Quantum Communications Hub National Network of Quantum Technologies Hubs: Quantum Communications Hub Director: Professor Tim Spiller Affiliation

Quantum Communications Hub: Partners Note: standard slide format – flexible - e.g text and image (if needed an image can be sized and placed as suits to illustrate/balance text). Quantum Communications Hub: Partners Academic partners: York (lead), Bristol, Cambridge, Heriot-Watt, Leeds, Royal Holloway, Sheffield, Strathclyde Industrial partners: R&D: Toshiba Research Europe Ltd. (TREL), BT and the National Physical Laboratory (NPL) Network: ADVA, NDFIS Supplier/Consultancy (optical): Oclaro, ID Quantique Collaboration/Consultancy (microwave): Airbus, L3-TRL Start-ups (exploitation): Qumet (Bristol), Cryptographiq (Leeds/IP Group) Standards/Consultancy: ETSI, GCHQ User engagement: Bristol City Council, Knowle West Media Centre, Cambridge Science Park, Cambridge Network Ltd

Quantum Communications Hub Note: standard slide format – flexible - e.g text and image (if needed an image can be sized and placed as suits to illustrate/balance text). Quantum Communications Hub Vision: “To develop new quantum communications (QComm) technologies that will reach new markets, enabling widespread use and adoption in many scenarios – from government and commercial transactions through to consumers and the home.” Delivery: First generation: Take proven concepts in Quantum Key Distribution (QKD) and advance these to commercial-ready stages. (Work packages 1-3) Next generation: Explore new approaches, applications, protocols and services – beyond QKD. (Work package 4)

Quantum Key Distribution (QKD) Note: standard slide format – flexible - e.g text and image (if needed an image can be sized and placed as suits to illustrate/balance text). Quantum Key Distribution (QKD) Secure sharing of a key between two parties (Alice and Bob!) The quantum part is the distribution of the key, with a promise from quantum physics that only Alice and Bob have copies. Once distributed, the (non-quantum) uses of the key(s) cover a wide range of secure information tasks: communication or data encryption, financial transactions, entry, passwords, ID/passports… The keys are consumables (use once only for security), so need regular replenishment, which is “quantum”.

Quantum Communications Hub: Work packages WP1 Short Range Consumer QKD (WP Lead: John Rarity (Bristol)) Near infra red, line-of sight Microwave WP2 Chip Scale QKD Components (WP Lead: Mark Thompson (Bristol)) Chip scale optics Network switches WP3 Quantum Networks (WP Lead: Andrew Shields (TREL)) Quantum Core Networks Quantum Metro Networks Quantum Access Networks WP4 Next Generation QComm (WP Lead: Gerald Buller (Heriot-Watt)) Quantum digital signatures Quantum Relays, Repeaters and Amplifiers Device Independent and Measurement-device independent QKD

Quantum Communications Hub: Work packages Note: standard slide format – flexible - e.g text and image (if needed an image can be sized and placed as suits to illustrate/balance text). Quantum Communications Hub: Work packages [IMG] Image legend

WP1: Quantum secured key exchange for consumers <€3000 <€10 Could use one-time-pad to protect the PIN Generate one-time-pad using quantum secured key exchange Key exchange at ATM allows user to ‘top-up’ a personal one-time-pad.

WP1: Why? Weekly ‘top-up’ a personal one-time-pad into a personal phone/card. Protects against ‘skimming’ Type your PIN into YOUR device Absolute security for PIN online Low cost: free to all customers The competition: present readers provide simplistic security based on ‘toy’ codes. In shops: data between card and reader NOT encrypted during a transaction, PIN is sent in the clear! See http://www.cl.cam.ac.uk/~sd410/ See also google/vodafone: phone=wallet Hacking demo

Bob meets Alice

WP1: The credit card Alice New System: Target 3x20x40mm Alice >100MHz operation

WP1: Flexible receiver and software concept: Standard 19” rack system with replaceable receiver and software sub-units

WP2 Vision: Chip-based Qcomms devices Integrated quantum photonic Qcomms chip 1mm Current approach

WP2: Compact chip-based QKD Chip-based devices for: Low cost Compact Energy efficient Mass-manufacture Compatibility with current microelectronic devices Hub will target: Fully integrated and packaged QKD devices with control electronics Deployment in real networking situations

WP2: Targeted Applications Mobile devices Computer networks City wide communications network

WP2: Chip-based QKD/WDM switches 4x4 building block 16x16 integrated switch Compact switching device for reconfigurable quantum networks InGaAsP devices based on Clos switching architecture

WP3: Quantum Networks Today: Point-to-point fibre QKD links

WP3: Quantum Networks Explore integration of QKD in different network segments (long-haul, metro, access) Key management and security analysis of extended trusted node network Application development, eg layer 3 encryption, quantum digital signatures Multiplex quantum signals on conventional DWDM grid . . data Provisioning of quantum and data channels quantum DWDM DWDM

WP3: UK Quantum Network Establish large-scale Quantum Network test-bed in UK Implemented in stages Metro networks in Cambridge and Bristol Long-haul network connecting Cambridge-London-Bristol (NDFIS) with possibility to extend Access networks providing multi-user connectivity TREL Cambridge Martlesham (BT) UCL Bristol Reading Telehouse NPL Southampton A focus for application development, industrial standardisation and user engagement Potential test-bed for the other QT Hubs and associated projects

Untrusted Measurement Unit WP 4: Emerging Quantum Communications Technologies Quantum Digital Signatures Information Theoretic Secure Digital Signatures Quantum Repeaters Amplifiers for Quantum Communications Systems 𝑝 𝑥 Noiseless amplifier Quantum limited amplifier Classical Coherent states |ΨAlice> Bob Verify Alice |ΨAlice> Charlie Measurement Device Independent Quantum Key Distribution Cryptographic Key Exchange in an Untrustworthy World Several km Alice Bob Untrusted Measurement Unit Several km

Quantum Comms Hub: Theory and Security Analysis Contributes to all four Technology Workpackages: Identify and remove security vulnerabilities at an early stage Contribute to ETSI standards for QKD and other Qcomm systems Physical level security analysis Match physical models for analysis to practical implementations Widely applicable channel analysis with side channel information leakage studies Analysis of attacks and countermeasure design Protocol level security analysis Analysis of protocol stacks, incorporating low-level quantum and higher level conventional protocols Analysis of practical security advantages of new protocols such as QDS and MDIQKD “Quantum-immune” conventional (classical) protocols Hybrid system analysis High speed (Gb/s upwards) systems combine QKD and conventional secure communications protocols, trading unconditional and forward security for speed Detailed security analysis of such hybrid systems (and mitigation against security “loss”) is needed

Quantum Communications Hub: Work package targets “Commercial-ready” QKD technologies... WP1 Short Range Consumer QKD Handheld system, leading to minimal mobile phone modification for Alice Microwave quantum secure communications analysed and demonstrated WP2 Chip Scale QKD Components Chip scale Alice with semi-bulk Bob, leading to fully packaged chip scale QKD optical modules Network switches demonstrated on the UKQN WP3 Quantum Networks High bit rate link encryption Quantum Metro Networks demonstrated in Bristol and Cambridge Establishment and operation of the UKQN WP4 Next Generation Quantum Communications Quantum digital signatures deployed at Metro Network level Quantum Relays/Repeaters for weak pulse QKD demonstrated on UKQN Device Independent and Measurement-device independent QKD deployed at QAN level

Note: standard slide format – flexible - e Note: standard slide format – flexible - e.g text and image (if needed an image can be sized and placed as suits to illustrate/balance text). Title Text

Note: standard slide format – flexible - e Note: standard slide format – flexible - e.g text and image (if needed an image can be sized and placed as suits to illustrate/balance text). Title Text [IMG] Image legend

Partners Note: Logos to add/be supplied. 8x University, and industry / funding body partners. Grid format – and locked in place (master template option). Partners [PARTNER LOGO]

Quantum Communications Hub The UK National Quantum Technologies Programme aims to ensure the successful transition of quantum technologies from laboratory to industry. The programme is delivered by EPSRC, Innovate UK, BIS, NPL, GCHQ, DSTL and the KTN. National Network of Quantum Technologies Hubs: Quantum Communications Hub Director: Tim Spiller Main partners: York (lead), Bristol, Cambridge, Heriot-Watt, Leeds, Royal Holloway, Sheffield, Strathclyde, Toshiba Research Europe Ltd. (TREL), BT and the National Physical Laboratory (NPL)

QCrypto – Example Key Distribution Alice and Bob use alternative bases of individual photonic qubits (e.g. plane polarization) to keep Eve guessing (BB84 protocol). Alice sends photons one by one, chosen at random from Bob chooses to measure polarization in basis or chosen at random. Bob announces publicly his list of bases used, but not his results! (Null results are identified and discarded.) Alice tells Bob which data to keep, those where he used the basis in which she transmitted. They agree a protocol for 0,1 in each basis to obtain a shared bit string, the raw quantum transmission (RQT). | > | > | > | >

QCrypto – Example Key (BB84) | > = 1 | > = 0 | > = 0 | > = 1

QCrypto – Eavesdropping Eve cannot clone qubits, but she can try the same as Bob --- guess a basis at random from or , measure the polarization and then send on a photon to Bob polarized as per her result. Out of the results which Alice and Bob keep, Eve will guess wrong (on average) half of the time. Out of these (through measurement in the wrong basis), Bob will (on average) project half of these photons back to the original state transmitted by Alice. Eve therefore corrupts 25% of the RQT which she intercepts. More involved eavesdropping strategies also leave evidence: the irreversibility of quantum measurement ensures that Eve cannot gain information without causing disturbance.

QCrypto – Errors and key distillation Using the public channel, A and B can: - Estimate Eve’s activity - Detect and eliminate errors in the RQT - Distil a highly secure key However, this costs! For every bit of information revealed publicly, a component bit is discarded to avoid increasing Eve’s information. -6 e.g. 4% RQT errors: 2000 ---> 754 bits (Eve knows ~10 bit) 8% RQT errors: 2000 ---> 105 bits (Eve knows ~10 bit) -6

WP4: MDI-QKD Current QKD systems secure the fibre, but equipment must be physically secure & several “hacks” on detectors demonstrated Alice Bob Eve’s domain Measurement Device Independent (MDI) QKD relaxes the requirement to trust the detectors. (The detectors can even be operated by Eve) Alice Bob Measurement Unit BS PBS D1 D2 D3 D4 Mitigates all attacks on the detectors. We plan to demonstrate a practical and efficient system for MDI-QKD. Complimented by theoretical analysis of MDI-QKD, as well as complete DI-QKD.

WP 4: Quantum Digital Signatures Bob |ΨAlice> Alice |ΨAlice> Charlie Authentication A receiver believes the message was from a known sender. Non-repudiation A sender cannot deny sending a message, without claiming that the private key has been compromised. Integrity The message was not altered in transit. Transferable The message is transferrable: Bob can be sure that if he forwards the message to Charlie, then Charlie will also accept the message as genuinely from Alice.

Phase encoded coherent states: “A quantum one-way function” WP 4: Quantum Digital Signatures Phase encoded coherent states: “A quantum one-way function” Alice Classical List of Phases Difficult Easy Set phases Measure phases π π/2 3π/2 Phase Intensity Bob & Charlie Coherent States The lower the intensity, the harder it is to distinguish between the phases of the coherent states

WP 4: Quantum Repeaters Classical amplifier: Increases the amplitude of the signal Quantum amplifier: A perfect amplifier would violate the No-cloning Theorem Original Perfect copy Imperfect copy We pay the price in the form of noise: Classical: noise is added from the technical limitations of the equipment Quantum: Heisenberg’s relation prevents exact knowledge of the signal, i.e. intrinsic noise Solution: Non-deterministic (or probabilistic) amplifier Keep the success probability low 𝑝 𝑥 Noiseless amplifier Quantum limited amplifier Classical Coherent states

 ?  WP 4: Quantum Repeaters Subtraction Vacuum Detector Comparison 𝑡√2𝛼⟩ ⟨𝑡√2𝛼 𝑡≈1   “1” 𝑟≈0 Vacuum Subtraction Detector 𝑝 1 √2𝛼⟩ ⟨√2𝛼 + 𝑝 2 0⟩⟨ 0  𝑝 1 > 𝑝 2 𝛼⟩ ⟨𝛼 ?  Imperfect Indication of Amplification “0” −𝛼⟩ ⟨−𝛼 Comparison Detector 𝛼⟩ ⟨𝛼

WP 4: Quantum Teleportation RM Stevenson, J Nilsson, AJ Bennett, J Skiba-Szymanska, I Farrer, DA Ritchie, AJ Shields arXiv preprint arXiv:1307.3197

References for WP 4 P J Clarke, R J Collins, V Dunjko, E Andersson, J Jeffers and G S Buller, Nature Comm. 3, 1174 (2012). V Dunjko, P Wallden and E Andersson, Phys. Rev. Lett. 112, 040502 (2014). E Eleftheriadou, S M Barnett and J Jeffers, Phys. Rev. Lett. 111, 213601 (2013). R J Donaldson et al., Experimental Implementation of a Quantum Optical State Comparison Amplifier, arxiv:1404.4277. C L Salter et al. An entangled-light-emitting diode, Nature 465, 594–597 (2010). M Stevenson et al.,Nature Comm. 4, 2859 (2013).