-
Real time QKD Post Processing based on Reconfigurable Hardware Acceleration
Authors:
Foram P Shingala,
Natarajan Venkatachalam,
Selvagangai C,
Hema Priya S,
Dillibabu S,
Pooja Chandravanshi,
Ravindra P. Singh
Abstract:
Key Distillation is an essential component of every Quantum Key Distribution system because it compensates the inherent transmission errors of quantum channel. However, throughput and interoperability aspects of post-processing engine design often neglected, and exiting solutions are not providing any guarantee. In this paper, we propose multiple protocol support high throughput key distillation f…
▽ More
Key Distillation is an essential component of every Quantum Key Distribution system because it compensates the inherent transmission errors of quantum channel. However, throughput and interoperability aspects of post-processing engine design often neglected, and exiting solutions are not providing any guarantee. In this paper, we propose multiple protocol support high throughput key distillation framework implemented in a Field Programmable Gate Array (FPGA) using High-Level Synthesis (HLS). The proposed design uses a Hadoop framework with a map-reduce programming model to efficiently process large chunks of raw data across the limited computing resources of an FPGA. We present a novel hardware-efficient integrated post-processing architecture that offer dynamic error correction, a side-channel resistant authentication scheme, and an inbuilt high-speed encryption application, which uses the key for secure communication. We develop a semi automated High level synthesis framework capable of handling different QKD protocols with promising speedup. Overall, the experimental results shows that there is a significant improvement in performance and compatible with any discrete variable QKD systems.
△ Less
Submitted 30 November, 2022;
originally announced November 2022.
-
Unconditionally secure digital signatures implemented in an 8-user quantum network
Authors:
Yoann Pelet,
Ittoop Vergheese Puthoor,
Natarajan Venkatachalam,
Sören Wengerowsky,
Martin Lončarić,
Sebastian Philipp Neumann,
Bo Liu,
Željko Samec,
Mario Stipčević,
Rupert Ursin,
Erika Andersson,
John G. Rarity,
Djeylan Aktas,
Siddarth Koduru Joshi
Abstract:
The ability to know and verifiably demonstrate the origins of messages can often be as important as encrypting the message itself. Here we present an experimental demonstration of an unconditionally secure digital signature (USS) protocol implemented for the first time, to the best of our knowledge, on a fully connected quantum network without trusted nodes. Our USS protocol is secure against forg…
▽ More
The ability to know and verifiably demonstrate the origins of messages can often be as important as encrypting the message itself. Here we present an experimental demonstration of an unconditionally secure digital signature (USS) protocol implemented for the first time, to the best of our knowledge, on a fully connected quantum network without trusted nodes. Our USS protocol is secure against forging, repudiation and messages are transferrable. We show the feasibility of unconditionally secure signatures using only bi-partite entangled states distributed throughout the network and experimentally evaluate the performance of the protocol in real world scenarios with varying message lengths.
△ Less
Submitted 10 February, 2022; v1 submitted 9 February, 2022;
originally announced February 2022.
-
Design and Development of Automated Threat Hunting in Industrial Control Systems
Authors:
Masumi Arafune,
Sidharth Rajalakshmi,
Luigi Jaldon,
Zahra Jadidi,
Shantanu Pal,
Ernest Foo,
Nagarajan Venkatachalam
Abstract:
Traditional industrial systems, e.g., power plants, water treatment plants, etc., were built to operate highly isolated and controlled capacity. Recently, Industrial Control Systems (ICSs) have been exposed to the Internet for ease of access and adaptation to advanced technologies. However, it creates security vulnerabilities. Attackers often exploit these vulnerabilities to launch an attack on IC…
▽ More
Traditional industrial systems, e.g., power plants, water treatment plants, etc., were built to operate highly isolated and controlled capacity. Recently, Industrial Control Systems (ICSs) have been exposed to the Internet for ease of access and adaptation to advanced technologies. However, it creates security vulnerabilities. Attackers often exploit these vulnerabilities to launch an attack on ICSs. Towards this, threat hunting is performed to proactively monitor the security of ICS networks and protect them against threats that could make the systems malfunction. A threat hunter manually identifies threats and provides a hypothesis based on the available threat intelligence. In this paper, we motivate the gap in lacking research in the automation of threat hunting in ICS networks. We propose an automated extraction of threat intelligence and the generation and validation of a hypothesis. We present an automated threat hunting framework based on threat intelligence provided by the ICS MITRE ATT&CK framework to automate the tasks. Unlike the existing hunting solutions which are cloud-based, costly and prone to human errors, our solution is a central and open-source implemented using different open-source technologies, e.g., Elasticsearch, Conpot, Metasploit, Web Single Page Application (SPA), and a machine learning analyser. Our results demonstrate that the proposed threat hunting solution can identify the network's attacks and alert a threat hunter with a hypothesis generated based on the techniques, tactics, and procedures (TTPs) from ICS MITRE ATT&CK. Then, a machine learning classifier automatically predicts the future actions of the attack.
△ Less
Submitted 3 February, 2022;
originally announced February 2022.
-
Scalable authentication and optimal flooding in a quantum network
Authors:
Naomi R. Solomons,
Alasdair I. Fletcher,
Djeylan Aktas,
Natarajan Venkatachalam,
Sören Wengerowsky,
Martin Lončarić,
Sebastian P. Neumann,
Bo Liu,
Željko Samec,
Mario Stipčević,
Rupert Ursin,
Stefano Pirandola,
John G. Rarity,
Siddarth Koduru Joshi
Abstract:
The global interest in quantum networks stems from the security guaranteed by the laws of physics. Deploying quantum networks means facing the challenges of scaling up the physical hardware and, more importantly, of scaling up all other network layers and optimally utilising network resources. Here we consider two related protocols, their experimental demonstrations on an 8-user quantum network te…
▽ More
The global interest in quantum networks stems from the security guaranteed by the laws of physics. Deploying quantum networks means facing the challenges of scaling up the physical hardware and, more importantly, of scaling up all other network layers and optimally utilising network resources. Here we consider two related protocols, their experimental demonstrations on an 8-user quantum network test-bed, and discuss their usefulness with the aid of example use cases. First, an authentication transfer protocol to manage a fundamental limitation of quantum communication -- the need for a pre-shared key between every pair of users linked together on the quantum network. By temporarily trusting some intermediary nodes for a short period of time (<35 min in our network), we can generate and distribute these initial authentication keys with a very high level of security. Second, when end users quantify their trust in intermediary nodes, our flooding protocol can be used to improve both end-to-end communication speeds and increase security against malicious nodes.
△ Less
Submitted 21 June, 2023; v1 submitted 28 January, 2021;
originally announced January 2021.
-
Experimental implementation of secure anonymous protocols on an eight-user quantum network
Authors:
Zixin Huang,
Siddarth Koduru Joshi,
Djeylan Aktas,
Cosmo Lupo,
Armanda O. Quintavalle,
Natarajan Venkatachalam,
Sören Wengerowsky,
Martin Lončarić,
Sebastian Philipp Neumann,
Bo Liu,
Željko Samec,
Laurent Kling,
Mario Stipčević,
Rupert Ursin,
John G. Rarity
Abstract:
Anonymity in networked communication is vital for many privacy-preserving tasks. Secure key distribution alone is insufficient for high-security communications, often knowing who transmits a message to whom and when must also be kept hidden from an adversary. Here we experimentally demonstrate 5 information-theoretically secure anonymity protocols on an 8 user city-wide quantum network using polar…
▽ More
Anonymity in networked communication is vital for many privacy-preserving tasks. Secure key distribution alone is insufficient for high-security communications, often knowing who transmits a message to whom and when must also be kept hidden from an adversary. Here we experimentally demonstrate 5 information-theoretically secure anonymity protocols on an 8 user city-wide quantum network using polarisation-entangled photon pairs. At the heart of these protocols is anonymous broadcasting, which is a cryptographic primitive that allows one user to reveal one bit of information while kee** her identity anonymous. For a network of $n$ users, the protocols retain anonymity for the sender, given less than $n-2$ users are dishonest. This is one of the earliest implementations of genuine multi-user cryptographic protocols beyond standard QKD. Our anonymous protocols enhance the functionality of any fully-connected Quantum Key Distribution network without trusted nodes.
△ Less
Submitted 18 November, 2020;
originally announced November 2020.