Application Layer

Thursday 11 June 2009

The Application Layer contains applications that exploit the keys produced by the quantum layer and made available by the key management layer. Several encryption devices have been developed and adapted to use keys provided by the Key Management Layer and demonstrate the versatility of QKD technology in three different areas:
- QKD enhanced High-Speed Ethernet Encryption (Layer 2)
- QKD enhanced Fiber Channel Encryption (Layer 2)
- QKD enhanced IPsec Encryption (Layer 3)

QKD enhanced High-Speed Ethernet Encryption (Layer 2)

When deploying encryption in an enterprise network, it is essential to ensure that it will not impact the performance (throughput or latency) in any significant way. The best approach to do that is to use Layer 2 encryption, which has been applied in the SwissQuantum network.

The SwissQuantum network demonstrates QKD enhanced ultra high-speed encryption up to 10 Gbps. In order to clearly establish the reliability of this technology, it was decided to use an existing link carrying real traffic. This link runs between CERN and the University of Geneva and is used to transfer data collected in the Large Hadron Collider (LHC) at CERN for processing at UNIGE. High availability are essential in this application.

A 10Gpbs QKD enhanced Centauris Ethernet Encryptor is used for this application.

It is interesting to note that Layer 2 encryption is highly complementary with QKD technology.

More details on the Centauris Encryptor can be found on the Centauris and the High-Speet Ethernet Encryption Performance pages.

QKD enhanced Fiber Channel Encryption (Layer 2)

The Fiber Channel Encryptor was developed as part of the project Quantum Cryptography based point-to-point Secure Data Communication System [1], with funding from the Commission for Technology and Innovation (CTI) of the Swiss goverment.

The aim of this module was to develop a QKD enabled standalone encryption device at OSI Layer 2 supporting 2G Fiber Channel networks. More details on this encryptor can be found on the Fiber Channel Encryptor page. For performance details, please check the Fiber Channel Encryption Performance page.

QKD enhanced IPsec Encryption (Layer 3)

The goal of this module consists in studying and designing a software solution to integrate a cryptographic symmetric key generated using a quantum key agreement protocol with the IPsec suite of protocols, in order to provide a point-to-point, quantum-secured communication link operating at OSI layer 3. The proposed solution must be reliable, efficient, secure and resistant to possible failures of the quantum channel.

More details on the IPsec encryptor can be found on the IPsec Encryptor page. For performance details, please check the IPsec Encryption Performance page.

[1] Project number: 8483.1; 3 NMPP-NM

Warning: touch() [function.touch]: Utime failed: Permission denied in /home/www/4632712deec764b1cc10c73181107538/web/swissquantum/ecrire/inc/genie.php on line 81