Key transport in quantum cryptographic networks
First Claim
1. A method for establishing a key using a plurality of nodes, wherein each node is coupled to a first network and a second network, and wherein nodes that neighbor each other in the second network establish respective keys, said method comprising:
- determining a sequence of bits at a first node;
communicating the sequence of bits through the first network to a second node along at least one path traversing a set of the plurality of nodes based on the respective keys established for the nodes in the set; and
determining a key that is shared between the first node and the second node based on the sequence of bits.
6 Assignments
0 Petitions
Accused Products
Abstract
Methods, apparatus, and systems are provided for distributing a key between nodes. The nodes are provided separate links for carrying messages versus keying information or material. The links for carrying messages couple the nodes to a messaging network, such as the Internet. In addition, the nodes are coupled together in a key distribution network by specialized links for carrying keying information or material. The links for keying information or material are configured to ensure the security of the keying information or material. The nodes that neighbor each other in the key distribution network establish respective pairwise keys. Once the pairwise keys are established, a set of non-neighboring nodes establish a shared key by communicating a sequence of bits through the messaging network. In order to ensure the security of the sequence of bits, the sequence of bits is encrypted based on the respective pairwise keys of neighboring nodes as it is forwarded in messages through the messaging network.
79 Citations
24 Claims
-
1. A method for establishing a key using a plurality of nodes, wherein each node is coupled to a first network and a second network, and wherein nodes that neighbor each other in the second network establish respective keys, said method comprising:
-
determining a sequence of bits at a first node;
communicating the sequence of bits through the first network to a second node along at least one path traversing a set of the plurality of nodes based on the respective keys established for the nodes in the set; and
determining a key that is shared between the first node and the second node based on the sequence of bits. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for establishing a key using a plurality of nodes, wherein each node is coupled to a first network and a second network, and wherein nodes that neighbor each other in the second network establish respective keys, said system comprising:
-
means for determining a sequence of bits at a first node;
means for communicating the sequence of bits through the first network to a second node along at least one path traversing a set of the plurality of nodes based on the respective keys established for the nodes in the set; and
means for determining a key that is shared between the first node and the second node based on the sequence of bits.
-
-
12. A node, comprising:
-
a first interface coupled to a first network;
a second interface coupled to at least one additional node; and
a processor configured to determine a first key that is shared with the at least one additional node based on information exchanged through the second interface, determine a sequence of bits, determine a result based on combining the sequence of bits with at least a portion of the first key, send the result in a message to the additional node through the first network via the first interface, and determine a second key that is shared with a second node based on the sequence of bits. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A node, comprising:
-
a first interface coupled to a first network;
a second interface coupled to a first neighboring node;
a third interface coupled to a second neighboring node; and
a processor configured to establish respective keys shared with the first neighboring node and second neighboring node, receive a first message that is routed from the first neighboring node through the first network, identify a sequence of bits in the first message based on the respective key shared with the first neighboring node, identify whether the sequence of bits is to be used for a key shared between a set of other nodes coupled to the first network, determine a result based on combining the sequence of bits with at least a portion of the respective key shared with the second neighboring node, and forward the result in a second message that is routed through the first network to the second neighboring node. - View Dependent Claims (20)
-
-
21. A system for distributing a sequence of bits to be used as a key that is shared between a first node and a second node, comprising:
-
a first network for exchanging messages;
a second network for exchanging keys; and
a set of nodes coupled to the first network and the second network, wherein nodes that neighbor each other in the second network establish respective keys and wherein the nodes are configured to communicate the sequence of bits from the first node to the second node through the first network based on the respective keys established through the second network. - View Dependent Claims (22, 23, 24)
-
Specification