The Amazon Center for Quantum Networking (CQN) has completed its first customer trial of quantum-secured communication. The experimental trial aims to address the underlying scientific and engineering difficulties in developing quantum networks, thus engaging with customers to evaluate the present status of the technology and its appropriateness for cloud infrastructure, establishing a more realistic outcome.
Amazon Web Services (AWS) is making numerous attempts to guarantee that quantum computers provide opportunities to consumers while limiting hazards. Quantum Key Distribution (QKD) is one feature they are investigating since it provides additional physical safety in transmitting quantum states between remote parties to establish verifiably secure encryption keys.
As a result, they established a point-to-point quantum-secured network in Singapore, connecting two facilities via a production-grade optical fiber network. In collaboration with the National Quantum-Safe Network (NQSN) at the Centre for Quantum Technologies (CQT), Horizon Quantum Computing (Horizon) and Fortinet effectively linked two QKD devices across buildings spread three kilometers apart and set up a VPN tunnel that used both QKD technology and AWS Edge Compute hardware.
Equipped with Encrypted IPsec Tunnel
This device (FortiGate 100F Next Gen Firewall) can build an encrypted IPsec tunnel capable of ingesting quantum-generated encryption keys. Employing a QKD device pair on the management network to secure key exchange over fibers with a maximum loss of 12 dB (usually up to 50 km), making it a good fit for metropolitan coverage of an area the size of Singapore (50 km east to west).
Furthermore, this device includes a Key Management System (KMS) for managing key requests and transfers between QKD optical systems and the FortiGate Next-Gen Firewall. The service network finishes at paired computing nodes.
Quantum-safe link for the Metropolitan Area
Amazon Hybrid-Edge services extend AWS infrastructure and services to the edge, allowing applications to run and be securely operated in places that do not have consistent network connectivity to AWS. Horizon employs an on-premises Intel-based server as an endpoint at the other end of the connection. Both sides interact securely over an IPsec tunnel, with the endpoints consuming the locally created QKD keys. This effectively sets a quantum-safe link that Horizon will be exploited to construct use cases.
This point-to-point quantum network deployment was a critical step in investigating how commercial-off-the-shelf quantum technology functions in a real-world scenario, demonstrating to the customers and clients how it can be utilized with AWS services.
The AWS CQN is still exploring the art of the possible, which involves not only QKD but also advanced networks requiring building a quantum repeater for long-distance communications.
Learn more about it here.