Quantum cryptographic key distribution networks with untrusted switches

US 7,324,647 B1
Filed: 08/31/2001
Issued: 01/29/2008
Est. Priority Date: 10/23/2000
Status: Expired due to Term

First Claim

Patent Images

1. A method of securely transmitting light information in a network along a path comprised of a plurality of untrusted network devices, said untrusted network devices comprising a plurality of switching devices, and said method comprising:

sending at least one setup message to one of said network devices;

based on said setup message, configuring at least one of said network devices to direct said light along said path to a terminal endpoint using at least one of said switching devices, whereby a configured path is established;

sending a plurality of pulses of said light along said configured path, said pulses having a first set of randomly selected quantum bases; and

measuring a quantum state of said light pulses using a second set of randomly selected quantum bases, thereby providing a measured quantum state.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems are disclosed in which information is securely transmitted in a network comprising untrusted network devices. Setup messages are sent to a networking device, and based on the setup messages, light directing devices are configured to direct light along a path from an origin endpoint to a terminal endpoint, thus providing a path through the network. Through the path, a stream of light information is sent using a plurality of light pulses to carry out quantum-cryptographic key distribution.

Citations

33 Claims

1. A method of securely transmitting light information in a network along a path comprised of a plurality of untrusted network devices, said untrusted network devices comprising a plurality of switching devices, and said method comprising:
- sending at least one setup message to one of said network devices;
  
  based on said setup message, configuring at least one of said network devices to direct said light along said path to a terminal endpoint using at least one of said switching devices, whereby a configured path is established;
  
  sending a plurality of pulses of said light along said configured path, said pulses having a first set of randomly selected quantum bases; and
  
  measuring a quantum state of said light pulses using a second set of randomly selected quantum bases, thereby providing a measured quantum state.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. A method according to claim 1, wherein said plurality of switching devices further comprises a plurality of optical switching devices.
  - 3. A method according to claim 1, wherein said configured path is multiplexed onto a single fiber with at least one other quantum-cryptographic signal.
  - 4. A method according to claim 3, wherein said configured path is multiplexed using wavelength division multiplexing.
  - 5. A method according to claim 3, wherein said configured path is multiplexed using time division multiplexing.
  - 6. A method according to claim 1, wherein said setup message is sent using the CR-LDP protocol.
  - 7. A method according to claim 1, wherein said setup message is sent using the RSVP protocol.
  - 8. A method according to claim 1, wherein said setup message is sent via a data network using TCP/IP datagrams.
  - 9. A method according to claim 1, wherein said setup message is sent via an asynchronous-transfer-mode network.
  - 10. A method according to claim 1, wherein said optical switching device comprises a micro-electro-mechanical system mirror array.
  - 11. A method according to claim 1, wherein said optical switching device comprises photonic-band-gap material.
  - 12. A method according to claim 1, wherein said optical switching device comprises a mirror.
  - 13. A method according to claim 1, wherein said light pulse in said plurality of light pulses comprises a single polarized photon.
  - 14. A method according to claim 1, further comprising:
    - establishing at least one sending quantum basis corresponding to said first set of randomly selected quantum bases;
      
      establishing a corresponding receiving quantum basis corresponding to said second set of randomly selected quantum bases;
      
      determining whether said sending quantum basis has an equivalent orientation to said corresponding receiving quantum basis;
      
      discarding any improperly oriented said light pulses for which said sending quantum basis was determined to be different from said receiving quantum basis, whereby a first remaining stream of said light pulses remains;
      
      comparing said measured quantum state of a random subset of said first remaining stream of light pulses as sent, to said first remaining stream of light pulses as received, to produce a set of variant light pulses having a quantity;
      
      establishing a predetermined threshold against which to compare said quantity;
      
      determining whether said quantity exceeds said predetermined threshold;
      
      discarding said random subset of said first remaining stream of light pulses, whereby a second remaining stream of light pulses remains; and
      
      if said predetermined threshold is not exceeded, using said second remaining stream of light pulses as a key to encrypt and decrypt data.
  - 15. A method according to claim 14, wherein said sending and receiving quantum bases are polarization bases chosen from a group of polarization bases consisting of:
    - a diagonal polarization basis; and
      
      a rectilinear polarization basis.
  - 16. A method according to claim 14, wherein said sending and receiving quantum bases are phase-shift bases chosen from a group of phase-shift bases consisting of:
    - a 45 degree phase-shift basis; and
      
      a 90 degree phase-shift basis.

17. A computer-readable medium containing instructions capable of causing at least one digital computer to securely transmit light information in a network along a path comprised of a plurality of untrusted network devices, said untrusted networking devices comprising a plurality of switching devices, said computer-readable medium comprising:
- program code for sending at least one setup message to one of said network devices;
  
  program code for configuring at least one of said network devices to direct said light along said path to a terminal endpoint using at least one of said switching devices based on said setup message, whereby a configured path is established;
  
  program code for sending a plurality of bits using pulses of said light along said configured path, said pulses having a first set of randomly selected quantum bases; and
  
  program code for measuring a quantum state of said light pulses using a second set of randomly selected quantum bases.
- View Dependent Claims (18)
- - 18. A method according to claim 17, wherein said plurality of switching devices further comprises a plurality of optical switching devices.

19. A system in which light information is securely transmitted in a network along a path comprised of a plurality of untrusted network devices, said plurality of untrusted network devices comprising a plurality of switching devices, said system comprising:
- an electrical controller for controlling at least one of said switching devices, wherein said electrical controller orients said at least one switching device to direct optical energy along said path based on at least one setup message received by the electrical controller,wherein said at least one of said switching devices is configured to be oriented into at least two positions;
  
  a light sending apparatus configured to send quantum-cryptographic light pulses along said path; and
  
  a light measuring apparatus configured to observe said quantum-cryptographic light pulses.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 20. A method according to claim 19, wherein said plurality of switching devices further comprises a plurality of optical switching devices.
  - 21. A system according to claim 19, wherein said optical switching device comprises a micro-electro-mechanical system mirror array.
  - 22. A system according to claim 19, wherein said optical switching device comprises photonic-band-gap material.
  - 23. A system according to claim 19, wherein said optical switching device comprises a mirror.
  - 24. A system according to claim 19, further comprising a multiplexer configured to multiplex said configured path onto a single fiber with at least one of said quantum-cryptographic signal.
  - 25. A system according to claim 24, wherein said multiplexer employs dense wavelength division multiplexing.
  - 26. A system according to claim 24, wherein said multiplexer employs time division multiplexing.
  - 27. A system according to claim 19, wherein said setup message is sent using a CR-LDP protocol.
  - 28. A system according to claim 19, wherein said setup message is sent using an RSVP protocol.
  - 29. A system according to claim 19, wherein said setup message is sent via a data network using TCP/IP datagrams.
  - 30. A system according to claim 19, wherein said setup message is sent via an asynchronous-transfer-mode network.
  - 31. A system according to claim 19, wherein said optical switching device comprises a micro-electro-mechanical system device.
  - 32. A system according to claim 19, wherein each pulse in said quantum-cryptographic light pulses comprises a single polarized photon.

33. Apparatus operational with light and with a polarized light pulse originating from an upstream source and terminating with a downstream destination, said apparatus comprising:
- at least one means for directing quantum cryptographic light pulses;
  
  means for orienting said directing means into at least two orientations; and
  
  means for controlling said at least one directing means, wherein said controlling means is configured to, prior to receipt of quantum cryptographic light pulses, receive at least one setup message for configuring said directing means, and for causing said orienting means to orient the directing means in accordance with the setup message into an orientation that directs said quantum cryptographic light pulses from said upstream source to said downstream destination, forming a path from an origin endpoint to a terminal endpoint.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Raytheon BBN Technologies Corp. (Rtx Corporation)
Original Assignee
BBN Technologies Corporation (Rtx Corporation)
Inventors
Elliott, Brig Barnum
Primary Examiner(s)
Sheikh, Ayaz
Assistant Examiner(s)
AVERY, JEREMIAH L

Application Number

US09/944,328
Time in Patent Office

2,342 Days
Field of Search

380255-256, 380/268, 380/33, 380/47, 380277-279, 380/44, 380/283, 726/2, 726 13- 14, 709223-229
US Class Current

380/278
CPC Class Codes

H04B 10/70 Photonic quantum communication

H04L 9/0855 involving additional nodes,...

Quantum cryptographic key distribution networks with untrusted switches

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Quantum cryptographic key distribution networks with untrusted switches

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links