +surgical robot without increasing mechanical complexity compared to a concentric design. In addition, we show a fiber +feedthrough that improves on the simple helical feedthrough we introduced above. + +\begin{figure} + \centering + \includegraphics[width=\textwidth]{schema_wire.pdf} + \caption[Offset labyrinth mesh schema with fiber layout]{\figureattrib{schema_wire.svg}} + \label{qkd_fig_offset_lab_fiber} +\end{figure} + +Our offset labyrinth mesh design combines an offset of the secondary mesh's axis of rotation with the labyrinth mesh +approach from the previous section, creating wide and narrow inter-mesh spaces on alternating sides of the offset +direction as shown in in Figure\ \ref{qkd_fig_offset_lab_schema}. Structural support is provided using a CNC machined or +3D printed part, which also serves as a conduit for electrical connections from the shaft to the payload using Flexible +Flat Cable (FFC). While the FFC can easily conform to the offset labyrinth's sharp corners, an optical fiber can not. +Thus, instead of passing it straight through the labyrinth, the payload's fiber optic connections are passed through the +labyrinth in a three-dimensional spiral shape, avoiding the meshes while simultaneously maximizing the fibers' bend +radii. + +To prove the mechanical viability of the offset labyrinth mesh concept, we created a mechanical prototype of one such +mesh. Figure\ \ref{qkd_fig_offset_lab_fiber} shows the dimensions of the meshes' tabs along with the resulting tab rings +and a 2D projection of our chosen fiber layout. The fiber is laid out in such a way that it crosses each tab ring at +opposite sides, and traverses the vertical distance in the larger part of the inter-mesh space. Figures\ +\ref{qkd_fig_lab_mesh_exp_1} and \ref{qkd_fig_lab_mesh_exp_2} show an exploded view of our mechanical prototype from two +perspectives, and Figure\ \ref{qkd_fig_lab_mesh_section} shows a section view. + +\begin{figure} + \centering + \includegraphics[width=\textwidth]{\scaledgraphics{render_exp_1.png}} + \caption[Offset labyrinth mesh assmbly exploded render]{\figureattrib{render_exp_1.png}} + \label{qkd_fig_lab_mesh_exp_1} +\end{figure} + +\begin{figure} + \centering + \includegraphics[width=\textwidth]{\scaledgraphics{render_exp_2.png}} + \caption[Offset labyrinth mesh assmbly exploded render]{\figureattrib{render_exp_2.png}} + \label{qkd_fig_lab_mesh_exp_2} +\end{figure} + +\begin{figure} + \centering + \includegraphics[width=\textwidth]{example-image-10x16.pdf} + \caption[Offset labyrinth mesh assmbly exploded render, section view]{\draftgraphics\\ + Section view of the labyrinth mesh assembly} + \label{qkd_fig_lab_mesh_section} +\end{figure} + +\subsection{Interlocking gear meshes} + +\begin{figure}[h!] + \centering + \includegraphics[width=\textwidth,page=3]{shaft_countermeasures_b.pdf} + \caption[Offset gear labyrinth mesh schema]{\draftgraphics Offset gear labyrinth mesh schema, cross-section and + top-down views. In this example, the axis is shifted by about twice the offset from the previous offset labyrinth + mesh schema in Figure\ \ref{qkd_fig_offset_lab_schema}.} +\end{figure} + +The offset labyrinth design already achieves a high level of security through its complex passthrough shape, but only +small offset distances are feasible since large offsets quickly lead to impractically large mesh sizes. Where the pitch +from one tab ring to the next is roughly constant in concentric labyrinth meshes, and determined only by clearances and +the amount of inter-mesh space necessary for power and data feedthroughs as well as mechanical stability. In offset +meshes, on the other hand, this pitch increases by the offset distance. Even for a small offset this quickly adds up to +an unwieldy total mesh size. + +In this section, we conceptually introduce a solution to this problem that allows for larger offsets using a design +where the two meshes interlock like gears. This does mean that the two meshes' rotation must be synchronized, but it +increases the design space of offset labyrinth meshes. For instance, in a gear setup, the wide sides of the inter-mesh +zones can be aligned to lie on the same side, so fiber passthrough can be realized more easily even without the need to +spiral the fiber around the axes of rotation. + +\subsection{Mesh synchronization} + +For geared meshes to work, both speed and phase of the rotation of the two meshes must be synchronized to a small error. +In this setup, the mesh tabs act like gear teeth. Depending on the ratio between both meshes' tap counts, the two +meshes do not have to rotate at the same rate of rotation and harmonic ratios are possible. Additionally, unlike actual +gears which need to constantly maintain an area of contact, both co-rotating and counter-rotating setups are possible. + +\begin{figure} + \centering + \subcaptionbox[Offset gear labyrinth mesh assembly render]{\figureattrib{render_side_1.png}}{\includegraphics[width=\textwidth]{\scaledgraphics{render_side_1.png}}} + \subcaptionbox[Offset gear labyrinth mesh assembly render]{\figureattrib{render_side_2.png}}{\includegraphics[width=\textwidth]{\scaledgraphics{render_side_2.png}}} + + \caption{ + Renderings of the complete offset labyrinth gear mesh assembly. + } +\end{figure} + +\begin{figure} + \centering + \includegraphics[width=\textwidth]{gear_plan_1.pdf} + \caption[Offset gear mesh assmbly schema]{\figureattrib{gear_plan_1.svg}} +\end{figure} + +\begin{figure} + \centering + \includegraphics[width=\textwidth]{gear_plan_2.pdf} + \caption[Offset gear mesh schedule]{\figureattrib{gear_plan_2.svg}} +\end{figure} + +\section{Outlook} diff --git a/chapter-qkd/chapter.tex b/chapter-qkd/chapter.tex index 3a28245..7011ae1 100644 --- a/chapter-qkd/chapter.tex +++ b/chapter-qkd/chapter.tex @@ -1,334 +1,105 @@ \chaptertitle{Physical Security in Quantum Key Distribution} -\section{Cryptography in the Age of Quantum Computers} +Quantum Computing promises efficient solutions to a number of widely used cryptographic computational problems. As a +countermeasure, new \emph{post-quantum} cryptosystems have been developed that are not susceptible to known quantum or +classical attacks. However, a limitation of these cryptosystems is that they still rely on hardness assumptions that +cannot be proven---and it cannot be ruled out that attacks on these cryptosystems could be found in the future. In fact, +a variant of one of the early contenders for post-quantum cryptography, Supersingular Isogeny Diffie-Hellman Key +Exchange (SIKE) has unexpectedly been broken in 2022~\cite{castryckEfficientKeyRecovery2023}, a decade after its +development, highlighting the risk inherent in these new cryptosystems. -For a decade or two now, Quantum Computing has been creating a buzz that nobody in Computer Science and adjacent fields -could evade. Originating in the 1980ies as a highly academic thought experiment applying ideas from Computer Science in -Quantum Physics, \todo{Add citation on QKD origins} its concepts have long found their way into popular science -articles. Quantum Computing encompasses a model of computation that is fundamentally different from the -\emph{classical}\footnote{ In Quantum Computing, the term \emph{classical} is used as the complement of \emph{quantum}, -and refers to the digital computers we know and (sometimes) love. This terminology stems from the distinction between -classical and quantum physics.} digital circuits that underly all of modern computing. While at first this might seem -like a step backwards into the era of early 1900s analog computing,\todo{Add citation on early analog computing} the -capabilites of a future quantum computer promise to outpace those of any possible classical computer. Key to this -improved processing capability is a property called \emph{Quantum Parallelism}, referring to the fact that inside of a -quantum computer, a single \emph{quantum state} can simultaneously represent a multitude of states of a classical, -digital computer, encoded into a quantum \emph{superposition}. Furthermore, the quantum computer can operate on all -those states at once using a single \emph{quantum gate}. +Quantum Key Distribution (QKD) provides an alternative to key exchange protocols based on cryptographic hardness +assumptions. QKD provides a primitive similar to Diffie-Hellman key exchange, establishing a secret key between two +parties that are only connected through an untrusted channel. In contrast to classical cryptographic protocols, the +security of QKD is based on quantum-physical laws of nature, and assuming a correct technical realization, QKD can +provide information-theoretic security. -The quantum gates of a quantum computer do not correspond directly to classical, digital logic. Applying Quantum -Parallelism to practical problems is more complicated than, simply translating a digital circuit that computes a -solution to a quantum circuit. Nevertheless, for certain problems \emph{quantum algorithms} have already been developed -that for large inputs promise to solve these problems much faster than any classical computer ever could. Two of these -algorithms, one by Shor and one by Grover \todo{Add citations on Shor's and Grover's algorithm} are what caused most of -the buzz around the field of quantum computing because they spell trouble for a large part of modern cryptography. -While neither is a threat under the current state of the art in quantum computing, assuming a sufficiently advanced -quantum computer both algorithms provide solutions to problems that are classically assumed to be \emph{hard} with -vastly improved asymptotical time complexity. +QKD suffers from a severe range limitation stemming from loss in optical fibers. Since QKD relies on the quantum +properties of single photons, QKD signals inherently cannot be amplified. While classical optical networking signals can +be efficiently amplified using optical amplifiers, to a QKD signal such amplification would constitute a measurement, +which destroys the signal's quantum information. As a consequence of this, the range of a QKD link is limited to the +span that can be achieved with a single, uninterrupted fiber at an acceptable loss. In practice, this is commonly in the +range of \qtyrange{100}{200}{\kilo\meter} with key exchange rates falling sharply with longer distance. -Besides the computational speed-up promised by Quantum Parallelism, there is one more interesting aspect of Quantum -Computing where it radically deviates from classical computing. The reason modern cryptography exists is that when we -transmit (or store!) classical information through some channel (or storage!) that we do not control, there is nothing -we can do to prevent an attacker from reading this information. Even with cryptography we cannot prevent this, but -cryptography gives us tools to very effectively make whatever information the attacker is able to read useless to them. +The only technique for range extension that is currently feasible is to \emph{relay} the QKD signal with a +receiver and a transmitter coupled back-to-back. This practical construction however creates another hard challenge: +Since only the QKD system's photonic signal is secured by the systems' quantum security guarantees, such relays must be +physically trusted as they effectively handle secret key bits in plaintext. Achieving this physical security in a +large-scale QKD network is difficult due to the remote location of some relays, the QKD nodes' physical size, and their +power and cooling requirements, and their need for multiple fiber-optic connections to the outside world. In classical +computing, such challenges are often approached using Hardware Security Modules (HSMs) that have tamper sensors that +will destroy the HSM's contents when tampering is detected, but conventional HSM technology cannot be adapted to the +requirements of a QKD system. -A basic principle of Quantum Physics is the \emph{No-Cloning Theorem}, which states that it is impossible to create an -identical, independent copy of an arbitrary, unknown quantum state. \todo{Add citation on No-Cloning Theorem} -An implication of this theorem is that when we encode classical information into quantum states in just the right way, -we can make it so that an attacker attempting to eavesdrop on our quantum information can only decode this information -by destroying the underlying quantum states it in the process, which can be detected statistically. This property can be -exploited to replace a number of classical asymmetric primitives in interactive settings, \todo{Add citation on -substitution, check if interactive only} the most popular application of which is replacing an asymmetric Diffie-Hellman -key exchange \todo{Add citation on DH-Kex} with a quantum process called Quantum Key Distribution (QKD) that yields much -of the same properties. +\begin{figure} + \begin{center} + \includegraphics[width=0.7\textwidth]{fiber_passthrough_mech_model__8290_small_annotations_censored.pdf} + \end{center} + \caption{Photo of our mechanical prototype. + 1 - Bracket connecting payload and shaft with hidden spiral conduit for optical fibers. + 2 - Upper tamper sensing mesh PCB. + 3 - Outer IHSM tamper sensing mesh cage. + 4 - IHSM tamper sensing mesh cage bearing. + 5 - Fiber exiting hollow shaft. + 6 - Lower bracket holding secondary tamper sensing mesh drive motor. + 7 - Cooling fan used as secondary tamper sensing mesh drive motor. + 8 - Secondary tamper sensing mesh PCB shielding bottom of bracket 1. + 9 - Fiber exiting hidden spiral conduit in bracket 1. + 10 - Interleaving tabs sticking out from tamper sensing PCBs, creating a serpentine structure. + Distance from tab end to opposing PCB 2 is \qty{3.4}{\milli\meter} of space in + 11 - Channels for tabs 10 in bracket 1. + \\\textbf{Note: Institutional logo removed from picture for peer review}} + \label{fig_pic_proto_intro} +\end{figure} -In the past decades, the field of cryptography has been fundamentally shaped by the development of Quantum Computing and -Quantum Key Distribution. However, the popular conception that all of today's cryptography will be broken and that we -have to start from scratch is not accurate. Quantum Computing poses an unique threat to modern cryptography, and Quantum -Key Distribution is a promising new tool, but the practical implications of both are much more subtle than how they are -often portrayed. In the remainder of this chapter, we will look into the practical implications of these quantum -technologies, and we will come to two major conclusions: First, that while the underlying cryptographic primitives will -change, apart from some engineering issues cryptography as a whole will remain largely the same. Second, that while -Quantum Key Distribution is hailed as a revolution for network security, its practical advantages will remain far short -of how it is usually conceptualized, and hardware security will assume a pivotal role in the practical security of -Quantum Key Distribution systems. The central role of hardware security in Quantum Key Distribution is a stark departure -from its relative irrelevance in today's applied cryptography. +In this chapter, we present several designs and a mechanical prototype adapting the Inertial Hardware Security Module +(IHSM) concept first proposed by \textcite{gotteCantTouchThis2022} to a QKD relay node. IHSMs replace the tamper sensing +security mesh foil that is wrapped around the payload in conventional HSMs by a tamper-sensing cage made from +conventional circuit board material by spinning this cage at a high speed. On its own, circuit board material provides +lower tamper security than the tamper sensing foils made using bespoke manufacturing processes that are used in +conventional HSMs. IHSMs solve this problem by spinning the tamper sensing cage at high speed while continuously +verifying this rotation using an accelerometer placed on the cage. IHSMs achieve a similar security level to +conventional HSMs using only inexpensive, commodity components and no specialty manufacturing processes. In contrast to +conventional HSMs, IHSMs are a natural fit for the high power and size requirements of a QKD node. However, they suffer +from the problem of how to optically connect the (stationary) QKD relay payload protected inside the IHSM's spinning +tamper sensing cage to the outside world without creating a security vulnerability. While fibers can easily be fed +through the shaft of the spinning cage, an attacker could feed an attack tool through the same opening. In this chapter, +we propose a family of mechanical designs that use a secondary rotating tamper sensing mesh at the entry point of the +shaft to protect a fiber-optical passthrough while observing the fiber's bending radius limitations. Figure\ +\ref{fig_pic_proto_intro} shows a photo of our mechanical prototype. Our prototype would require an attacker to feed an +attack tool around multiple sharp bends, with only \qty{3.4}{\milli\meter} of space available at the narrowest points. +In our prototype, the smallest bend radius encountered by the fiber is \qty{15}{\milli\meter}. We experimentally +measured the optical loss added by our prototype compared to a straight fiber to be below our measurement floor of +\qty{0.25}{\decibel}. -Building on these conclusions, we will end this chapter with a study of a use case that illustrates a practical design -for a secure network employing Quantum Key Distribution. Relying on both established classical and quantum primitives -with known security properties we will elaborate how one can construct a large-scale network from those primitives -that uses IHSMs to provide practical security beyond the---surprisingly limited---extent of quantum security proofs. +This chapter is organized as follows. In Section\ \ref{sec_qkd_fundamentals}, we give an introduction into Quantum Key +Distribution and its practical realization. In Section\ \ref{sec_related_work}, we provide an overview of related +academic work. In Section\ \ref{sec_passthrough}, we introduce three variants of our optical passthrough design that lie +along different points of the security/complexity spectrum. In Section\ \ref{sec_attacks} we discuss attacks on our +design before concluding with an outlook of future research directions in Section\ \ref{sec_outlook}. -\subsection{Computational Assumptions and Information\Hyphdash Theoretic Security} -\label{qc_comp_assum} +\section{QKD Fundamentals} +\label{sec_qkd_fundamentals} -We have briefly mentioned that Quantum Computing promises to eventually provide a significant speed-up that can be -applied to solve many cryptographic problems fast enough for it to become a problem, but we have not elaborated on what -that means in practice. In this section, we will attempt convey a more concrete intuition of the magnitude of the threat -that both Shor's and Grover's algorithm and variants pose to modern cryptography. +In principle, QKD is a specialized form of photonic quantum computing. The underlying approach in QKD is that two +parties exchange quantum states, then perform experiments on these quantum states to produce partially correlated +randomness. This correlated randomness is then refined into identical secrets on both ends by running an error +correction process known as \emph{information reconciliation} using a classical channel for communication. After this +process, an attacker may still possess partial information about the shared secret. To dilute this information, in a +step named privacy amplification, a randomness extractor such as a information-theoretic hash function is used to create +a new, shorter secret over which the attacker possesses effectively no information. -\textcite{shorAlgorithmsQuantumComputation1994, shorPolynomialTimeAlgorithmsPrime1997} introduced several algorithms to -solve problems in polynomial time on a quantum computer that are still believed to be hard on classical computers today. -In the original conference paper and journal article, Shor introduces several algorithms based on a similar fundamental -approach. Depending on context, \emph{Shor's algorithm} usually refers to one of two of these algorithms that solve -integer factorization as used in RSA, and the discrete logarithm problem as used in the Diffie-Hellman key exchange, -respectively. +\subsection{Range in QKD} -While Shor's algorithm attacks the foundations of most modern asymmetric cryptography, Grover's algorithm can be applied -to hash functionss and symmetric cryptography. Fundamentally, Grover's algorithm is a search algorithm that allows a -quantum computer to find one target entry out of an \emph{unstructured} list of $N$ source entries in -$\mathcal{O}\left(\sqrt{N}\right)$ time instead of the $\mathcal{O}\left(N\right)$ time that a classical computer would -require for an exhaustive search. Applied to cryptography, we model the key space of a symmetric cipher as the -unstructured list that is input to the algorithm, and set it to search for the key that results in the successful -decryption of a given ciphtertext. - -An important nuance applying these algorithms to cryptography is that while both provide significant speed-ups over -classical computers, the speed-up of Shor's algorithm is exponential and effectively breaks most modern asymmetric -cryptography as it erases the asymmetric nature of the underlying mathematical problem's computational complexity. That -is, for an asymmetric cryptosystem susceptible to Shor's algorithm, there is no set of parameters that is large enough -to be safe. - -In contrast to this, while Grover's algorithm radically speeds up the breaking of a symmetric cryptosystem, this -speed-up is only quadratic. In practice this means that it halves the security level \todo{definition, citation of -security level} of a given symmetric cipher. While this is bad news for applications that parameterize these symmetric -primitives to a security level at the lower end of what is considered secure today, the advantage provided by Grover's -algorithm can easily be compensated by doubling key size. Longer key sizes require more storage or bandwidth for the -additional bits and result in slightly slower operation of the cipher, but this additional cost is easily manageable -even without any improvement in today's hardware. - -\textcite{impagliazzoPersonalViewAveragecase1995} provided a colloquial but useful analysis characterizing the -implications of which kinds of hard problems are solvable in practice, based on the observation that the fact that an -\emph{average} problem out of a class like $NP$ is solvable does not mean that most, or even many \emph{practical} -problems are solvable. \textcite{impagliazzoPersonalViewAveragecase1995} was published after Shor's algorithm was -discovered, and before Grover's algorithm was published. Impagliazzo foresaw that fast quantum algorithms could threaten -public key security, and their analysis remains relevant facing the outlook of quantum computing today. - -Impagliazzo proposes a set of five scenarios that provide increasingly extensive computational hardness properies, -dubbed \emph{Algorithmica}, \emph{Heuristica}, \emph{Pessiland}, \emph{Minicrypt}, and \emph{Cryptomania}. In -Algorithmica, $P = NP$. In Heuristica, $P \ne NP$, but $NP$ problems are only intractable in the worst case, and -tractable on average. In Pessiland, problems exist that are hard on average, but there are no one-way functions and thus -there is no way to efficiently sample solved instances of hard problems. - -The next scenario, Minicrypt is frequently cited in cryptographic works. In it, one-way functions exist, but there is no -public key cryptography. Minicrypt aligns well with a world in which fast quantum algorithms exist that solve the -computational problems underlying public key cryptosystems. Impagliazzo's last scenario is Cryptomania, which extends -Minicrypt with public key cryptography and aligns with the world view that is commonly assumed in cryptography today. - -In Minicrypt, we assume that all computational problems that are amenable to public key cryptography fall. However, it is -not specified \emph{how} specifically this fall will happen---whether it will be classically, or by quantum -algorithms---leading to two sub-variants of the Minicrypt scenario. The pessimistic sub-variant is one where classical -algorithms solving all those problems are discovered. This scenario leads to identical conclusions to those Impagliazzo -drew. However, if we base our Minicrypt assumption instead on the availability of \emph{quantum } algorithms for these -problems, and thus on quantum computers being both powerful enough and generally available, we end up with an -interesting spin on the original Minicrypt scenario that recently has garnered some academic attention, receiving the -name Mini\textbf{Q}Crypt\cite{griloObliviousTransferMiniQCrypt2021, barootiPublicKeyEncryptionQuantum2023}. In -MiniQCrypt, on one hand, conventional public key cryptography is broken by quantum computers running Shor's algorithm, -but the key observation is that on the other hand, we can then use those quantum computers to do \emph{quantum} -cryptography, re-gaining some of what we have lost. The (im)possibility results for MiniQCrypt are nuanced, and provide -something between the intact conventional public key cryptography in Cryptomania, and the total absence of it in -classical Minicrypt. - -In the discourse on quantum computing and its application to cryptography, it is important to be mindful of which -security notion the authors of some source, or the implementors of some device base their work on. Especially in -academic work, Pessiland assumptions are often implicitly made\cite{ - diamantiPracticalChallengesQuantum2016, - kwekChipbasedQuantumKey2021, - mehicQuantumKeyDistribution2021, - loSecureQuantumKey2014, -}. Here, the speedup provided by Grover's algorithm is considered to make symmetric primitives like hash functions or -symmetric ciphers unusable, leaving only information-theoretically secure cryptographic schemes such as -one time pads available. In this framework, secret key rate becomes paramount because it is assumed that QKD keys will -be used with an information-theoretically secure encryption scheme, requiring an infinite, high-bitrate secret key -stream. -\todo{introduce notions of asymmetric/symmetric ciphers, OTPs before} - -While in academic sources Pessiland assumptions are common, commercial systems usually are based on Minicrypt -assumptions. That is, commercial systems propose QKD as an alternative to classical asymmetric cryptography for -cryptographic key exchange, but then continue to use classical symmetric cryptography for purposes such as key -derivation and secret-key encryption. Using a computationally secure key derivation function such as Argon 2, a small, -fixed amount of precious QKD secret key bits can be expanded into a key of almost unbounded length\footnote{Key -derivation functions have limited output size}. Similarly, a -computationally secure symmetric cipher such as AES can be used to encrypt almost arbitrary amounts of data using a -single, short key\footnote{ - We write that the amount of data that can be encrypted with a computationally secure block cipher is only - \emph{almost} unbounded because the cipher operates on blocks of a fixed, short size and depending on the cipher - mode, in most applications, collisions of two such blocks enable stochastic \emph{Birthday - Attacks}\cite{giraultGeneralizedBirthdayAttack1988}. Usually, for a primitive of block size $n\;\unit{\bit}$, an - amount of $2^\frac{n}{2}$ extracted blocks is used as an upper bound for safe usage. For a cipher using the - currently common block size of \qty{128}{\bit}, this bound lies at \qty{256}{\exa\byte} of - data\cite{bhargavanPracticalSecurity64bit2016,}. -}. - -\subsection{The Practical Security Implications of Quantum Computing} -\label{qc-practical-implications} - -Given that as of yet, noone has claimed to have a quantum computer powerful enough to pose a threat to current -cryptographic protocols\cite{roettelerQuantumResourceEstimates2017}, one may ask the fair question why the possible -future development of such a machine would be consequential for today's cryptographic practice. The answer to this -question lies in \emph{Store-Now-Decrypt-Later} attacks. In such attacks, the attacker records all data transmitted -between a cryptographic protocol's parties. The security of any key exchange protocol rests on a computational hardness -assumption about some particular problem. When this assumption falls, for example because of a powerful quantum computer -becoming available, the attacker can then retroactively break the security of those stored protocol instances and -decrypt all traffic. - -Modern cryptographic protocols such as TLS or the Signal messenger's key ratchet are designed with facilities to provide -some degree of protection against key compromise called \emph{(Perfect) Forward Secrecy}. Forward Secrecy means that a -compromise of keys at one protocol step will not break the secrecy of past protocol steps. Forward Secrecy is achieved -by repeatedly mixing fresh key material called \emph{Ephemeral Keys} into the protocol's secret state. For a -post-quantum attacker, this implies that to decrypt a run of a forward-secret cryptographic protocol, the quantum -algorithm breaking the protocol's computational assumption must be run a number of times, but this results only in a -linear increase of both protocol and attack complexity, which turns out to no advantage for the defender. - -Store-Now-Decrypt-Later attacks are considered a serious threat today based on the stark discrepancy between the -capacity of today's inexpensive storage media, and the comparatively tiny bandwidth of cryptographic protocols in -applications such as End-To-End Encrypted (E2EE) text messaging. A single hard drive can conceivably store years of a -person's encrypted digital communications. - -There has been ongoing work on quantum secure cryptographic algorithms, and standardization of several such algorithms -is progressing. However, in the time frame of cryptosystems, these algorithms are still rather young and the recent -discovery of a catastrophic key recovery attack against the Supersingular Isogeny Diffie-Hellman protocol -(SIDH)\cite{castryckEfficientKeyRecovery2023} illustrates the risk in the use of immature cryptographic primitives. Thus, -recommendations on the concrete steps that should be taken today to mitigate Store-Now-Decrypt-Later attacks vary. For -instance, under its threat model as laid out in \textcite{schmiegGoogleThreatModel2024}, Google recommends a list of -quantum secure counterparts to classically secure cryptographic algorithms, but recognizes the relative immaturity of -these quantum secure algorithms and consequently recommends \emph{Hybrid Deployment}, where a young, quantum secure -algorithm is paired with a mature classically secure algorithm such that \emph{both} algorithms would have to be broken -to compromise the composite protocol's security. Given that quantum secure public key cryptography tends to have both a -much larger key and/or ciphertext size and worse performance compared to state-of-the-art Elliptic Curve-based key -exchange or signature algorithms, pairing it with a classically secure alternative incurs only a negligible overhead in -key storage, network communication and computation costs. - -\todo{research some more policies.} - -\section{The Physics of Quantum Computing} -\todoplaceholder{missing} - -\section{Quantum Key Distribution} - -As we discussed in Section \ref{qc_comp_assum}, Quantum Computers promise novel attacks on many contemporary -cryptographic systems. At the same time, quantum technology also promises new cryptographic primitives that support -security guarantees beyond what can be realized with the best classical computers. The core of this nascent field of -Quantum Cryptography is a set of methods that are collectively called Quantum Key Distribution. - -Informally speaking, a Quantum Key Distribution system is a system that distributes a secret key between two\footnote{ - Although the key distribution problem can conceptually be framed for any number $n\ge 2$ of parties, practical - treatment is almost always limited to the two-party case. In case of QKD, problem instances for $n > 2$ parties can - trivially be reduced to $(n^2 - n)/2$ invocations of the two-party protocol, combined with any - information-theoretically secure secret sharing scheme. -} parties such that after a successful execution of the protocol, each of the two parties holds a copy of a randomly -generated secret key, and the probability that an attacker was able to extract some portion of the key during the -protocol's execution can be bounded to some negligible $\epsilon$ by each of the parties. - -Quantum Key Distribution provides a similar service to cryptographic key exchange protocols such as the classic -Diffie-Hellman key exchange provide. The core difference between QKD and cryptographic key exchange protocols is that -QKD provides information-theoretic security based on the No-Cloning Theorem, where cryptographic protocols provide only -computational security based on the computational hardness assumption underlying some public key cryptosystem. - -QKD is attractive in that it gives practically useful security guarantees without relying on any computational hardness -assumptions. This way, QKD would remain secure even in a scenario where a hybrid deployment of a classically secure but -mature algorithm paired with a quantum secure but young algorithm as discussed in Section -\ref{qc-practical-implications} poses too much of a risk---a scenario where both large quantum computers arrive and a -flaw in the quantum secure algorithm is found. Note that here, because we assume we have large quantum computers, the -possibility of a flaw in the quantum secure algorithm extends beyond mathematical flaws leading to practical attacks -with classical computers, and includes novel quantum algorithms. - -\subsection{Security assumptions in QKD} - -While QKD protocols provide information-theoretic security, part of these protocols is always an authenticated channel -that is used by the protocol's parties to exchange information necessary to align both parties' quantum measurements so -that they can reconstruct the same secret key bit stream\cite{loSecureQuantumKey2014}. In the security model of QKD, -this authenticated channel does some heavy lifting. While the QKD protocol provides key exchange--an asymmetric -primitive--based on this authenticated channel--which in its most simple implementation requires only symmetric -primitives, an implementation of QKD using symmetric primitives such as HMAC or CMAC for the authenticated channel would -not achieve information-theoretic security. To achieve information-theoretic security, the authenticated channel itself -must use an information-theoretically secure authentication method. The issue with that is that -information-theoretically secure authentication methods are (provably)\todo{citation on ``provably''} rather inefficient -in their key use. While symmetric MACs can use a single, short key for a very long time, information-theoretically -secure MACs need a continuous stream of fresh key bits. - -In QKD, the authenticated channel can be bootstrapped by taking these MAC key bits from the QKD channel itself. The -disadvantage of doing that is that it consumes a fraction of the system's precious secure key rate. As a consequence, at -this point there is ongoing research\todo{citations on ongoing research} on both systems based on symmetric MACs and -systems using information-theoretically secure MACs, with commercial systems often choosing the -latter\cite{bibakQuantumKeyDistribution2021} owing to the low secret key rates that are the state of the art. -\todo{Finish this section} - -\subsection{The Technical Implementation of QKD} - -On the technical level, QKD must be distinguished from general Quantum Computing. While QKD systems employ the -No-Cloning Theorem and sometimes quantum entanglement in their operation, the scope of their quantum operations is very -limited. QKD systems always operate on photons, while general quantum computers use a variety of physical -implementations for their qubits that include photons and squeezed light, but extend over atom nuclei, trapped ions, -various aspects of currents in superconducters as well as phonons\cite{berriosHighFidelityQuantum2012}. - -\todoplaceholder{Add concrete description of at least one QKD protocol (BB84?)} - -\subsection{Practical Challenges} - -The central challenge in general quantum computers is extending the lifetime of the quantum state encoding a qubit. -Quantum states are extremely sensitive to disturbances, and despite the best efforts to shield them against external -influence, their lifetime is still inconveniently short compared to the timescales required for quantum computation, -resulting in significant amounts of noise in the output of quantum algorithms run on contemporary quantum -computers\cite{yetisInvestigationNoiseEffects2021}. Quantum Key Distribution systems use photons and only perform a -handful of operations on each photonic state between generation and measurement, with the vast majority of the state's -lifetime spent in transit between the two endpoints of the QKD protocol. - -While QKD systems are easy to build and operationally robust compared to general quantum computers, at their core they -still exchange information through quantum states that physically need to transit the distance from one endpoint to the -other. For classical computer networks, bridging distances of hundreds or thousands of kilometers is no big challenge. -Using appropriate high-power transceivers, a single, \emph{unrepeatered} span of an optical link can bridge hundreds of -kilometers while simultaneously achieving data rates of several terabits per second. Longer ranges are regularly -achieved through the use of (analog!) optical amplifiers, with recent \emph{repeatered} systems approaching the petabit -per second boundary -\footnote{ - cf.\ this encyclopedic entry \cite{JUNOSubmarineNetworks}, press releases by participating companies - \cite{NECBuildNew, NewCompanyBuilds}. -}. These classical optical systems operate at hundreds of milliwatts of optical power, a limit resulting from nonlinear -effects in the optical fibers used, power limitations of optical amplifiers, and limitations in power delivery to these -amplifiers. - -In contrast, QKD systems operate on signals that are weaker by several orders of magnitude. While classical optical -signals use millions of photons per bit, the quantum states at the core of QKD systems must necessarily be ``weak''. A -single quantum state in the fiber on average should consist of approximately a single photon. If the system's quantum -states consisted of more than one photon carrying the same information, this would enable a \emph{Photon Number -Splitting Attack}, in which an attacker extracts one of the state's photons for later analysis, and forwards the -remaining photons to the receiver\cite{loSecureQuantumKey2014}. The attacker can then later measure the captured photons -to extract the same information that the receiver measured. In practical QKD setups, attenuated pulsed lasers are often -used, as there are no practical single-photon sources. The laser and its attenuator are tuned such that the average -photon count of a pulse is in the order of $0.1$ \cite{loSecureQuantumKey2014}. For such setups, mitigations exist that -prevent photon number splitting attacks\cite{wangBeatingPhotonNumberSplittingAttack2005}. However, while these -mitigations patch this security weakness for weak, attenuated pulsed lasers, they still do not allow for higher transmit -power. - -The practical implication of this is that the optical brightness of a QKD system is directly proportional to the rate at -which the system can prepare, and later measure the individual quantum states. The primary limitation is the speed and -recovery time of the single-photon detector. In contrast to e.g.\ a simple photodiode that (mostly) linearly converts -incident photons into electron flow, SPDs are designed to provide a large intrinsic gain. This improves their bandwidth -as each photon's pulse must charge the detector's own parasitic capacitance as well as that of any wiring between it and -the frontend preamplifier, but in many detector designs this intrinsic amplification process is also the origin of a -long recovery time that limit's the detector's possible repetition rate. With today's electronics, repetition rates up -to a few \unit{\GHz} are feasible\cite{grunenfelderFastSinglephotonDetectors2023}. Alas, the brightness limit interacts -poorly with the reality of optical communication, especially through fibers. Even modern, high-quality fiber-optic -cables have attenuation in the order of \qty{0.2}{\dB\per\km}\cite{chesnoyUnderseaFiberCommunication2015}, which -corresponds to roughly half of the signal being lost every \qty{15}{\km}. In classical optical networks, this can be -compensated by increasing transmit power--i.e. packing more photons into each bit--or by optically amplifying the signal -partway through the fiber. cIn QKD systems however, the signal's quantum states cannot be amplified both out of a -concern of photon number splitting attacks and because of decoherence\footnote{ - Note that this impossibility is not a consequence of the No-Cloning Theorem. The No-Cloning Theorem only asserts - that it is impossible to create a second, \emph{independent} copy of an arbitrary quantum state, which can then - independently be measured without disturbing the original state. Despite this, a hypothetical ``quantum amplifier'' - could increase the quantum state's photon number, adding entangled photons that share the original quantum state. - Alas, doing this would not gain us much in a QKD system because an interaction of any of the quantum state's photons - with the fiber---that is, the same loss as before---would disturb the entire entangled state. -}, and thus the system's bit rate decreases exponentially with distance due to attenuation. Some QKD systems can reach -ranges of several hundred kilometers, but the resulting payload data rate---usually called \emph{secret key rate}---of -these long distance systems is measured in kilobits per second. An interesting observation from theoretical work on -quantum key distribution algorithms is that not only is this exponential rate decay a fundamental limit for a given QKD -implementation, but it is even possible to determine a protocol-independent upper bound for a noiseless, lossy optical -channel's secret key rate. This upper bound shows the same exponentail decay and, notably, is independent of the optical -power, which is directly proportional to the repetition rate of the QKD protocol's measurements. Modulo some small, -constant factor, this upper bound cannot be circumvented with any amount of protocol engineering, or source or detector -improvements\cite{takeokaFundamentalRatelossTradeoff2014}. +Regardless of the particular QKD protocol used, common to all QKD protocols, quantum states must be exchanged between +parties. While quantum computers are built from a wide variety of quantum states from trapped ions through +superconducting states up to spin states, all QKD protocols are based on photonic states since they are the only ones +that can easily be transferred across long distances through optical fiber. Even so, QKD protocols face a steep +trade-off between speed of key generation---called \emph{secret key rate}---and distance since quantum states cannot be +amplified. In literature on long-range QKD, secret key rates as low as $10$ milli-bits per second are routinely +published~\cite{wangTwinfieldQuantumKey2022} since they already promise a benefit in a hypothetical scenario in which +symmetric cryptography cannot yet be efficiently attacked using Grover's algorithm, but all asymmetric cryptography has +fallen to quantum algorithms like variants of Shor's algorithm. \subsection{Loss in optical fibers} @@ -337,268 +108,163 @@ are collectively referred to as \emph{loss}. We can coarsely classify these degr \emph{decoherence}, and \emph{attenuation}. Decoherence effects result in the quantum state being changed in transit, which depending on the QKD implementation may mean destroying information contained within the state such as by disturbing the pulse's polarization, or destruction of entanglement between the in-flight state and another local state. -In contrast, attenuation means the quantum state is not ever leaving the channel. - -In practice, attenuation is the primary factor limiting the length of an individual fiber run in QKD. Even modern, -ultra-low loss optical fiber has an attenuation in the order of \qty{0.15}{\decibel\per\kilo\meter}, resulting in a loss -of half the signal's power, equivalent to half of all QKD pulses, in just \qty{20}{\kilo\meter}. For longer reaches, -these losses ar multiplicative, so after only \qty{200}{\kilo\meter} only one in a thousand single-photon pulses entering -the fiber will exit it at the other end \cite{chesnoyUnderseaFiberCommunication2015}. Decoherence effects are less relevant for the distance limitation, and mostly limit which fiber-optic technologies can be utilized in the first place. Due to decoherence, QKD systems usually use Single-Mode (SM) fiber over Multi-Mode (MM) -fiber\cite{amitonovaQuantumKeyEstablishment2020}, and decoherence makes it more difficult to utilize Wavelength Division -Multiplexing (xWDM) to send multiple either quantum or classical optical signals through a single fiber.\todo{is this -right?} +fiber~\cite{amitonovaQuantumKeyEstablishment2020}, and decoherence makes it more difficult to utilize Wavelength Division +Multiplexing (xWDM) to send multiple either quantum or classical optical signals through a single fiber. -Attenuation in optical fibers has a number of origins. The main factor is scattering of photons on the fiber core, with -absorbtion due to interactions between photons and the fiber core's molecular structure or embedded contaminants only -playing a minor role. The primary component of scattering is fluctuations in the fiber core's molecular structure, with -scattering on phonons (Brillouin scattering) or photons (Raman scattering) only adding a samll amount of -loss\cite{wandelAttenuationSilicabasedOptical2006}. - -Like attenuation, decoherence can also result from a number of different mechanisms. Two optically \emph{linear} -mechanisms, i.e.\ ones that do not depend on incident signal power, are chromatic dispersion and polarization mode -dispersion (PMD). PMD disturbs the signal's polarization. PMD strongly depends on wavelength and is highly sensitive to -environmental factors such as temperature or vibration \cite{brodskyPolarizationModeDispersion2006}. QKD systems -frequently use polarization-based encodings, which are sensitive to PMD. PMD is usually mitigated by continuously -measuring the fiber's end-to-end PMD, and adjusting a polarization controller placed -in-line\cite{wangLongdistanceCopropagationQuantum2017, ImpactPolarizationMode, -agnesiAllfiberSelfcompensatingPolarization2019} with the fiber to cancel out the fiber's PMD. - -Chromatic dispersion arises from the fiber's materials' refractive index not being perfectly constant across -the spectral bandwidth of the optical signal, leading some frequency components of the signal to traverse the fiber -faster than others, resulting in pulses being spread out as they continue along the fiber. Chromatic dispersion is a -concern in some long-distance QKD systems that need to operate at a timing precision down to a few dozen picoseconds, -but like PMD it can be compensated at the endpoint \cite{neumannExperimentallyOptimizingQKD2021, -kiselevAnalysisChromaticDispersion2020}. - -Besided linear Brillouin and Raman Scattering, nonlinear effects such as the AC Kerr Effect, Stimulated Raman Scattering -as well as Stimulated Brillouin Scattering can produce intermodulation and crosstalk when a quantum optical signal is -sent through the same fiber as another, much brighter classical optical signal. These nonlinear effects are relevant for -QKD systems that either send a reference clock through the same fiber as the QKD pulses, or that aim for coexistence -between QKD pulses and classical optical networking on the same fiber, for instance in an in xWDM -setup\cite{choiQuantumKeyDistribution2010, grunenfelderLimitsMultiplexingQuantum2021}. - -In the AC Kerr effect, a strong optical signal influences the refractive index of the fiber core, which modulates other -signals propagating through the same fiber. Stimualated Brillouin Scattering arises when a high-power incident signal -causes the emission of phonons inside the fiber core, which then act as a source of Brillouin scattering. Stimulated -Raman Scattering is a similar effect based on Raman scattering\cite{chesnoyUnderseaFiberCommunication2015}. When a fiber -is shared between weak QKD and bright classical signals, both Brillouin and Raman scattering introduce noise in the QKD -channel as photons from the classical signal change their wavelength, and might end up inside the QKD channel's -bandwidth\cite{choiQuantumKeyDistribution2010}. - -\todo{Some detail on CV-QKD} +In practice, attenuation is the primary factor limiting the length of an individual fiber run in QKD. Even modern, +ultra-low loss optical fiber has an attenuation in the order of \qty{0.15}{\decibel\per\kilo\meter}, resulting in a loss +of half the signal's power, equivalent to half of all QKD pulses, in just \qty{20}{\kilo\meter}. Since these losses +compound exponentially with longer reach, after only \qty{200}{\kilo\meter} only one in a thousand photons entering the +fiber will exit it at the other end~\cite{chesnoyUnderseaFiberCommunication2015}. \subsection{Relaying} -\todo{(one?) term of the art seems to be "repeater"} -We cannot use conventional optical amplifiers to extend the range of a single continuous QKD link lest we destroy the -signal or we might enable attacks. What remains as ways to extend the range of a QKD link are \emph{relaying} methods, -where one QKD link is terminated at a relay station partway to its destination, and another is started, with the relay -proxying information between the two. We can separate relay implementations into two broad categories. +A consequence of this range limitation is that at useful bit rates, QKD links can only be realized up to distances in +the order of \qty{200}{\kilo\meter}. There are some QKD protocols that can be used to effectively double the range of a +QKD link by placing an untrusted node in the middle of the link, but further extension would require either a trusted +relay or a complex relay operating on the quantum states. As of now, such quantum relays are not practical leaving only +the trusted relay route for achieving useful secret key rates across distances longer than a few hundred kilometers. -\begin{description} - \item[Classical relays] encompass the trivial implementation of a relay, where the QKD link is formed by simply - stitching two QKD links together by connecting one link's receiver to the other link's transmitter. The key - characteristic of classical relays is that inside the relay, the link's cryptographic payload information is - handled in its classical plaintext form. Classical relays are practically feasible, but because they must handle - the payload in plaintext form, they are security-critical. +If we imagine a continental-scale network of QKD systems with fibers spanning tens of thousands of kilometers, it is +easy to see why the physical security of its relay nodes is such a concern in QKD setups. Such a network would need +between hundreds and throusands of relay nodes. Making things worse, these relay nodes would have to be spread evenly +across thousands of kilometers of optical links, with many ending up in isolated places in the field, away from +datacenters and other well-protected technical infrastructure. Since the compromise of any one QKD relay could be enough +for an attacker to carry out an on-path attack, protecting thousands of small relay installations located in equipment +sheds spread across sparsely populated areas against adversaries with advanced physical attack capabilites becomes a +daunting task. Effectively, each quantum relay has to be made into a hardware security module including advanced active +tamper sensing. - \item[Quantum relays] are relays that forward the QKD payload information from one link to the other in the quantum - realm, without translating it to classical information and back. QKD relays are currently not practically - feasible, but if they become available in the future, they would allow range extension without compromising the - QKD link's security as the same tamper-detecting properties that the QKD links provide can be extended to cover - the quantum forwarding process inside the relay. -\end{description} +\section{Related Work} +\label{sec_related_work} -For practical purposes, classical relays are the only relevant option. A long-range QKD system employing classical -relays would be able to cover arbitrary distances, trading off reliance upon physical security of the trusted relay -stations. Academic work on QKD recognizes this limitation, but few proposals to its solution have been put forth. +\subsection{Long-range QKD} -\subsection{Range extension in Measurement Device Independent (MDI)-QKD} +\textcite{caoEvolutionQuantumKey2022} give a comprehensive overview of large-scale QKD networking. +\textcite{lellaSecurityQuantumKey2023} analyze security threats in quantum key distribution networks and point out that +achieving the information-theoretic security that QKD is often cited for providing is difficult to achieve in practice +since currently, protocols based on cryptographic computational hardness assumptions cannot be avoided in a practical +implementation. \textcite{yangQuantumKeyDistribution2018} approach key routing in a hypothetical quantum key +distribution network and provide a solution based on measurements of each node's local secret key buffer. -One technology closest to a solution on the trusted relay issue is Measurement Device Independent (MDI)-QKD. Broadly -speaking, in an MDI-QKD system two QKD endpoints are connected through exactly one relay (or router). The key idea of -MDI-QKD is to move all trusted components of the protocol out of this central relay, and into the trusted nodes at both -ends of the link. Instead of directly measuring the photons sent by both endpoints, the relay node has them interfere -and measures the result of this interference. This measurement result does not allow the relay to draw any conclusions -on the individual qubits that the endpoints exchange, but when the relay communicates these measurements to the -endpoints, the endpoints can reconstruct their shared secret key bits. Although in MDI-QKD the relay node still performs -quantum measurements and participates in the overall QKD protocol, the protocol guarantees that even a malicious relay -cannot learn anything about the exchanged keys from its limited vantage point. +\textcite{caoHybridTrustedUntrusted2021} discuss hybrid QKD networks that employ both physically trusted and untrusted +nodes by applying a technique such as Measurement-Device Independent QKD (MDI-QKD) that enables one end of the QKD link +to be untrusted. MDI-QKD can effectively double the reach of a trusted QKD link by placing an untrusted relay node in +the middle. They present a precise problem formulation and introduce an algorithm for the optimization of deployment +cost of a hybrid QKD network. -MDI-QKD effectively doubles the range of a QKD system. Unfortunately, the approach from MDI-QKD cannot be adapted to -multiple chained relays, and thus it is mostly interesting for hub and spoke-style quantum network topologies. In a -relay-assisted long-range QKD system, MDI-QKD could only be used to eliminate trust in half of the relays, which in the -grand scheme of things does not reduce attack surface by much. +\subsection{Customizable tamper sensing HSMs} -\todo{Mention entanglement swapping range extension} +\textcite{immlerSecurePhysicalEnclosures2018} introduce a HSM concept that utilizes a tamper-sensing mesh made from a +lithographically patterned metallized polyimide foil. They pattern a grid of fine capacitive electrodes onto the foil, +and demonstrate a simple multi-channel readout circuit that is capable of distinguishing changes in capacitance between +electrodes down to the femto-Farad range. In contrast to conventional HSMs that require a continuous power supply to +their tamper-sensing subsystem, their design introduces sufficient measurement fidelity that the tamper-sensing mesh +foil can be viewed as a Physically Uncloneable Function (PUF) by demonstrating stability and statistical properties of +its PUF response. -\section{Quantum Networking} +Later publications on their design expand upon the concept, but fundamentally, their design is limited in size by +manufacturing limitations in the size of its tamper-sensing foil, as well as the poor scalability of the designs +frontend architecture, which requires a separate charge amplifier for each electrode +pair~\cite{ + garbFORTRESSFORtifiedTamperResistant2021, + garbWiretapChannelCapacitive2022, + garbTamperSensitiveDesignPUFBased, + obermaierMeasurementSystemCapacitive2018}. +Applying their approach to a QKD relay would be difficult as it would require not just miniaturizing the QKD relay to +the size of a smartphone, but it would also require the development of a secure fiber passthrough specific to their +design and other systems using a folded tamper-sensing mesh foil. Conventionally, electrical pass-throughs in such foils +are made by folding the mesh and a Flat Flexible Cable (FFC) multiple times. Due to their required beding radius, +alternative solutions would have to be found for a fiber-optic pass-through. -So far we have focused on the range limitation of a single QKD link with classical relays as the only practical solution -at this point in time. Quantum Networks naturally follow from a relay-assisted QKD link, if we consider a type of -``relay'' that is connected to more than two links. Just like switches and routers can be meshed to construct complex -topologies in classical wide-area networks (WANs), such multi-fanout relays, or \emph{routers} can be used to provide -QKD services over complex network topologies. +\subsection{Inertial Hardware Security Modules} -There exists a large corpus of academic research on the theory of such large-scale QKD networks ranging from the -technical implementation of management protocols to specialized QKD systems for QKD networks that improve on standard -two-party QKD in areas such as complexity or performance. \todo{lots of citations here} -In the past decades, a number of proof-of-concept QKD networks have been put into practice. None of these systems -provide any practical utility yet, and their raison d'ĂȘtre lies in the political realm more than it arises out of -technical necessity considering that any of today's city-scale demonstrations can easily be simulated more compactly in -a lab using a few spools of fiber as a near-perfect stand-in for long-range fiber links. +As of now, QKD nodes are large, rack-mount devices. While miniaturization is ongoing, the processing requirements of +such systems alone exceed the capabilities of conventional HSMs. With a conventional HSM, protecting an entire QKD relay +consisting of two link endpoints and their associated processing systems would be infeasible due to their size and power +dissipation. -Many of the technical challenges in the deployment of QKD networks coincide with similar technical challenges in -classical packet-switched networks. An unique challenge to QKD networks is how their routing problem is different to the -one in classical computer networks. In a classical network, each link has a known, fixed capacity. A router decides -which packet to send through which link, and when the rate of incoming packets momentarily exceeds the capacity of the -outgoing links, packets must either be dropped, or put into a growing queue. QKD networks are different in that -information is not exchanged through the network, but instead the network \emph{generates} information in the form of -secret key material. The measurement of individual pulses that underly key generation conform to a stochastic process, -but amortized across the large time spans required for the subsequent selection and privacy amplification steps that -converts these raw measurements into usable secret key bits, key generation rate is constant. Each node of a QKD network -thus accumulates secret key bits for each of its links, storing them for later use. The routing problem in this scenario -revolves around managing the levels of these key stores to avoid depletion. +One of the core challenges in the design of active tamper sensors for HSMs is protecting the device against drilling +attacks. In a drilling attack, an attacker accesses internal circuitry of the HSM by drilling a hole, allowing a probe +to pass through. In HSMs, drilling attacks are commonly monitored by enveloping the payload in a security mesh, i.e.\ a +foil covered with intentionally fragile conductive traces. The idea is that drilling into the device from any angle will +damage the conductive traces on this foil, which can easily be electrically detected by the payload, allowing it to +destroy all secrets before any probe can reach it. -\section{Securing QKD Networks with Inertial HSMs} +In practice, manufacturing this conductive foil is difficult. Standard flexible circuit processes such as +lithographic polyimide/copper Flexible Printed Circuits (FPCs) are sometimes used, but their security is limited since +they are easy to manipulate using standard Printed Circuit Board (PCB) rework techniques. More exotic processes +industrially used for low-cost keyboard and key pad production using screen-printed silver or carbon conductive inks on +a polyester substrate are also used, but are limited by a coarse structure size. -As we discussed above, when it comes down to practical, end-to-end security properties, Quantum Key Distribution -removes trust in the hardness of particular mathematical problems (good!), but increases trust in the physical -integrity of the transceivers of the QKD link (bad!). In scenarios where the communicating parties are all located -within physical proximity---in QKD, meaning within at most a few hundred kilometers from each other depending on secret -key rate requirements---this added trust is of no consequence because the communcating parties' hardware must be trusted -in either QKD-assisted or purely classical setups. However, this trust requirement becomes a burden as soon as at least -one party is too far away or when higher secret key rates are required, as now physically trusted relays become necessary. +The area of foil-based security meshes is primarily limited by the difficulty of manufacturing large foils without +defects. Not only does total defect rate rise with area, commercial PCB or FPC manufacturing processes have a panel size +usually in the order of \qtyrange{500}{800}{\milli\meter} side length that cannot be exceeded. -Extrapolating to practical deployments, we can make two predictions. First, as QKD only solves key distribution, but the -actual data transfer still happens through normal off-the-shelf telecommunications components in QKD networks, there is -no reason for a practical QKD setup to \emph{not} also use classical cryptography as an additional layer for defense in -depth, -\todo{citation on defense in depth, and on this hybrid scenario} -meaning the QKD setup will at worst degrade to the same security a purely classical system would provide, never less. +In contrast to conventional HSMs using mesh foils, IHSMs approach envelope tamper sensing by encasing the payload in a +mesh cage made from low-cost PCBs, then rotating this cage at high speed to simultaneously cover all angles, and prevent +manipulation of the mesh. To prevent an attacker from slowing down the rotating mesh cage, an accelerometer is placed on +the rotating mesh that monitors rotation by measuring centrifugal acceleration. -The second prediction we can make is that any practical QKD network will have to use trusted relays to bridge large -distances. While in certain specialized applications such as the proposed financial QKD network in Switzerland -\todo{citation on swiss deployment} smaller, isolated networks are conceivable, in every telecommunication system from -the telegraph through the telephone system and up to the internet it has been shown conclusively that considering -utility, a global, interconnected network is greater than the sum of its parts\footnote{In fact, history repeats, and -the enthusiasm that Quantum Key Distribution networks have kindled parallels the one that the first trans-atlantic -telegraph cables brought forth as described by \textcite{mullerWiringWorldSocial2016}. Both parallel not just in the -extensive promises attributed to their respective technologies, but also in the facade of technological determinism that -in both cases hides a number of social and political motivations.}\cite{mullerWiringWorldSocial2016}. \todo{at least one -more citation on historic networks} +The main issue in IHSM construction is the construction of the pass-through providing electrical connections between the +payload and the outside world. In conventional HSMs that use tamper sensing mesh foils, this passthrough is realized by +folding the mesh foil and a Flexible Flat Cable (FFC) in several layers such that there is no straight path that +a probe could be inserted through. In IHSMs, electrical connections are passed through a hollow shaft on one end of the +mesh cage. Similar to the serpentine folds between mesh foil and FFC in conventional HSMs, in IHSMs complex geometry can +be realized by placing a secondary rotating mesh on the inside of the primary mesh, covering the point where the shaft +goes through the primary mesh. -In this section, we will outline a solution that provides practical, end-to-end security in large-scale QKD networks by -delegating the hardware trust issue of QKD relays to Inertial Hardware Security Modules. The primary design challenges -we will address are the systems' overall envelope design, optical passthroughs, and matching the cryptographic -assumptions behind the IHSM's heartbeat and alarm subsystem to those of the QKD application. +Where in conventional HSMs covering larger areas with a patchwork of smaller mesh foils creates the difficulty of +creating secure seams between the foils, in IHSMs, multiple PCB meshes can easily be joint into a larger mesh by simply +overlapping them, since the mesh's rotation makes any attack on such a joint exceedingly difficult. -\subsection{The anatomy of a QKD node} +\section{Multi-fiber passthrough with active secondary mesh} +\label{sec_passthrough} -With the exception of special cases such as the middle node in a MDI-QKD system, a general QKD relay contains the same -components that the endpoint of a QKD connection uses. Only in a QKD relay, two transceivers are connected back-to-back -to one another. QKD provides physical security for the photons traversing the fiber that forms the system's channel, and -the security envelope of the system begins where this fiber is terminated in the power splitters, single-photon -detectors, lasers, and interferometers of the QKD transmitter and receiver. To process the raw measurements of the QKD -system into a usable stream of secret key bits, in addition to these components implementing the physics of the QKD -system, a classical computer is needed. On top of the remote monitoring and management tasks that any piece of -networking equipment is expected to perform nowadays, this computer is tasked with the information reconciliation and -privacy amplification that form the information-theoretic part of the QKD system. Since this computer must necessarily -handle secret key bits in their plain text form, it, too, must be inside the relay node's physical protection envelope. +Since IHSMs are particularly suited to large payloads, fitting the components of a QKD node inside one is +straightforward. However, QKD links have one unique requirement: Many systems require several physical fibers for each +QKD link. Often, in addition to a fiber for classical communication, one fiber is needed to transmit a reference clock +to the other end of the link, and another fiber is needed for the quantum channel. With a QKD relay needing at least two +links, this results in at least five fibers assuming all classical networking can be multiplexed on a single fiber. -\subsection{Physical requirements of QKD transceivers} +Fiber pigtails have an outer diameter of usually about \qty{1}{\milli\meter}, so this amount of fibers can be fed +through an IHSM's axis of rotation without increasing its shaft diameter and reducing its security. The mechanical +challenge in such a multi-fiber signal and data feedthrough is to observe the fiber's minimum bending radius, which for +common fibers is usually in the range of +\qtyrange{5}{15}{\milli\meter}~\cite{fs1M12FSC,ProductPageFiber,CorningSMF28Ultra2024}. -Putting a QKD relay node and associated machinery inside of an IHSM, we first need to answer two key questions. First, -\emph{will it fit?}, and second, \emph{Can we hook it up?}. In the following paragraphs, we will go through several -aspects of these general questions one by one. +\subsection{Multi-fiber passthrough design} -\paragraph{Physical dimensions.} -At this point, a number of commercial systems promising QKD exist. Common QKD protocols do not require any particularly -large or power-hungry components, and so commercial systems have generally adopted the 19 Inch rackmount enclosure -standard that is common to modern telecommunications equipment, with a width of $\approx\qty{50}{\centi\meter}$, a -height between $\approx\qtyrange{4}{30}{\centi\meter}$ and a depth below $\approx\qty{100}{\centi\meter}$.\todo{Re-check -these numbers shortly before submission} While something of this size would be infeasible to protect with the security -mesh of a traditional hardware security module, placed vertically, even without modifications any of these systems are -well within an envelope that can be protected with a single IHSM cage. - -\paragraph{Power supply.} -QKD systems do not contain any particularly power-hungry components. Unlike quantum computers, most of the signal path -is optical, and as such can be implemented with room-temperature fiber-optic components. Only the single-photon -detectors may require cooling in some systems, but unlike something like an ion trap quantum computer's processor, -energy-intensive deep cryogenic cooling is not necessary. Most manufacturers don't quote the power requirements of their -systems, but we were able to find that IDQuantique specifies their QKD systems to be able to run off a single -\qty{300}{\watt} power supply\cite{ClavisXGQKD2024}. In an inertial HSM, power up to several \unit{\kilo\watt} can -easily be transferred to the payload with through-axis cables. - -\paragraph{Cooling.} -While the few hundred Watt of power that QKD systems require could easily be transported through the mesh of a a -traditional HSM as well, cooling that amount of thermal load purely by heat conduction through centimeters of epoxy -resin would make implementation infeasible in traditional HSM. In an IHSM on the other hand, up to several -\unit{\kilo\watt} can easily be dissipated through forced-air cooling since the rotating security mesh can have an -arbitrary amount of longitudinal openings. - -\paragraph{Data and signals.} -A QKD transceiver has a number of ports in addition the port for the fiber optic quantum channel. Depending on the -system, one or more additional optical links may be necessary for clock distribution, allowing both endpoints to tune -their lasers into precise alignment. QKD protocols require a classical link used for information reconciliation, which -along with the key stream output and management links requires one or more classical network ports. - -In a QKD relay node, the key stream never leaves the security envelope. The management and information reconciliation -links can be combined into a single, classical network link, requiring a single fiber when using a standard wavelength -division multiplexing transceiver. The QKD link's clock channel and the quantum channel require a dedicated fiber each, -adding up to a total of five fibers for a QKD relay. Since fiber pigtails have an outer diameter of usually about -\qty{1}{\milli\meter}, this amount of fibers can be fed through an IHSM's axis of rotation. The mechanical challenge in -such a multi-fiber signal and data feedthrough is to observe the fiber's minimum bending radius, which for common fibers -is usually in the range of \qtyrange{5}{15}{\milli\meter}\cite{fs1M12FSC,ProductPageFiber,CorningSMF28Ultra2024}. - -Concluding the above paragraphs, a QKD node is not a particularly challenging payload for an IHSM. The most problematic -requirement is feeding through a number of fibers for its various input and output signals, but fundamentally it is no -different from any server or other piece of IT equipment. In the following section, we will present a design that -provides a combined power and multi-fiber passthrough that is sufficient for QKD applications before concluding with an -analysis of post-quantum heartbeat signal security. -% FIXME stuff on heartbeat - -\subsection{Multi-fiber passthrough with active secondary mesh} - -The primary weak spot of a simple IHSM is its axis of rotation. While the stationary axis allows for wired data and -power connections to penetrate the mesh, it also provides an easy target for an attacker who wants to insert some sort -of physical probe into the IHSM's security envelope. While to a certain extent this attack vector can be made more -difficult though simple construction techniques such as making the shaft as thin as possible, and getting the mesh as -close to it as possible, as well as using a solid steel shaft on the motor end of the mesh, the level of security that -these mitigations provide is much below that of the remainder of the mesh. Thus, a better solution is needed. - -Previously, in Chapter \todoplaceholder{provide link to mesh protection overview from OG IHSM paper} we have alluded to -several \emph{shielding} methods that use a independently rotating secondary mesh on the inside of the primary mesh, -located right next to the primary mesh's axis opening. In this section, we will go into some more detail on four -variations of this solution. In order of increasing complexity, these variations are a simple disc cover, coaxial -labyrinth meshes, offset labyrinth meshes, and interlocking gear meshes. We will demonstrate a functional prototype of -the simple disc cover, present a design and mechanical prototypes of the offset labyrinth meshes, and provide details on -the design of a interlocking gear mesh. +To approach the security of the data and power connections passing through the IHSM's unprotected shaft, +\textcite{gotteCantTouchThis2022} list some shielding methods that use an independently rotating secondary tamper +sensing mesh on the inside of the primary mesh, located right next to the primary mesh's axis opening. This secondary +mesh makes accessing the payload using probes inserted through the shaft much more difficult. +\textcite{gotteCantTouchThis2022} only present conceptual drawings of these schemes, and focus on electrical signals. In +this chapter, building on these concepts, we present mechanical designs of three variations of a fiber passthrough for +IHSMs that are adapted to the limited bending radius of optical fiber: A simple disc cover, offset labyrinth meshes, and +interlocking gear meshes. We present a mechanical prototype of our offset labyrinth mesh design. \subsection{Simple disc cover} -\todo{Update these graphics with final color scheme, and update caption text here} - \begin{figure}[h!] \centering \includegraphics[width=\textwidth,page=1]{shaft_countermeasures_b.pdf} - \caption[Coaxial disc mesh schema]{\draftgraphics Coaxial disc mesh schema, cross-section and top-down views. The - outer mesh is shown in red, and the inner mesh in blue. The dashed line indicates the two meshes' shared axis of - rotation. The gray areas indicate the shape of the volume that remains undisturbed by the mesh, and that is - available for structural support and cable routing.} + \caption[Coaxial disc mesh schema]{Coaxial disc mesh schema, cross-section and top-down views. The outer mesh is + shown in red, and the inner mesh in blue. The dashed line indicates the two meshes' shared axis of rotation. The + gray areas indicate the shape of the volume that remains undisturbed by the mesh, and that is available for + structural support and cable routing.} \label{qkd_fig_disc_mesh} \end{figure} -In Chapter \todoplaceholder{Provide link to single-board IHSM chapter here}, we have shown how an IHSM that has been -shrunk to a single, disc-shaped PCB is still useful because we can delegate key management functionality to the mesh -monitoring circuit's microcontroller---or a separate processor sitting next to it---on the rotating mesh PCB, yielding a -solution close in both its cryptographic capabilities and its security level to commercial traditional HSMs, and -exceeding those of a smartcard. In the following paragraphs, we will show how we can deploy the same single-board IHSM -(SB-IHSM) as a mitigation for through-axis attacks, exploiting its mechanical shape and its simple, low-cost -implementation. +While IHSMs excel at protecting large payload volumes, even a zero-payload IHSM that has been shrunk to a single, +disc-shaped PCB is still useful because we can delegate key management functionality to the mesh monitoring circuit's +microcontroller---or a separate processor sitting next to it---on the rotating mesh PCB, yielding a solution close in +both its cryptographic capabilities and its security level to commercial traditional HSMs, and exceeding those of a +smartcard. In the following paragraphs, we will show how we can deploy the same single-board IHSM (SB-IHSM) as a +mitigation for through-axis attacks, exploiting its mechanical shape and its simple, low-cost implementation. By placing an adapted single-board IHSM close to the primary mesh's axis opening as shown in Figure\ \ref{qkd_fig_disc_mesh}, an attacker is forced to either first circumvent or at least dislodge the single-board IHSM @@ -608,48 +274,43 @@ approximately \qty{90}{\degree} at least twice, once to avoid the SB-IHSM mesh, towards the payload. The distance between the inside of the primary mesh and the SB-IHSM is limited by the tolerance in mechanical alignment between the two axes of rotation, by the space necessary for a sufficiently stable mount of the payload cage to the hollow shaft, and by the minimum bend radius of the power and data wiring that needs to pass through -the shaft. In QKD applications, the fibers' minimum bend radius is the largest contributing factor. Power and electrical -data signals can be supplied through flexible flat cables that can be bent in sharp corners without issue. Optical -fibers on the other hand are limited in their minimum bend radius, as their optical loss rises sharply with decreasing -bend radius\footnote{Note that the issue here is not that the glass core of the fiber would degrade or break, as one -might intuitively assume. Being only a few dozen micrometers in diameter, an optical fiber's core is remarkably -flexible. Instead, the issue is that both multimode as well as singlemode fibers are optical waveguides. Bending them -distorts the electromagnetic field inside the waveguide, and allows some small portion of it to escape from the fiber's -core, leading to loss in the form of both attenuation and dispersion\cite{schermerImprovedBendLoss2007}.}. With QKD -being especially sensitive to even small amounts of loss, care has to be taken to maximize the bend radius of the fiber -optic connections. A common specification of minimum bend radius in telecom singlemode fibers taking into account not -just optical loss but also the mechanical stability of the fiber's polymer coating is $10\times$ the coated fiber's -diameter\cite{fs1M12FSC,ProductPageFiber,CorningSMF28Ultra2024}, which equates to \qty{9}{\milli\meter} for common +the shaft. Power and electrical data signals can be supplied through flexible flat cables that can be bent in sharp +corners without issue. In QKD applications, the fibers' minimum bend radius is the largest contributing factor. The +optical loss of a fiber rises sharply with decreasing bend radius\footnote.{Note that the issue here is not that the +glass core of the fiber would degrade or break, as one might intuitively assume. Being only a few dozen micrometers in +diameter, an optical fiber's core is remarkably flexible. Instead, the issue is that both multi-mode as well as +single-mode fibers are optical waveguides. Bending them distorts the electromagnetic field inside the waveguide, and +allows some small portion of it to escape from the fiber's core, leading to loss in the form of both attenuation and +dispersion~\cite{schermerImprovedBendLoss2007}.} With QKD being especially sensitive to even small amounts of loss, care +has to be taken to maximize the bend radius of the fiber optic connections. A common specification of minimum bend +radius in telecom single-mode fibers taking into account not just optical loss but also the mechanical stability of the +fiber's polymer coating is $10\times$ the coated fiber's +diameter~\cite{fs1M12FSC,ProductPageFiber,CorningSMF28Ultra2024}, which equates to \qty{9}{\milli\meter} for common \qty{0.9}{\milli\meter} fiber pigtails, corresponding to approximately \qty{1}{\decibel} of loss in the -\qty{1550}{\nano\meter} band\cite{schermerImprovedBendLoss2007}. Based on these specifications and on a conservative +\qty{1550}{\nano\meter} band~\cite{schermerImprovedBendLoss2007}. Based on these specifications and on a conservative estimate of \qty{2.5}{\milli\meter} for the vertical mesh clearance, we arrive at a minimum inter-mesh spacing of approximately \qty{11}{\milli\meter} when using minimal overlap between tab heights. \begin{figure} \centering - \subcaptionbox[Helical transition of single fiber]{Single fiber}{\includegraphics[width=.45\textwidth]{\scaledgraphics{helix_transition.png}}} - \hfill - \subcaptionbox[Helical transition of fiber bundle]{Fiber bundle}{\includegraphics[width=.45\textwidth]{\scaledgraphics{helix_bundle.png}}} + \subcaptionbox[Helical transition of single fiber]{Single fiber}{\includegraphics[width=.25\textwidth]{helix_transition.png}} + \subcaptionbox[Helical transition of fiber bundle]{Fiber bundle}{\includegraphics[width=.25\textwidth]{helix_bundle.png}} \caption[Helically coiling fibers inside the axis tube]{ - The necessary mesh spacing can be reduced by coiling the fibers inside of the axis tube. The coiled fibers enter - the inter-mesh space at an angle equal to the helix lead angle, which reduces the amount of space necessary to - complete the transition to horizontal along a circular arc. In this example, a \qty{6}{\milli\meter} outer - diameter tube with a \qty{0.5}{\milli\meter} wall thickness is shown with 6 fibers with \qty{0.9}{\milli\meter} - outer diameter coiled to a constant bend radius of \qty{9}{\milli\meter}. The lead angle of the resulting helix - is \qty{61.5}{\degree}, and past the tube exit, only \qty{5.16}{\milli\meter} of inter-mesh space are necessary. - \figureattrib{helix_transition.png}} + Minimum mesh spacing can be reduced by coiling the fibers inside of the shaft tube. The coiled fibers enter the + inter-mesh space at an angle equal to the helix lead angle. Shown here is a \qty{6}{\milli\meter} outer diameter + tube with a \qty{0.5}{\milli\meter} wall thickness and 6 fibers with \qty{0.9}{\milli\meter} outer diameter + coiled to a constant bend radius of \qty{9}{\milli\meter}. The lead angle of the helix is \qty{61.5}{\degree}. + The resulting inter-mesh spacing is \qty{5.16}{\milli\meter}. + } \label{qkd_fig_fiber_helix} \end{figure} -\todoplaceholder{Finish this part. Use the rev 1 SB-IHSM to build a practical prototype.} - \subsection{Coaxial labyrinth meshes} \begin{figure}[h!] \centering \includegraphics[width=\textwidth,page=4]{shaft_countermeasures_b.pdf} - \caption[Coaxial labyrinth mesh schema]{\draftgraphics Coaxial labyrinth mesh schema, cross-section and top-down - views.} + \caption[Coaxial labyrinth mesh schema]{Coaxial labyrinth mesh schema, cross-section and top-down views.} \end{figure} In QKD applications, the simple disc cover design shown above has two main limitations. First, the distance between the @@ -657,117 +318,61 @@ primary and secondary meshes' tab rings must be large enough to allow for the fi more than \qty{10}{\milli\meter} of space available to an attacker. Second, the attacker only has to bend their tool in a plane to reach the payload. -To increase the difficulty of inserting a long and flexible tool through the axis shield, \todo{Axis shield might be a -nice term. Unify terminology for axis/shaft, the shield, the names of the two meshes, and the tabs sticking up from the -meshes. Also what do we call the space in between? Terminology for the sides with offset meshes?} the shape of the -interface layer between the two meshes can be made more complex. Introducing small mesh \emph{tabs} that stick out -into the inter-mesh space from both meshes creates a labyrinth-like structure between the axis opening and the IHSM's -inside. Structural support and cables can easily pass this structure in a series of \qty{90}{\degree} bends, while -inserting a probe avoiding both meshes would not be feasible as the probe would have to perform a series of sharp -bends. The type of manipulator that would be necessary for the placement of a probe in this system is conceptually -similar to snake-like robots used in minimally invasive surgery, but state-of-the-art systems from this area are both -too thick and don't have enough joints to fit even simple labyrinth layouts\cite{ +To increase the difficulty of inserting a long and flexible tool through the axis shield, the shape of the interface +layer between the two meshes can be made more complex. Introducing small mesh \emph{tabs} that stick out into the +inter-mesh space from both meshes creates a labyrinth-like structure between the axis opening and the IHSM's inside. +Structural support and cables can easily pass this structure in a series of \qty{90}{\degree} bends, while inserting a +probe avoiding both meshes would not be feasible as the probe would have to perform a series of sharp bends. The type of +manipulator that would be necessary for the placement of a probe in this system is conceptually similar to snake-like +robots used in minimally invasive surgery, but state-of-the-art systems from this area are both too thick and don't have +enough joints to fit even simple labyrinth layouts~\cite{ suhDesignDiscreteBending2017, schmitzRollingTipFlexibleInstrument2019, kimAdvancementFlexibleRobot2022, hongDesignCompensationControl2020}. For instance, if we assume \qty{3}{\milli\meter} material thickness on the radial bracket connecting the shaft with the -secondary mesh's mounting frame\todo{conceptual drawing here} along with \qty{10}{\milli\meter} of mesh tab overlap, -\qty{1.5}{\milli\meter} of clearance between radial bracket and each of the two meshes, and an inter-mesh spacing from -one tab ring to the next equal to the radial brackets' material thickness of \qty{4}{\milli\meter} plus the clearance -from bracket to mesh, we arrive at a meander \qty{6}{\milli\meter} in width completing four \qty{180}{\degree} turns -within less than \qty{40}{\milli\meter} of radial distance. - -Researching the security of nuclear weapons, \textcite{bellovinPermissiveActionLinks} references a quote characterizing -the tamper security of a Permissive Action Link, a tamper-proof component designed to authorize the use of a nuclar -weapon through a code, as follows. -\todo{Get the actual book from ULB, and properly attribute this quote.} - -\begin{quote} - Bypassinag a PAL should be, as one weapons designer graphically put it, about as complex as performing a - tonsillectomy while entering the patient from the wrong - end. \cite{caldwell1989reducing,bellovinPermissiveActionLinks} -\end{quote} - -With our discussion of surgical robots two paragraphs ago this quote is very on the nose, and it is probably fair to say -that we have made some progress to achieve this standard. While we are not quite there yet, we shall make it our goal to -achieve or even exceed this standard with our work in the following sections. - -\begin{figure} - \centering - \includegraphics[width=.7\textwidth]{\scaledgraphics{wikimedia_Four_Corners_Bank_Vault_cropped.jpg}} - \caption[Photo of a bank vault door]{\camerareadygraphics Photo of a bank vault door at the Four Corners building in - Bowling Green, Ohio, USA. The interface between the door and its frame is stepped all around to discourage would-be - intruders from inserting any sort of tool through the small gap around the closed door. In this instance, because - the door's sill is stepped, too, a small ramp has been placed over the sill so that people going in and out of the - open door don't stumble over the steps.\\ - \imgsource{Wikimedia Commons user Mbrickn}{2019}{CC-BY-SA}{https://commons.wikimedia.org/wiki/File:Four_Corners_Bank_Vault.jpg} - } - \label{qkd_fig_vault_door} -\end{figure} +secondary mesh's mounting frame along with \qty{10}{\milli\meter} of mesh tab overlap, \qty{1.5}{\milli\meter} of +clearance between radial bracket and each of the two meshes, and an inter-mesh spacing from one tab ring to the next +equal to the radial brackets' material thickness of \qty{4}{\milli\meter} plus the clearance from bracket to mesh, we +arrive at a meander \qty{6}{\milli\meter} in width completing four \qty{180}{\degree} turns within less than +\qty{40}{\milli\meter} of radial distance. While long and narrow tabs are desirable for mesh security as they limit the size and mobility of an attacker's probe, in QKD application, the need for fiber optic passthrough is the limiting factor. The obvious solution of passing through the fibers in a series of in-plane S-bends requires a coarse tab spacing due to the fibers' large minimum bend radius. However, we can apply the approach we proposed above for the shaft entrance here, too, and thread the fibers between the meshes by helically coiling them, increasing the fibers' bend radius to one half of the distance between both mesh -discs minus the fibers' diameter and clearances\todo{Formulas here and elsewhere, define variables}. When the resulting -useable part of the distance is larger than twice the bend radius, the minimum tab spacing is only limited by the -fiber's diameter and the stability of the star bracket. When the discs are placed closer, and a larger pitch is -necssary, the resulting pitch of the helix determines the minimum tab spacing. +discs minus the fibers' diameter and clearances. When the resulting useable part of the distance is larger than twice +the bend radius, the minimum tab spacing is only limited by the fiber's diameter and the stability of the star bracket. +When the discs are placed closer, and a larger pitch is necssary, the resulting pitch of the helix determines the +minimum tab spacing. -Designing a labyrinth mesh for intrusion prevention is similar to the design of the shape of the jamb of a safe door -such as the one shown in Figure\ \ref{qkd_fig_vault_door}, or of a high end apartment door. In these, the objective is -to prevent would-be burglars from inserting opening tools through the space between the closed door and its jamb and -attacking the door's interior handle or locking mechanism, not unlike an IHSM's defense against electrical or -electromagnetic probes. The one difference between these doors and what we can do in IHSMs is that these doors are -limited to outwards-facing steps because they must be opened and closed. In IHSM labyrinth meshes, we can use both -outwards-facing and inwards-facing steps. +Designing a labyrinth mesh for intrusion prevention is similar to the design of the shape of the jamb of a safe door or +of a high end apartment door. In these, the objective is to prevent would-be burglars from inserting opening tools +through the space between the closed door and its jamb and attacking the door's interior handle or locking mechanism, +not unlike an IHSM's defense against electrical or electromagnetic probes. The one difference between these doors and +what we can do in IHSMs is that these doors are limited to outwards-facing steps because they must be opened and closed. +In IHSM labyrinth meshes, we can use both outwards-facing and inwards-facing steps. -Concentric labyrinth meshes allow for a wide range of different configurations. The pitch from one mesh tab to the -next is the sum of the required width of the inter-mesh space and the safety margin needed betwween any cables or the -inter-mesh bracket and the tabs. When the mesh is constructed using rigid PCB tabs that are inserted as-is, without -bending them, and when all tabs have the same width and thickness, the radial width of the swept area decreases from tab -to tab going outwards as shown in Figure\ \ref{qkd_fig_mesh_ring_reduction}. A consequence of this is that when the -design target are constant width inter-mesh spaces, the tabs' pitch decreases going outwards. +Concentric labyrinth meshes allow for a range configurations. The pitch from one mesh tab to the next is the sum of the +required width of the inter-mesh space and the safety margin needed betwween any cables or the inter-mesh bracket and +the tabs. When the mesh is constructed using rigid PCB tabs that are inserted as-is, without bending them, and when all +tabs have the same width and thickness, the radial width of the swept area decreases from tab to tab going outwards. A +consequence of this is that when the design target are constant width inter-mesh spaces, the tabs' pitch decreases going +outwards. -\begin{figure} - \centering - \includegraphics[width=\textwidth]{mesh_ring_reduction.pdf} - \caption[Coaxial labyrinth mesh tab swept area]{\draftgraphics Top-down view of a coaxial labyrinth mesh - with three tabs, with the area swept by each tab highlighted. When rigid, planar tabs of a single width $w$ are - used, the radial width of the swept areas decreases and approaches the tabs' thickness $t$ as their radius $r$ - increases. - } - \label{qkd_fig_mesh_ring_reduction} -\end{figure} - -The safety margin required to avoid collisions between the meshes and the stator\todo{stator is a nice word for the -entire non-rotating part of the assembly. stator/star bracket?} can be kept low for the primary mesh because this mesh -has high-quality bearings on both ends, leading to good axis alignment. In contrast, for the secondary mesh considerable -margins have to be included if the mesh is driven by a cooling fan motor, as the bearings in such fans are not very -precise. With loose bearings, angular axis misalignment can lead to several millimeters of deflection in both the radial -and axial dimensions as illustrated in Figure\ \ref{qkd_fig_mesh_ring_bearing_tolerance}. - -\begin{figure} - \centering - \includegraphics[width=\textwidth]{mesh_ring_bearing_tolerance.pdf} - \caption[Coaxial labyrinth mesh axis alignment tolerance illustration]{\draftgraphics Illustration of the effect of - angular misalignment of the axis of rotation caused by tolerances in motor bearings in a coaxial labyrinth mesh with - two tabs. The area swept by each tab, and its increase due to misalignment are highlighted. The left illustration - shows the ideal and misaligned meshes, and the right illustration superimposes the area increase from the left - illustration on the ideally aligned mesh. This illustration is not to scale.} - \label{qkd_fig_mesh_ring_bearing_tolerance} -\end{figure} +The safety margin required to avoid collisions between the meshes and the stator can be kept low for the primary mesh +because this mesh has high-quality bearings on both ends, leading to good axis alignment. In contrast, for the secondary +mesh, margins have to be included if the mesh is driven by a cooling fan motor, as the bearings in such fans +are not very precise, resulting in misalignment increasing with radius. \subsection{Offset labyrinth meshes} \begin{figure}[h!] \centering - \includegraphics[width=\textwidth,page=2]{shaft_countermeasures_b.pdf} - \caption[Offset labyrinth mesh schema]{\draftgraphics Offset labyrinth mesh schema, cross-section and top-down - views. The two dashed lines indicate the two meshes' offset axes of rotation, shifted in $x$ direction in both - views.} + \includegraphics[width=0.5\textwidth,page=2]{shaft_countermeasures_b.pdf} + \caption[Offset labyrinth mesh schema]{Offset labyrinth mesh schema, cross-section and top-down views. The two + dashed lines indicate the two meshes' offset axes of rotation, shifted in $x$ direction in both views.} \label{qkd_fig_offset_lab_schema} \end{figure} @@ -791,8 +396,9 @@ feedthrough that improves on the simple helical feedthrough we introduced above. \begin{figure} \centering - \includegraphics[width=\textwidth]{schema_wire.pdf} - \caption[Offset labyrinth mesh schema with fiber layout]{\figureattrib{schema_wire.svg}} + \includegraphics[width=0.45\textwidth]{schema_wire.pdf} + \includegraphics[width=0.6\textwidth]{figures/pic_bracket_routing_small.png} + \caption{Offset labyrinth mesh schema with fiber layout} \label{qkd_fig_offset_lab_fiber} \end{figure} @@ -805,43 +411,44 @@ Thus, instead of passing it straight through the labyrinth, the payload's fiber labyrinth in a three-dimensional spiral shape, avoiding the meshes while simultaneously maximizing the fibers' bend radii. +\subsection{Experimental Validation} + To prove the mechanical viability of the offset labyrinth mesh concept, we created a mechanical prototype of one such -mesh. Figure\ \ref{qkd_fig_offset_lab_fiber} shows the dimensions of the meshes' tabs along with the resulting tab rings -and a 2D projection of our chosen fiber layout. The fiber is laid out in such a way that it crosses each tab ring at -opposite sides, and traverses the vertical distance in the larger part of the inter-mesh space. Figures\ -\ref{qkd_fig_lab_mesh_exp_1} and \ref{qkd_fig_lab_mesh_exp_2} show an exploded view of our mechanical prototype from two -perspectives, and Figure\ \ref{qkd_fig_lab_mesh_section} shows a section view. +mesh. Figure\ \ref{qkd_fig_offset_lab_fiber} shows the proportions of the meshes' tabs along with the resulting tab +rings and a 2D projection of our chosen fiber layout. The fiber is laid out in such a way that it crosses each tab ring +at opposite sides, and traverses the vertical distance in the larger part of the inter-mesh space. Figure\ +\ref{fig_pic_proto_detail} shows an exploded view of our mechanical prototype. + +We threaded a standard \qty{50}{\micro\meter}/\qty{125}{\micro\meter} fiber through the bracket, spliced it to a +connector pigtail at the remote end, and measured its loss using a NK4000D handheld OTDR/OPM manufactured by Qingdao +Novker Communication Ltd. Comparing measurements of loss between a coiled fiber and a fiber fed through the bracket +resulted in a difference below the measurement floor of approximately \qty{0.25}{\decibel}. \begin{figure} - \centering - \includegraphics[width=\textwidth]{\scaledgraphics{render_exp_1.png}} - \caption[Offset labyrinth mesh assmbly exploded render]{\figureattrib{render_exp_1.png}} - \label{qkd_fig_lab_mesh_exp_1} -\end{figure} - -\begin{figure} - \centering - \includegraphics[width=\textwidth]{\scaledgraphics{render_exp_2.png}} - \caption[Offset labyrinth mesh assmbly exploded render]{\figureattrib{render_exp_2.png}} - \label{qkd_fig_lab_mesh_exp_2} -\end{figure} - -\begin{figure} - \centering - \includegraphics[width=\textwidth]{example-image-10x16.pdf} - \caption[Offset labyrinth mesh assmbly exploded render, section view]{\draftgraphics\\ - Section view of the labyrinth mesh assembly} - \label{qkd_fig_lab_mesh_section} + \begin{center} + \includegraphics[width=0.45\textwidth]{fiber_passthrough_mech_model__8288_small_censored.jpg} + \hspace*{5mm} + \includegraphics[width=0.45\textwidth]{fiber_passthrough_mech_model__8292_small_censored.jpg} + \end{center} + \caption{An disassembled view of our optical passthrough mechanical prototype. The fiber is passed through from the + shaft going through the IHSM's primary tamper sensing mesh cage to the outside into the interior of the IHSM through + the green bracket. A secondary tamper sensing mesh is located on the inside of the shaft interface and driven + separately. In this prototype, the secondary mesh is driven by a cooling fan. Both independently rotating meshes + have tabs that extend into the bracket such that they do not interfere, but reduce the space available to an + attacker. The HSM's primary mesh cage is partially shown in white. + \\\textbf{Note: Institutional logo removed from picture for peer review} + } + \label{fig_pic_proto_detail} \end{figure} \subsection{Interlocking gear meshes} \begin{figure}[h!] \centering - \includegraphics[width=\textwidth,page=3]{shaft_countermeasures_b.pdf} - \caption[Offset gear labyrinth mesh schema]{\draftgraphics Offset gear labyrinth mesh schema, cross-section and - top-down views. In this example, the axis is shifted by about twice the offset from the previous offset labyrinth - mesh schema in Figure\ \ref{qkd_fig_offset_lab_schema}.} + \includegraphics[width=0.5\textwidth,page=3]{shaft_countermeasures_b.pdf} + \caption[Offset gear labyrinth mesh schema]{Offset gear labyrinth mesh schema, cross-section and top-down views. In + this example, the axis is shifted by about twice the offset from the previous offset labyrinth mesh schema in + Figure\ \ref{qkd_fig_offset_lab_schema}.} \end{figure} The offset labyrinth design already achieves a high level of security through its complex passthrough shape, but only @@ -864,26 +471,128 @@ In this setup, the mesh tabs act like gear teeth. Depending on the ratio between meshes do not have to rotate at the same rate of rotation and harmonic ratios are possible. Additionally, unlike actual gears which need to constantly maintain an area of contact, both co-rotating and counter-rotating setups are possible. -\begin{figure} - \centering - \subcaptionbox[Offset gear labyrinth mesh assembly render]{\figureattrib{render_side_1.png}}{\includegraphics[width=\textwidth]{\scaledgraphics{render_side_1.png}}} - \subcaptionbox[Offset gear labyrinth mesh assembly render]{\figureattrib{render_side_2.png}}{\includegraphics[width=\textwidth]{\scaledgraphics{render_side_2.png}}} +\section{Physical attacks and countermeasures} +\label{sec_attacks} +In this section we will consider possible ways to attack an IHSM-secured QKD relay, as well as potential +countermeasures. - \caption{ - Renderings of the complete offset labyrinth gear mesh assembly. - } -\end{figure} +\subsection{Attacks on the IHSM mesh} -\begin{figure} - \centering - \includegraphics[width=\textwidth]{gear_plan_1.pdf} - \caption[Offset gear mesh assmbly schema]{\figureattrib{gear_plan_1.svg}} -\end{figure} +There are two ways an attacker could attack the mesh itself if an adequate speed of rotation such as \qty{1000}{\rpm} is +used~\cite{gotteCantTouchThis2022}: Either, an attacker would have to slow down the mesh so they can perform a manual +attack, or they would have to use a robot. The first class of attack would require the attacker to falsify the readings +of the centrifugal accelerometer. MEMS accelerometers are complex devices, and the simplest way to falsify its readings +would be to attach a circuit to the accelrometer's data bus that overrides the measurement result data. Creating such a +circuit is easy, the challenge the attacker would have to overcome would be to access this bus and attach this circuit +to the mesh in motion without stopping or disturbing it. At high speeds, this would necessarily require a custom attack +robot. -\begin{figure} - \centering - \includegraphics[width=\textwidth]{gear_plan_2.pdf} - \caption[Offset gear mesh schedule]{\figureattrib{gear_plan_2.svg}} -\end{figure} +\subsection{Contactless attacks on the payload} + +Contactless attacks such as electromagnetic (EM) side-channel attacks or optical fault injection attacks on the payload +could conceivably be conducted from the outside of the mesh. The efficacy of EM side-channel as well as fault injection +attacks decays quickly with increased distance between probe and target, and they can be counteracted by simply placing +the QKD relay's components such that they are spaced apart from the mesh. Optical attacks, on the other hand can be +carried out even at a distance using appropriate focusing optics. The easiest way to prevent such attacks would be to +place the payload into an opaque enclosure inside the mesh. + +An additional variant of optical attacks would be using a laser to cut or drill into the payload. Such attacks can be +impeded through several defense-in-depth measures. First, the payload QKD relay should be designed such that destroying +any part of it such as connecting wires or fibers causes it to fail secure. Irrespective of attacks, this is a +reasonable design objective anyway given that components could fail, and a component failure should never put the device +in an insecure state. Further, similar to other optical attacks, a shield can be used to prevent laser cutting or +drilling attacks as well with the only difference being the kind of shield. To prevent laser cutting or drilling, a +thick metal shield can be used. The large thermal mass, high thermal conductivity and reflective surface of such a +shield makes it difficult to cut. There are lasers such as pulsed Nd:YAG lasers that can cut even thick steel, but these +this cutting produces a large amount of metal plasma and debris, which would likely destroy the payload in the process. + +To make sure any active laser attack is quickly detected, as a final line of defense, both mesh and payload should +include wideband optical sensors in their array of environmental tamper sensors. For instace, high-power pulsed lasers +do not deposit much heat into their target because the surface of the target is vaporized by the laser pulse too +quickly, and thus might not trigger a simple temperature alarm inside the payload. In contrast, optical sensors even +outside of the laser's wavelength range would have no trouble detecting the light emitted from the metal plasma created +by the laser's pulses on impact with the payload. + +\subsection{Fast, mechanical attacks on the payload} + +A final class of attacks are mechanical attacks where an attacker mechanically compromises the IHSM QKD relay so quickly +that the tamper alarm mechanism has no time to act. An instance of such an attack would be using a gun to fire a bullet +at the payload, aiming to selectively destroy parts of it that are involved in tamper alarm response before they can +act. This class of attack can be counteracted in similar ways as the previously mentioned optical attacks. Destruction +of parts of the payload should never let it fall into an insecure state, meaning that such an attack alone should never +be enough to compromise the QKD relay. There is little one can do to prevent destruction of the payload by projectile or +by explosive, but a thick metal shield around the payload would make it more difficult to selectively target part of it +using a projectile. \section{Outlook} +\label{sec_outlook} + +\subsection{Achievable security guarantees} + +Like conventional HSMs, Inertial HSMs are only ever an engeineering answer to a security question. In contrast with +cryptographic solutions that can achieve provable, information-theoretic security in some cases, an IHSM's security +rests upon an assumption on the engineering capabilities of an attacker. In contrast to conventional HSMs, which +achieve this engineering assumption through the manufacture of hard-to-manipulate tamper sensing meshes, Inertial HSMs +achieve it by rotating their tamper sensing mesh. In a conventional HSM, increasing the security of the tamper sensing +mesh requires fine-tuning a bespoke manufacturing process. In contrast, increasing the security of an IHSMs simply +requires making the rotor faster. + +\subsection{Trust bootstrapping} + +A key question in any trusted hardware deployment is how to bootstrap trust in a new device when faced with the +possibility of supply-chain attacks. Conventional HSMs are only manufactured by a single manufacturer, and the common +solution is to just trust that manufacturer. The HSM's manufacturer can factory-provision an identity key to the HSM +that can be used to ascertain the HSM's integrity during shipping to the customer. + +One of the key components of IHSM technology is that it does not require specialized components, or potting of the +payload. While an IHSM could be manufactured and sold as a complete unit like a conventional HSM, their more modular +nature makes it possible to place more control in the IHSM's customer. In particular, an IHSM could be sold without a +payload installed, leaving the customer to install their own payload (such as a QKD node) inside the IHSM. Like a +conventional HSM, the IHSM could be run during shipping to detect supply-chain attacks. Going further, since IHSMs are +build from commodity components, the user could directly license the IHSM design and manufacturer it themselves, given +them full control over the hardware supply chain. In a QKD deployment, the manufacturer of the QKD node could build both +the QKD subsystem and the IHSM and integrate both, given that this would not require additional manufacturing +capabilities due to the IHSM's simple construction. + +\subsection{Network implementation} + +IHSM-secured QKD nodes could be used to build QKD networks. IHSM-secured QKD nodes augment QKD network techniques such +as \textcite{caoHybridTrustedUntrusted2021}, who present a network structure that exploits MDI-QKD to replace some of +the network's nodes by untrusted nodes that do not require physical security. + +\subsection{Device Longevity} + +In any HSM application, failure of a single HSM must be mitigated through a backup and redundancy strategy that is +carefully chosen such that it does not pose a security risk. Conventional HSMs are often operated in a cluster made from +multiple HSMs. These clusters serve two purposes. First, they can compensate for the failure of a single HSM, which is +crucial given that ideally, the HSM's secrets should never be stored outside the HSM. Second, they improve processing +rate by sharing load across their constituent HSMs. Since conventional HSMs are highly limited in their processing speed +due to size and power dissipation constraints, this capacity is essential for some applications. + +A cluster of Inertial HSMs can be set up in much the same way. In a QKD system, one implementation would be to run +multiple QKD links in parallel. The secret key streams of all links could then be combined using a hash function like it +is used in a single QKD link's privacy amplification step. When one QKD link fails, in this construction its secret key +stream can safely be replaced by a stream of zeros as long as the remaining operating links in sum still provide +sufficient entropy. + +In an application where the overhead of multiple QKD links each requiring their own dark fiber would be too expensive, +multiple IHSM-protected QKD transceivers could be connected to a single optical fiber through an optical switch. +Mirco-Electromechanical Systems (MEMS)-based optical switchs are a well-established technology and can switch optical +fibers within milliseconds at an insertion loss of no more than a decibel or two. In a QKD application, this insertion +loss would be tolerable. Since QKD secret key rates stem from a stochastic process and as such are not constant, QKD +systems buffer secret key bits. The switchover time of an optical switch used for failover between two QKD transceivers +as well as the link establishment time of the failover transceiver can be absorbed by simply sizing this buffer +appropriately. + +\section{Conclusion} +\label{sec_conclusion} + +In this chapter, we applied the Inertial Hardware Security Module (IHSM) concept to physically trusted relay nodes in a +Quantum Key Distribution network. We note that the hardest challenge in the adoption of IHSMs in QKD relays is the +fiber-optic passthrough between the outside world and the IHSMs QKD relay payload. We show three concepts along the +spectrum trading off security and implementation complexity. All three concepts utilize a secondary rotating mesh on the +inside of the primary mesh's shaft opening. We practically demonstrate one of our concepts, the offset labyrinth mesh, +in a functional mechanical prototype. We experimentally measured the increase in loss of a standard telecommunications +fiber when inserted through our mechanical prototype's fiber passthrough, resulting in an increase in loss compared to a +straight fiber that was below our measurement threshold of approximately \qty{0.25}{\decibel}. +