What exactly is a quantum key distribution network for?

Question

There are many diagrams out there explaining how quantum key distribution works on a physics /optics and mathematics level. I understand these explanations fairly well so I'm not asking about the underlying principles. This is one of the few that actually features people on it (although they seem to be fairly incidental to the usage):-

As I understand it, the machines only transmit keys not actual business data. I appreciate the exchange is done with one time pads, but is it like Diffie–Hellman key exchange otherwise, but only between fixed machines /servers? Do they replace entering AES keys transmitted over the phone /fax? Since AES is hard to break, surely the keys don't need replacing every hour? And do they then operate in pairs, because two is only a network from a marketing perspective. They can't control the log in into my desktop computer can they? And wouldn't all the desktops have to be interconnected with fibre optics rather than Ethernet? The latter is probably a rather naive question.

This additional image clearly shows the transmission of secure encryption keys through a Toshiba quantum network:-

At a separation of 20Km, the devices are generating /exchanging keys at a rate of 10 kbits/s. Why as that's 40 no. 256 bit AES keys each and every second? What exactly does someone do with 140,000 unbreakable AES keys per hour? Even more ridiculously, that's a million new keys in a single business day.

I'd appreciate an answer from a operational perspective, although I realise that this is firstly a cryptography theory site. So what's it for?

I looked at Quantum key exchange skepticism/confusion and a simulated network, but both were unfruitful.

Answer 1

It seems that the initial diagram is correct. A QKDN is exactly this:-

and it relies on two pieces of kit, a quantum key generator and an encryptor device. A 256 bit AES key is generated and shared between Alice and Bob via the BB84 protocol running over dedicated fibre optic cable. The key itself is created via a true random number generator (perhaps based on the phase interference of a laser beam).

The keys are then passed to the encryptor devices which operate AES between themselves over conventional channels. So actual business data flows only between the encryptor devices, over common networking technology and not the quantum machines. The thing that ensures the security of the transmitted data is that the AES keys only have a life span of one minute. They're then replaced. That's why all that quantum data is transmitted. AES keys are constantly being replaced before anyone could even attempt to break them. Clearly some of the numbers here are dependant on individual networks and hardware.

And QKDNs are used in anger all over the world including government and commerce. The first was deployed in Switzerland to secure their frequent public votes /elections. And there are some interesting future developments that won't require fibre optics at all, and some that will ensure secure key exchange over infinite distances.

All of this is to be found on YouTube. Don't laugh. It's a presentation by Kelly Richdale, head of quantum randomness at ID Quantique, a market leader in QKDNs. There is also an unbiased and fair summary of QKD from the European Network and Information Security Agency (ENISA) here. It's concise but rather dated (Nov 2009), so a lot of the open issues should have been resolved or are in the process of being so.

Answer 2

I would say the quantum key distribution networks being built right now are for research. Comparing this research to other fields they would be at the 1969 level for space exploration and for the ARPA net. But we don't know yet if it will turn into something everyone will use for everything, like the internet or something that only has limited potential like space exploration (which only gave us GPS and spy satellites).

The main sales point is instead of making a encrypted communication channel a mathematically hard problem to solve like RSA, you make it an impossible physics problem that can't be solved.