ETSI GS QKD 012 V1.1.1 (2019-02)

ETSI GS QKD 012 V1.1.1 (2019-02)
GROUP SPECIFICATION
Quantum Key Distribution (QKD);
Device and Communication Channel Parameters
for QKD Deployment
Disclaimer

The present document has been produced and approved by the Quantum Key Distribution (QKD) ETSI Industry Specification

Group (ISG) and represents the views of those members who participated in this ISG.

The present document may be made available in electronic versions and/or in print. The content of any electronic and/or

print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any

existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI

deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.

Users of the present document should be aware that the document may be subject to revision or change of status.

Information on the current status of this and other ETSI documents is available at

If you find errors in the present document, please send your comment to one of the following services:

No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying

The content of the PDF version shall not be modified without the written authorization of ETSI.

DECT , PLUGTESTS , UMTS and the ETSI logo are trademarks of ETSI registered for the benefit of its Members.

3GPP and LTE are trademarks of ETSI registered for the benefit of its Members and

oneM2M™ logo is a trademark of ETSI registered for the benefit of its Members and

Intellectual Property Rights ................................................................................................................................ 4

Foreword ............................................................................................................................................................. 4

Modal verbs terminology .................................................................................................................................... 4

1 Scope ........................................................................................................................................................ 5

2 References ................................................................................................................................................ 5

2.1 Normative references ......................................................................................................................................... 5

2.2 Informative references ........................................................................................................................................ 5

3 Definition of terms, symbols and abbreviations ....................................................................................... 6

3.1 Terms .................................................................................................................................................................. 6

3.2 Symbols .............................................................................................................................................................. 8

3.3 Abbreviations ..................................................................................................................................................... 8

4 QKD Communication channels and architecture ..................................................................................... 8

4.1 QKD processes ................................................................................................................................................... 8

4.2 QKD Communication channels .......................................................................................................................... 9

4.3 QKD Quantum channel ...................................................................................................................................... 9

4.4 QKD Synchronization channel ......................................................................................................................... 10

4.5 QKD Distillation channel ................................................................................................................................. 10

5 QKD architectures .................................................................................................................................. 10

5.1 Definition of QKD architecture ........................................................................................................................ 10

5.2 Dedicated quantum channel QKD deployment ................................................................................................ 10

5.2.1 Definition .................................................................................................................................................... 10

5.2.2 Dedicated-link ............................................................................................................................................. 11

5.2.3 Dedicated-to-quantum ................................................................................................................................ 11

5.3 Multiplexed QKD deployment architecture ..................................................................................................... 12

5.3.1 Definition .................................................................................................................................................... 12

5.3.2 QKD-only multiplexed architecture ........................................................................................................... 12

5.3.3 Fully multiplexed architecture .................................................................................................................... 13

6 Planning a QKD Deployment: Entities and Contexts ............................................................................ 14

6.1 Entities and roles in deployment planning ....................................................................................................... 14

6.2 Contexts ............................................................................................................................................................ 15

7 Information exchange templates ............................................................................................................ 15

7.1 Introduction ...................................................................................................................................................... 15

7.2 Network parameters list and classification ....................................................................................................... 16

7.3 QKD parameters list ......................................................................................................................................... 17

Annex A (informative): Authors & contributors ................................................................................. 18

History .............................................................................................................................................................. 19

IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information

pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found

in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in

respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web

Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee

can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web

The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners.

ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no

right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does

not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks.

This Group Specification (GS) has been produced by ETSI Industry Specification Group (ISG) Group Quantum Key

In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and

"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of

"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.

The present document describes the main communication resources involved in a QKD system and the possible

architectures that can be adopted when performing a QKD deployment over an optical network infrastructure.

The scope of the present document is restricted to QKD deployments over fibre optical networks. Architectural options

The different entities that can take part in a QKD deployment and the possible contexts of deployment capturing the

roles played by the different entities are defined. One specific context (context1) is then addressed where one entity

(QKD_O), operating QKD Modules, plans a QKD deployment over an optical network infrastructure, operated by

The information regarding the QKD system parameters and the network parameters to be exchanged (in context1) are

listed and prioritized. The corresponding tables, placed at the end of the present document, can be used as a standard

template for the exchange of information between QKD_O entities and NET_O entities involved in the QKD

References are either specific (identified by date of publication and/or edition number or version number) or

non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the

Referenced documents which are not found to be publicly available in the expected location might be found at

NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee

The following referenced documents are necessary for the application of the present document.

References are either specific (identified by date of publication and/or edition number or version number) or

non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the

NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee

The following referenced documents are not necessary for the application of the present document but they assist the

channel: "logical channel", i.e. a communication link, between a sender and a receiver, over which some logical

NOTE: Throughout the present document, the term "channel" refers by default to a "logical channel", i.e. a

communication link, between a sender and a receiver, over which some logical information is exchanged.

Depending on the context, the channel implementation, i.e. the physical nature of the channel, related to

the physical encoding of the information, will also often be considered. In that case the name "channel"

will refer to both the logical nature of the channel, and to the physical nature of its implementation.

classical optical channel: optical implementation of a communication channel for transmitting classical information

NOTE: Classical optical signals typically consist of optical pulses containing a large number of photons, over

which some information is encoded (in time, phase, intensity, polarization, etc.). Classical optical signals

are perfectly distinguishable and communication over a classical optical channel is therefore vulnerable to

zero-error attacks where an eavesdropper non-destructively reads the signals, without introducing errors

context: "context of deployment", i.e. a scenario specifying some aspects of the roles played by the different entities,

disturbance on the quantum channel: disturbance on the quantum channel related to the noise on the QKD quantum

NOTE: Disturbance is measured by evaluating the correlation level between the classical strings (raw data)

matching QKD module: QKD Module that when connected by appropriate communication channels can cooperate to

NOTE: Typically a type A QKD Module could be a matching QKD Module for a type B QKD Module and vice

network operator: entity in charge of operating technically the optical network infrastructure and in particular

EXAMPLE: In the context of a deployment, this role is typically assumed by a service provider.

QKD distillation channel: channel used to exchange digital classical information, typically between QKD Modules of

type A and B, in order to agree on a shared secret key starting from the raw data the QKD Modules initially obtain in an

NOTE 1: The communication over the distillation channel is typically used to perform two stages of a QKD

 Sifting: A and B communicate classical information to select a subset of the raw data, leading to the

 Classical post-processing: A and B agree on a secret key from their respective raw data via public

NOTE 2: The QKD distillation channel can be implemented over different types of transmission media (optical,

NOTE 3: The name "Distillation" normally refers to the notion of classical post-processing excluding sifting that

can be performed prior to distillation. Nevertheless the name "distillation" is used as the name for this

channel that can also include communications associated with sifting, since this name is non-ambiguous

and expresses clearly the nature of the information exchanged on the channel. (Similarly the name

"Synchronization channel" is used to refer to a channel that can convey information wider than time

NOTE 4: The QKD Distillation channel can also be called the "Distillation channel".

NOTE 5: One of the security requirements of QKD protocols is that the Distillation channel is authenticated.

Discussing security and cryptographic requirements of QKD is outside of the scope of the present

document. Deployment and initialization of matched QKD modules should be done in accordance with an

QKD module: set of hardware and software components that implements QKD cryptographic functions and quantum

optical processes, including cryptographic algorithms and protocols and key generation, and is contained within a

NOTE: A QKD Module constitutes one endpoint in a QKD link. It can be of type A (sender) or B (receiver). A

EXAMPLE: In the context of a deployment, the "QKD Operator" role would typically be the responsibility of

the owner of the QKD Module. It might also be the responsibility of a tier (possibly the QKD

QKD quantum channel: quantum optical channel, typically between QKD Modules of type A and B, used to perform

NOTE 1: It is implemented by sending quantum optical signals (typically weak coherent states of light), on which

information is encoded (different encodings can be used: phase, polarization, time-bin, spatial mode, etc.).

NOTE 2: In the context of the present document, it is assumed that the quantum channel is implemented over an

QKD synchronization channel: channel that carries reference signals for the purpose of reference frame sharing

(synchronisation, phase reference, polarization reference etc.), typically between QKD Modules of type A and B, in

NOTE 1: It is typically implemented by encoding analogic information encoded over classical optical signals, sent

NOTE 2: The name "Synchronization" normally refers exclusively to the notion of time reference sharing and no

other types of reference information. Nevertheless the name "Synchronization" is used as the name for

this channel that can also include other types of reference information, since this name is non-ambiguous

and expresses clearly the nature of the information exchanged on the channel. (Similarly the name

"Distillation channel" is used to refer to a channel that can convey information wider than distillation.)

NOTE 3: The QKD Synchronization channel can also be called the "Synchronization channel".

NOTE: When properly connected to the appropriate communication channels a QKD system can perform

quantum key distribution: establishment between A and B of a symmetric secure key.

Quantum Key Distribution (QKD): procedure or method for generating and distributing symmetrical cryptographic

quantum optical channel: optical implementation of a communication channel for transmitting quantum signals

NOTE: It is implemented by encoding quantum information, i.e. non-orthogonal quantum states, on dim optical

pulses containing a low mean photon number. The optical link on which the quantum channel is

implemented is in general required to be transparent, i.e. it cannot contain any amplifier elements.

raw data: raw correlated classical data at A and B that was shared using a quantum channel and after any sifting has

NOTE 1: In many implementations quantum signals are prepared at A, sent on the quantum channel and then

NOTE 2: The name "raw data" refers to more than one classical string, e.g. one at A and one at B. These raw

A Alice, designating either a QKD Module, or the operator of said device, or the location of said

B Bob, designating either a QKD Module, or the operator of said device, or the location of said

A QKD system consists of two QKD Modules (QKDA and QKDB, in short A and B) connect