A commercial alternative to QKD: filling USB sticks and hard disks with random bits

Starting Date: June 2016
Duration: 3 months
Time commitment: 20 h / week
Prerequisites: Second year; IY2760 and CS2821

Quantum key distribution (QKD) offers unconditional security according to the laws of quantum physics. A QKD system enables its users to securely set up symmetric keys for encryption by sending quantum signals, either over optical fibres or over free-space. In current commercial QKD systems, these symmetric keys are consumed in classical secure communications protocols like IPsec. In principle, though, the key material could be used in an unbreakable one-time pad system. Current commercial QKD systems are limited by range and key agreement rate: the protocol can only be run over distance of a few 10s of kms, and the only a few thousand bits per second of secure keying material can be “distilled” from the protocol. Moreover, current commercial systems are expensive.

At the same time, QKD requires the distribution of short keys to bootstrap the key distribution process. This would be done via a physical courier, or by pre-installing the keys in a controlled environment before the QKD devices themselves were distributed. So what if we just filled and distributed USB sticks or hard disks instead? How quickly could the storage devices be filled? What sources of high quality randomness could be used? What would it cost to secure the physical distribution of keying material? Over what time period could a single USB stick or hard disk supply key for, in comparison to a commercial QKD system? Would the system be commercially viable compared to a QKD system?

In this project, you will build a prototype software system for filling external storage devices with random bits, a vital component in the “USB sticks and hard disks” approach. This system would help to answer the above questions. Using this system, you will assist in a systematic evaluation of the “USB sticks and hard disks” approach, in terms of its practicality, cost and competitiveness with current commercial QKD solutions. You will write up the results in partnership with the project supervisor. It is expected that the results will be of significant interest to industry.

The student should have an interest in and willingness to learn basic cryptography, ideally would have prior knowledge of basic crypto. Ideally, would be familiar with Intel architecture, have a firm grasp of C or C++ programming language, and like messing around with Operating Systems, low level system calls, etc. Good time-management and strong writing skills.  We would use git and latex to write up the results; prior experience of these would be helpful but not required.