Quantum cryptography (QC) is currently under investigation to build highly secure optical communication networks. QC requires distribution of quantum keys (also called "secret" keys) on separate wavelength channels than those used to transmit the encrypted data. Hence, we propose a quantum-secured passive optical network (QS-PON) that supports both i) the traditional wavelength channels for secured data transmission, and ii) a quantum key distribution network (QKDN) running on separate dedicated wavelengths. The QKDN generates and stores secret keys that are then assigned to users' demands served on traditional PON channels. To generate secret keys, quantum transmitters at the optical network units (ONUs) exchange qubits with a quantum receiver at the optical line terminal (OLT). Then, the generated secret keys are stored in quantum key pools (QKPs) installed at both OLT and the ONUs and assigned to users' demands. Point-to-multipoint QKD systems have been experimentally demonstrated over various forms of quantum access networks (QANs), showing that an efficient mechanism to generate and assign quantum keys based on traffic requests is a critical component of QANs. In this study, we present a new QS-PON architecture, and we propose a dynamic secret-key provisioning (DSKP) algorithm that effectively generates and assigns secret keys from users' demands. Our proposed DSKP algorithm features two phases, the lowest-first secret-key generation (LF-SKG) phase and the hierarchical-clustering secret-key consumption (HC-SKC) phase. In this study, we also provide an analytical model that describes how secret keys are generated and consumed in QKPs. In our illustrative numerical evaluation, we compare our algorithm for secret-key provisioning with a baseline IPACT-based solution in terms of service-rejection ratio, time-slot utilization, and guard- and relay-time saving. Results show that DSKP reduces service-rejection ratio and guard- and relay-time of about 16% and 39.54%, respectively.
Read full abstract