Tokyo QKD Network

This information is sourced from:
Sasaki M, et al. (11 May 2011) Field test of quantum key distribution in the Tokyo QKD Network.

The previous networks, DARPA, SECOQC, SwissQuantum, Durban[1], ATDNet, and Hefei[2], can be organized into two different network schemes: ‘key relay via trusted nodes, and transparent link via optical switching’.

The Tokyo QKD network is a mesh-type with six different QKD systems using the trusted node scheme. The network has four access points that are connected with commercial grade fibers. The four access points Kogenai (Ko), Otemachi (Ot), Hakusan(Ha), and Hongo (Ho).

For the Ko-Ot link (45km), loss rate is an average of approximately 0.3dB/km.
For the Ha-Ot link (12 Km), and Ho-Ot link (13km), loss rate is an average of 0.5dB/km.

Tokyo QKDN

The QKD network is part of  ‘the NICT open testbed called Japan’s Giga Bit Network 2 plus (JGN2plus)’, and has plenty of noise in the fibers and interfiber crosstalk (‘photon leakage from neighboring fibers’) is often observed. The crosstalk can be reduced through the implementation of a ‘narrow spectral or temporal bandpass at the receiver.’

Link 1: MELCO used decoy state BB84 protocol over 24km (loop) between Otemachi and Hakusan.

Link 2: NEC-NICT used BB84 protocol over 45km between Otemachi and Koganei, using the NICT’s superconducting single photon detector (SSPD).

Link 3: NTT-NICT used differential phase shifted (DPS) QKD over a 90km (loop) between Koganei and Otemachi, using the SSPD also.

Link 4: All Vienna used BBM92 with installed fibers over 1km.

Link 5: TREL used decoy state BB84 protocol over 45km, using electrically cooled self-differentiating avalanche photodiodes (SD-APDs).

Link 6: IDQ used their commercial system that employs the SARG04 protocol over the 13km between Otemachi and Hongo.

The network contains quantum links that are connected to create a network, where each link has a unique method in generating the key. ‘The QKD protocols as wells as the format and size of the key material can be arbitrary.’ The Tokyo network implemented the three-layer architecture similar to the one in the SECOQC article. The base layer involves a QKD device that pushes the key materials to the middle key management layer. The key management layer contains a key management agent (KMA) that exists at each node and ‘receives the the key material via an application interface (API)’. The API used in this system was developed by NEC and NICT and was compatible with the SECOQC quantum backbone link interface (QBB-LI). The use of the compatible API increased the ‘interoperability of a great variety of different QKD devices’.

The KMA is a computer that works as a trusted node. Its job is to ‘resize the key materials for absorbing the difference in key generation rate and key length of each QKD link, to reshape the key materials into a common format for further use, and to supply unique identifiers to the key materials.’ ‘ It then stores the materials in numerical order to synchronize key usage during encryption and decryption.’ The KMA also stores the information of the key generation rate and the QBER, which is then forwarded to the key management server (KMS), ‘who is introduced for the centralized management network’.

‘The KMS coordinates and oversees all links in the network’, as all network functions are performed within the KM layer. ‘A KMA can relay a secure key shared with one node to a second node by OTP-encrypting the key, using another key shared with the node.’ The KMS is in control of determining the provision of secure paths and managing the key life cycle.

Authentication is done by the WC scheme with a prior secure key.

Secure communication is achieved by using the keys for the encryption/decryption of any file ‘produced by various applications’. The users are situated within the trusted nodes and their data is sent to the KMAs to be encrypted/decrypted with an OTP in ‘a stored key mode’. Advanced Encryption Standard (AES) is also implemented in each of the KMAs. ‘The KMS switches two cryptographic schemes, referring residual amounts of secure keys.’

The Tokyo QKD uses an autonomous search algorithm to determine the node pathway. ‘The main reason for adopting the centralized management in the Tokyo QKD Network is that it assumes a test case if a government-chartered network or a mission critical infrastructure network which often have a central dispatcher or a central data server.’

Tokyo -Three layer scheme

QKD Systems
Tokyo Network Table

    • This system has been designed for ‘fast QKD for metropolitan-scale distances, which can realize OTP encryption of video data’.
    • ‘The hardware engine has a large memory, large-size field programmable gate arrays (FPGAs), and hish speed in/out interfaces, which can potentially handle up to 8 WDM channels, i.e. for a processing speed of up to 10Gbps’.
    • The decoy method has been realized with three different types of pulses: signal, decoy, and vacuum.
  • TREL
    • The photons are detected with ‘InGaAs APDs in self differentiating (SD) mode’ that are electrically cooled to -30° C.
    • The self-differentiating technique suppresses any afterpulse noise.
    • ‘The DPS-QKD scheme is especially suitable for fiber transmission, and is known to be secure against general individual attacks’.
    • Bob’s server sends the time information of the generated sifted keys to Alice’s server via an Ethernet connection.
    • ‘Ultra stable sifted key generation for more than 8 days was demonstrated. (Resulted with sifted key generation rate of 18kbps, and QBER of  an average 2.2%)
    • A stable operation for four hours was demonstrated for secure key generation combined with a key distillation engine. (Figures shown in table)
  • Mitsubishi
    • ‘Quantum and classical light sources are designed using DWDM (dense wavelength division multiplexing) DFB laser modules at telecom wavelengths.’ (Quantum is 1549.32nm, Classical is 1550.92nm)
    • ‘The system uses light pulses with four different intensity levels (signal: 0.63 photons per pulse, decoy: 0.3, 0.1, and vacuum). It consists of PLC’s with polarization stabilizers and commercial APDs.’ (Detection efficiency: 3%, dark count probability:6×10-6)
    • The InGaAs/InP APD detectors were set at -40° C through the use of Peltier modules.
    • ‘Single photon detectors were realized with both sinusoidal wave gating and a self-differentiating circuit.’
    • Error correction involved a low density parity check (LDPC) code that has been designed to ‘achieve a performance approaching Shannon’s limit’.
    • Privacy amplification time was reduced by using the fast Fourier transform ‘for multiplying the Toeplitz matrix and a reconciled key’.
    • A stable operation of key generation for 3 days was demonstrated.
    • An ‘OTP smartphone using QKD’ was also achieved: ‘Voice data is encoded at a rate of 1kBps, which requires approximately 1.2 MB for a 10min bidirectional talk. With a 2 GB Secure Digital (SD) card, continuous conversation for 10 days by OTP encryption can be supported with a single downloading.’ The secure key is downloaded from the QKD device, and after a key has been used, it is cleared from the smartphone’s memory.
  • IDQ
    • ‘System is working in a phase coding configuration and is based on the Plug & Play optical platform. This is a go and return configuration which allows high quality auto-compensation of polarization and phase fluctuation of the quantum channel.’
    • Has run for a 6 moth period continuously, except for 2 months  within that period, when tuning and secure key rate optimization occurred.
    • An addition of a filter increased the link loss, but reduced noise, which enabled a higher secure key exchange rate.
    • The QBER was reduced from 4% to 2% with the addition of the filter as it greatly reduced the crosstalk noise via spectral filtering.
  • All Vienna
    • Scheme is not ‘prepared by modulators’, and is instead ‘measured by passive polarization analyzers situated in the spatially separated devices of Alice and Bob’.
    • ‘Thereby quantum correlations are transferred into secrets’.
    • The passive entanglement scheme contains some benefits in that it is robust against certain attacks. An increase in laser power doesn’t present any leakage, but rather, after certain procedures, results in an ‘increased QBER and key rate reduction’. Consistent monitoring of the incident power stops any ‘blinding the detectors remotely’, which ensures that the detectors cannot be directly controlled by an ‘adversary’.
    • ‘The measurement results at Alice and Bob are further processed by an FPGA and an embedded PC (per device), delivering secure key over predefined interfaces’.
    • polarization drift with the fibers can be detected and ‘compensated at the receiver by a sophisticated polarization control algorithm.’
    • ‘Specifically QKD post-processing involves the standard stages of sifting, reconciliation (error correction), confirmation, and privacy amplification.’ The CASCADE error correction technique was applied, in ‘the parallel CASCADE flavor’ (L. Salvail’s proposition from SECOQC), which reduces the communication latency, and ‘real-time error correction speed’.
    • The privacy amplification block length was configured to 300kbit.
    • ‘Privacy amplification is based on a 2-universal hash function family realized as binary matrix multiplication with Toeplitz matrices’. An application which is computationally ineffective as is, but can be sped up using the Fourier transform.
    • The temperature of the environment can influence polarization stability, which was observed in the ‘arms of Bob’s BB84 module leading to a slow decrease of the secure key rate’.



[1] Mirza A. and Petruccione F. (24 May 2010)Realizing long-term quantum cryptography. Optical Society of America, Volume 27, No. 6.
Sourced from:

[2] Wang S. et al. (10 September 2014) Field and long term demonstration of a wide area quantum key distribution network.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s