This is sourced from:
Townsend P. D, et al. (1994) Quantum cryptography for multi-user passive optical networks.
Multi-user passive optical networks (PONs) enable the exchange of secure keys to each user within the network, and hence, securely encrypt a broadcast transmission on the network.
For QKD to become more utilizable, it needs to be able to work in a network that contains any-to-any and any-to-many communications. A multi-user PON scheme can allow ‘a network controller to distribute distinct secret keys to each of N users on the network, and hence to securely encrypt subsequent data transmissions broadcast on the network.’
QKD networks, in general, use optical fiber for data transmission, which allows point-to-point transmission on smaller networks. However, for a large network with many users, the utilization of point-to-point transmission becomes increasingly complicated. This article focuses on ‘simpler architectures based on passive optical networks in which the nodes are passive optical splitters. For a star-styled network, communications occurs at the ‘head-end of the PON and information is broadcast to, and ‘broadgathered’ from the downstream terminals on the network.’
In a multi-terminal network, a single input photon will only be received by a single receiver. This is also the case for optical pulses, except for the instance in which the average photon number per pulse is far less than one. ‘Hence in order to implement the standard quantum cryptography protocols on the network, the controller transmits a randomly encoded sequence of clocked pulses onto the network, an all receivers simultaneously make synchronous but independent random measurements on the network outputs. Because of the statistically random output from each coupler, this procedure is equivalent to simultaneously setting up N distinct quantum cryptography links in which the transmitter sends a random sequence in each case.’ Once this procedure is completed, the controller has supplied each terminal with a distinct key. This key can either be used to establish a secure link between the controller and a specific terminal. By encrypting a message with the key, Ki, the broadcast message can only be decrypted by terminal Ri. Each key can also be used by the controller to create an OTP of a master network key, which could be securely distributed to each terminal. This would enable the secure encryption of traffic between users on the network, with the controller acting only as a router.