ETSI GS QKD 004 V1.1.1 (2010-12)

Group Specification
Quantum Key Distribution (QKD);
Application Interface
Disclaimer
This document has been produced and approved by the Quantum Key Distribution (QKD) ETSI Industry Specification
Group (ISG) and represents the views of those members who participated in this ISG. It does not necessarily represent the
views of the entire ETSI membership.

2 ETSI GS QKD 004 V1.1.1 (2010-12)

Reference
DGS/QKD-0004_APPLINTF
Keywords
quantum cryptography, Quantum Key
Distribution, use case
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
Individual copies of the present document can be downloaded from:
http://www.etsi.org
The present document may be made available in more than one electronic version or in print. In any case of existing or
perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).
In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive
within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services:
http://portal.etsi.org/chaircor/ETSI_support.asp
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2010.
All rights reserved.
TM TM TM TM
DECT , PLUGTESTS , UMTS , TIPHON , the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered
for the benefit of its Members.
TM
3GPP is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners.
LTE™ is a Trade Mark of ETSI currently being registered
for the benefit of its Members and of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI
3 ETSI GS QKD 004 V1.1.1 (2010-12)
Contents
Intellectual Property Rights . 4
Foreword . 4
1 Scope . 5
2 References . 5
2.1 Normative references . 5
2.2 Informative references . 5
3 Definitions and Abbreviations . 6
3.1 Definitions . 6
3.2 Abbreviations . 6
4 Introduction to the QKD Key Management Layer . 7
5 QKD Application Interface Specification Description . 7
6 QKD Application Interface API Specification . 8
6.1 Sequence diagrams for QKD Application Interface . 11
6.1.1 Case 1: Undefined key handle . 11
6.1.2 Case 2: Undefined key handle and failed blocking call . 12
6.1.3 Case 3: Predefined key handle . 13
6.1.4 Case 4: Predefined key handle and failed blocking call. 13
Annex A (informative): Authors and Contributors . 14
Annex B (informative): Conventional Key Management Systems . 15
B.1 KMIP Draft Documents Version 0.98 . 15
B.2 Other Material . 15
Annex C (informative): Scenario for a QKD network . 16
Annex D (informative): Bibliography . 18
History . 19

ETSI
4 ETSI GS QKD 004 V1.1.1 (2010-12)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (http://webapp.etsi.org/IPR/home.asp).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This Group Specification (GS) has been produced by ETSI Industry Specification (ISG) Group Quantum Key
Distribution (QKD).
ETSI
5 ETSI GS QKD 004 V1.1.1 (2010-12)
1 Scope
The present document is intended to describe the interface between security applications and a QKD key management
layer, which is an additional layer that sits between the QKD systems and various applications.
Key Management in general, covers the exchange, storage, protection, use, identification, installation, replacement and
destruction of cryptographic keys. A QKD system may provide keys for a Key Management System.
QKD, like most key distribution protocols, requires a distributed key management process that operates in a symmetric
(vs. server/client) mode. So both key management peers shall negotiate and verify all reservations and allocations.
The QKD protocol generates a pool of ordered secure bits. The function of this key management layer is to demultiplex
these bits into separate, ordered groups, where each group is used independently by applications and thus shall be
synchronized between the two communication end points. By synchronized we mean that a group of secure bits
reserved at one communication end point are identical to the associated group at the other communication end point. It
is also required that these same secure bits are then discarded by this layer once they are used and never revealed to
anyone else.
2 References
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
http://docbox.etsi.org/Reference.
NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee
their long term validity.
2.1 Normative references
The following referenced documents are necessary for the application of the present document.
Not applicable.
2.2 Informative references
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
[i.1] OMG IDL Syntax and Semantics, Object Management Group Inc., formal/02-06-39
(CORBA 3.0 - OMG IDL Syntax and Semantics chapter).
NOTE: Available at http://www.omg.org/cgi-bin/doc?formal/02-06-39.
ETSI
6 ETSI GS QKD 004 V1.1.1 (2010-12)
3 Definitions and Abbreviations
3.1 Definitions
For the purposes of the present document, the following terms and definitions apply:
Application Program Interface (API): interface implemented by a software program to be able to interact with other
software programs
Key Management Interface: interface between an application and a Key Management Layer
Key Management Interoperability Protocol (KMIP): protocol for the communication between enterprise key
management systems and encryption systems
NOTE: The KMIP is directed by the OASIS initiative.
Key Management Layer: abstraction in a layered model including physically distributed key management systems,
e.g. on two network nodes connected with a QKD Link
NOTE: The Key Management Layer sits between the QKD Link and various applications.
Key Management System: part of a cryptography system managing the exchange, storage, protection, use,
identification, installation, replacement and destruction of cryptographic keys
Link Encryptor: device performing link encryption, i.e. the communication security process of encrypting information
between two peers on the data link level
Organization for the Advancement of Structured Information Standards (OASIS): global consortium that drives
the development, convergence and adoption of e-business and web service standards, incluing KMIP
QKD Link, QKD System: pair of two QKD Modules, interconnected by a quantum channel and a classical channel
QKD Module: set of hardware and software components that implements cryptographic functions and quantum optical
processes, including cryptographic algorithms and protocols and key generation, and is contained within a defined
cryptographic boundary
QKD protocol: list of steps that have to be performed in a QKD module to distill a secure key out of the measurement
data of the underlying quantum optical subsystem
Quality of Service (QoS): ability to provide different priority to different applications or users of a QKD system.
Transport Layer Security (TLS): cryptographic protocols used to encrypt the segments of network connections above
the Transport Layer, using symmetric cryptography for privacy and a keyed message authentication code for message
reliability
3.2 Abbreviations
For the purposes of the present document, the following abbreviations apply:
API Application Program Interface
APPA Application A
APPB Application B
KMIP Key Management Interoperability Protocol
OASIS Organization for the Advancement of Structured Information Standards
QKD Quantum Key Distribution
QoS Quality of Service
TLS Transport Layer Security
ETSI
7 ETSI GS QKD 004 V1.1.1 (2010-12)
4 Introduction to the QKD Key Management Layer
The QKD key management layer is an additional layer that sits between the QKD protocol and various security
applications. This is a distributed process and shall operate in a symmetric (vs. server/client) mode. So all key
management peers shall negotiate and verify all reservations and allocations that are associated with them. The QKD
protocol generates a pool of ordered secure bits. The function of this key management layer is to demultiplex these bits
into separate, ordered groups, where each group is used independently by applications and thus shall be synchronized
between the two ends of the communication end points. By synchronized we mean that a group of secure bits reserved
at one end point are identical to the associated group at the other end point. It is also required that these same secure bits
are then discarded by this layer once they are used (delivered to the application) and never revealed to anyone else.
The Key Management Interface describes the interface of the applications with this layer.
It is assumed that applications that call upon the services of this layer do so via the application programming
interfaces (APIs) specified in the following clauses and that this interchange is accomplished within the security
perimeter of the QKD System. Manufacturers shall supply and implement these API function calls when a key
management layer is provided. Manufacturers may provide additional APIs and expanded functionality as they deem fit.
Furthermore this layer is not required if the manufacturer is using the QKD system in a dedicated single application,
such as a link encryptor product where they are the only user.
5 QKD Application Interface Specification Description
The QKD key management layer shall demultiplex the ordered QKD pool of secure bits into separate independent
groups that are synchronized at both ends of the QKD link and pass those groups to their associated applications. This
requires that each local key manager shall communicate with its peer at the other end of the QKD link to perform this
service. In addition, some communication between the peer applications may also be necessary to establish a common
key association. Communication between the local applications and the local QKD key manager is assumed to occur
within the security perimeter of the local system, as shown in the Figure 1.

Figure 1: QKD Application Interface and peer relationship
Scenario for a QKD network with multiple QKD links per node is described in Annex C.
ETSI
8 ETSI GS QKD 004 V1.1.1 (2010-12)
6 QKD Application Interface API Specification
The QKD key provider mode must provide the following API functions.
Name Description
QKD_OPEN Reserve an association (key_handle) to a set of future keys at both ends of the QKD
link through this distributed Key Management Layer and establish a set of parameters
that define the expected levels of key service. This function shall return immediately
and not block.
QKD_CONNECT_NONBLOCK
Verifies that the QKD link is available and the key_handle association is synchronized
at both ends of the link. This function shall not block and returns immediately indicating
that both sides of the link have rendezvoused or an error has occurred.
QKD_CONNECT_BLOCKING Verifies that the QKD link is available and the key_handle association is synchronized
at both ends of the link. This function shall block until both sides of the link have
rendezvoused, an error is detected, or the specified TIMEOUT delay has been
exceeded.
QKD_CLOSE This terminates the association established for this key_handle and no further keys will
be allocated for this key_handle. Due to timing differences at the other end of the link,
the peer operation will happen at some other time and any unused keys shall be held
until that occurs and then be discarded.
QKD_GET_KEY Obtain the required amount of key material requested for this key_handle. Each call
shall return the fixed amount of requested key or an error message indicating why it
failed. This function may be called as often as desired, but the key manager only needs
to respond at the bit rate requested through the QOS parameters, or at the best rate
the system can manage. The key manager is responsible for reserving and
synchronizing the keys at the two ends of the QKD link through communication with its
peer. This function may be blocking (wait for the key or an error) or non-blocking and
always return with the status parameter indicating success or failure, depending on the
request made via the QKD_OPEN function.
The TIMEOUT value for this function is specified in the QKD_OPEN() function.

The syntax of these functions is as follows (according to OMG IDL syntax defined in [i.1]).
Interface QKD_AppInt{
QKD_OPEN (in destination, in QoS, inout key_handle , out status);

QKD_CONNECT_NONBLOCK (in key_handle, out status);

QKD_CONNECT_BLOCKING (in key_handle, in timeout, out status);

QKD_GET_KEY (in key_handle, out key_buffer, out status);

QKD_CLOSE (in key_handle, out status);
}
NOTE: The parameter "key_handle" is an output parameter when
...