European Space Agency

QKD4ECI - Quantum Key Distribution for European Critical Infrastructure

Objectives

The main objective of the study was to identify how space-based optical communication technologies, in particular QKD, can be designed, deployed and used to protect European critical infrastructure.

Initial tasks included conducting a field analyses to elaborate a profound knowledge of existing technologies used to protect European critical infrastructure, identifying problem areas as well as down-selection of two solutions for which the expected security improvement, commercial expectations, technical readiness and competitiveness against non-space or non-optical solutions have been assessed.

By thoroughly understanding the needs of end-users, a system study and market analyses defined mission-related as well as system/sub-system requirements both for space segment as well as ground infrastructure.

Analysing related key parameters (orbits, constellations, criticalities in space and ground segment) in more detail from a system level perspective allowed to develop a respective high-level system architecture including all relevant (sub-) systems.

Further, the study covered the evaluation of the TRL of the respective technologies for space and ground segment, as well as the development of a roadmap for the critical enabling technologies including network security elements.

Finally the study aimed at elaborating business cases with the goal to provide a service with an improved security within the identified areas.

Challenges

A major part of the field analysis was the conduction of interviews with IT security specialists at critical infrastructure providers, cryptography specialists at technology / service providers or innovation specialists.

Main challenges was thus to identify suitable interview partners and convince them to participate. Although fundamental information could be extracted by the interviews, more detailed technical parameters could not always be gained.

An additional challenge addresses the exposure of needed information, as this is mostly highly sensitive data involving critical security aspects at the core of the IT infrastructures of the respective organisations.

System Architecture

For both use cases, data centre synchronisation as well as power grid communication, a LEO based QKD prepare and measure scheme has been identified to be the best-fitting solution, whose functional architecture then was developed taking into account the respective user requirements. Link budget and key rate estimations were performed and, that, in combinations with assumption on future market perspectives then allowed to determine the overall system composition:

  • Data Center Synchronisation:
    • Constellation of 8-13 LEO (600 km) satellites      
    • Up to 250 User Ground nodes
    • Control Ground Segment to coordinate key generation over the complete system, included in one of the User Ground Nodes
    • Required key bits on ground ≈ 25kbit/day by one ground station        
      ≈ 6.25Mbit/day for all nodes
  • Power Grid Communication
    • 1 LEO (600 km) satellites
    • Up to 60 User Ground nodes
    • Control Ground Segment to coordinate key generation over the complete system, included in one of the User Ground Nodes           
    • Required key bits on ground: ≈ 37 bit/day by one ground station,   
      ≈ 2.22 kbit/day for all nodes

Plan

Within the initial phase, critical infrastructures in EU states have been screened in order to identify areas where failures in the data exchange would have massive negative consequences. Individual problem areas have been defined. Different solutions have proposed and down selected.

In the second phase, respective end user requirements have been defined. Based on those, requirements and operational scenarios have been developed, followed by system architecture and mission requirements.

Subsequently, different relevant technologies have beeen identified and assessed with respective of their maturity. Based on the outcomes, the technology development roadmaps has been proposed.

The last phase targeted the assessment of business cases for the different scenarios.

Current status

The study has been successfully finished.

The overall potential for space-based QKD to protect European Critical Infrastructure is given and the feasibility of a suitable architecture has been demonstrated. Further technology development as well as certification effort is required in order to allow for a system deployment as of 2026.

The potential future threat by the development of quantum computers is perceived differently by European critical infrastructure operators at present. By those being aware of the threat, and consequently deeming a transition to quantum-safe cryptography as necessary, the potential of QKD as one approach is clearly understood. 

Status date

Wednesday, January 8, 2020 - 08:49