OSEKE: Optical Secure Key Exchange

Chris Stevens

Overview

Advances in quantum computing are expected to weaken widely deployed public-key encryption, increasing demand for quantum-resilient key exchange. Secure Encryption Key Exchange (SEKE) is an interception-detecting key exchange technology that distributes encryption keys while identifying eavesdropping in real time (https://doi.org/10.1098/rsos.230411).

Unlike Quantum Key Distribution, SEKE requires no quantum hardware and operates using standard communications and optoelectronic components, reducing cost and integration risk. It functions across copper cable, RF and optical channels, delivers up to 300× higher key transmission rates than QKD, and provides protection in environments where computationally intensive Post-Quantum Encryption is impractical. SEKE can also complement PQE within layered security architectures and requires no new hardware to be developed, using only commercially available components and systems. An RF SEKE demonstrator has been developed using readily available software defined radio units.

In this project the aim is to develop an optical SEKE demonstrator which can transfer data over an optical fibre, or a free space link extending the SEKE method.

 

Figure 1: Bit errors in an LDPC corrected channel as SNR varies.(a) Error statistics for SNR 0.53,0.477 & 0.053,(b) BER versus SNR showing the critical SNR point.

The SEKE approach

All communication links are impacted by the effects of noise which limits the maximum amount of data that can be transferred successfully. Shannon and Hartley [CE Shannon: A mathematical theory of communication] [RVL Hartley: Transmission of Information] described how signal to noise ratio in the receiver is critical to being able to unambiguously demodulate and receive a data stream being transmitted to it. Conventionally this has been used by engineers to maximise the data capacity and avoid data loss by ensuring that the signal to noise ratio (SNR) is high enough at all times. In cases where the SNR is not sufficient then error correcting codes have been employed to ameliorate the impact of bit errors on the utility of the data channel.

With a normal uncoded signal as SNR decreases the bit error rate (BER) rises slowly, but with error correcting codes the BER stay very low until a critical number of bit errors are being generated. At this point the error rate jumps dramatically resulting in a very strong signature of the failure of the communication link.

 

SEKE works by exploiting this jump in BER to make a very sensitive detector for any tampering or interception of a communication channel. Using a carefully calibrated and controlled communication channel we are able to detect very small changes in the received SNR, SEKE is applicable to wired connections, optical fibre links and line of sight optical wireless and does not require any special hardware to be developed. This is because it rests securely in information theory and not in quantum physics like Quantum Cryptography for instance.