# Service for Deploying Digital Twins of QKD Networks

^{1}

^{2}

^{*}

## Abstract

**:**

## 1. Introduction

## 2. Background

#### 2.1. Bits and Qubits

#### 2.2. Basics of QKD

**BB84 protocol:**it was the first developed QKD algorithm, proposed by Charles Bennet and Gilles Brassard in 1984 [22]. In BB84, two quantum nodes, let us say, Alice and Bob, exchange a key following some steps. First, Alice encodes each bit of the key on the state of a qubit, randomly choosing between two bases in which she prepares the qubit and then sends it to Bob. When Bob receives the qubits, he measures them in one of the two bases Alice used, obtaining a deterministic measure if the basis is the same as the qubit was prepared in, and a probabilistic measure if he chooses the other basis. Then, they share classical information about the bases they used and only keep those measurements where their choice of basis was the same, i.e., those in which they are sure to have obtained the same values. Additionally, they perform an error detection check by sharing a subset of the final bits to identify possible eavesdroppers.**E91 protocol:**being proposed by Artur Ekert in 1991 [23], the E91 protocol was the first algorithm to exploit the phenomena of quantum entanglement. In this algorithm, both nodes exchange Bell pairs, i.e., maximally entangled states, and measure them on a randomly selected basis among a set of three bases. The basis sets of Alice and Bob differ on one basis, and they are specifically chosen to allow them to perform a CHSH test and verify if an unwanted party was eavesdropping on the communication (note that if the test is not passed, someone might be measuring the qubits and, therefore, breaking the entanglement). After the measurement of all the entangled pairs, they share the basis used to measure each qubit and keep only the bits from the measurements where the same basis was used, which again implies that the measurement will be the same in both nodes. Around $7/9$ of the exchanged qubits are typically discarded due to the construction of the algorithm itself: there are 9 possible basis combinations and only in 2 of them do Alice and Bob choose the same basis. The discarded qubits are used to perform a CHSH test.

#### 2.3. QKD Networks

#### 2.4. Quantum Network Simulators

**SeQueNCe**is a photonic network simulator implemented in Python, where a metropolitan-scale quantum network was successfully modelled using single photon simulations [35]. It is divided into five modules, from the hardware to the application layer, with cross-module communication. This simulator allows the modification of many classical and quantum parameters, from the attenuation and the delay introduced by the channels to the fidelity of entanglement between two qubits, or the efficiency of the single-photon detectors. It also includes an implementation of quantum memories and several entanglement-related protocols [35].**QuNetSim**is a Python simulator designed to model the network layer and above instead of focusing on the simulation of the physical properties of quantum networks [36]. It includes many existing basic protocols as a toolbox to make easier the development of more complex protocols. It can process both classical and quantum information and uses a network layering model based on the Internet architectural model, with three layers: application, transport, and network [36].**NetSquid**is a modular simulator available as a Python package. It allows modelling different physical quantum devices that can appear in a quantum network, as quantum memories [37]. Users can choose between a detailed description of the quantum states using wave functions or density matrices, or a simplified version using the stabiliser formalism. It can support the simulation of large-scale networks thanks to its computation engine, which can manage multiple qubits simultaneously [37].**The Parallel Simulation Framework**is an optimized parallel simulator, proved to be nine times faster than a sequential simulator in an experiment involving a 64-node QKD network [38]. It has two different layers, the upper one corresponds to the modelled hardware and protocols, and the lower layer consists of the kernel responsible for the parallel discrete event simulation. It only implements the BB84 protocol but can be expanded to other schemes [38].**SimulaQron**is a Python emulator with a modular design, that allows running the different quantum network nodes on different physical or virtual machines. By emulating quantum and classical channels, it enables the execution of quantum applications between remote devices, managing the operations and state of the qubits [39]. It implements its own protocol, the CQC protocol [39], to achieve the communication between applications and physical quantum equipment (either real or emulated by SimulaQron itself). Although it has been mainly developed in Python, it can be programmed using any language capable of connecting to the CQC server backend using a TCP connection and sending packets in the required form [39].

#### 2.5. Service Orchestration

## 3. Functional Overview

#### 3.1. QKD Network Digital Twin Orchestrator

- The service user must describe the desired QKD network and deliver this description to the orchestrator. In particular, this document has to include parameters such as the name and neighbors of each node, the ETSI API to be used, or the QKD protocol emulated when forming the quantum keys.
- Once the digital twin orchestrator has the QKD network description, it communicates with the available physical infrastructure to instantiate the nodes comprising the digital twin of the desired QKD network. At this point, there are two possible scenarios. In the first case, the user provides the orchestrator with a set of pre-deployed machines (real, virtual, or virtualization containers) where he wants the digital twin of the QKD network to be deployed. If this is not the case, the ETSI NFV-compliant cloud and edge infrastructures (e.g., OpenStack-based) must be accessible to the orchestrator for it to automatically build the digital twin of the QKD network using standardized mechanisms to request the deployment of the virtual machines or virtualization containers needed to run the different QKD network nodes.
- Lastly, the orchestrator installs the required software in order to emulate the complete behavior of the QKD nodes, including that which enables communication based on the ETSI API chosen by the user. In this last step, the orchestrator configures the digital twin and initializes the software that emulates the quantum channels and the QKD protocol used to form the quantum keys.

#### 3.2. QKD Network Nodes

#### 3.3. QKD Networks Clients

#### 3.4. Service Capabilities

## 4. Implementation

#### 4.1. QKD Network Digital Twin Orchestrator Application

#### 4.2. QKD Module Software

**open_connect**: This instruction indicates that a new stream of QKD-generated keys must be created with another node. To call this method, information about the applications that will access nodes involved in the new stream and other parameters, such as the lifetime of the keys, must be included. Once this method has been executed, a Key Stream ID (KSID), which can be used by the application to identify the key stream in subsequent calls to other methods, is generated. After calling this method on both nodes, the nodes start to continuously exchange and buffer keys for this key stream.**get_key**: This method is used to retrieve a key from a particular key stream identified by its KSID. If no new key is available yet, an error code is returned. This method additionally allows the user to optionally send an “index” parameter to specify the key in the key stream it wants to retrieve for synchronization purposes.**close**: This instruction closes and frees a particular key stream identified by its KSID.

#### 4.3. QKD Network Client

**open_connect**,

**get_key**, and

**close**.

## 5. Validation and Results

#### 5.1. Scenario Preparation

#### 5.2. Functional Validation

#### 5.3. Performance Evaluation

#### 5.4. Performance of Orchestration Actions

## 6. Conclusions and Future Work

## Author Contributions

## Funding

## Conflicts of Interest

## Abbreviations

QKD | Quantum Key Distribution |

NRBG | Non-deterministic Random Bit Generator |

RSA | Rivest–Shamir–Adleman |

DH | Diffie–Hellman |

NFV | Network Functions Virtualization |

5TONIC | 5G Telefónica Open Network Innovation Centre |

ETSI | European Telecommunications Standard Institute |

IETF | Internet Engineering Task Force |

API | Application Programming Interface |

OSM | Open Source MANO |

VIM | Virtual Infrastructure Manager |

KSID | Key Stream ID |

MANO | Management and Orchestration |

PQC | Post-Quantum Cryptography |

PUF | Physical Unclonable Function |

## References

- Bayerstadler, A.; Becquin, G.; Binder, J.; Botter, T.; Ehm, H.; Ehmer, T.; Erdmann, M.; Gaus, N.; Harbach, P.; Hess, M.; et al. Industry quantum computing applications. EPJ Quantum Technol.
**2021**, 8, 25. [Google Scholar] - Emani, P.S.; Warrell, J.; Anticevic, A.; Bekiranov, S.; Gandal, M.; McConnell, M.J.; Sapiro, G.; Aspuru-Guzik, A.; Baker, J.T.; Bastiani, M.; et al. Quantum computing at the frontiers of biological sciences. Nat. Methods
**2021**, 18, 701–709. [Google Scholar] [CrossRef] [PubMed] - Rivest, R.L.; Shamir, A.; Adleman, L. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Commun. ACM
**1978**, 21, 120–126. [Google Scholar] [CrossRef] - Diffie, W.; Hellman, M. New directions in cryptography. IEEE Trans. Inf. Theory
**1976**, 22, 644–654. [Google Scholar] [CrossRef] - Shor, P. Algorithms for quantum computation: Discrete logarithms and factoring. In Proceedings of the 35th Annual Symposium on Foundations of Computer Science, Washington, DC, USA, 20–22 November 1994; pp. 124–134. [Google Scholar] [CrossRef]
- Chen, Y.A.; Zhang, Q.; Chen, T.Y.; Cai, W.Q.; Liao, S.K.; Zhang, J.; Chen, K.; Yin, J.; Ren, J.G.; Chen, Z.; et al. An integrated space-to-ground quantum communication network over 4600 kilometres. Nature
**2021**, 589, 214–219. [Google Scholar] [CrossRef] [PubMed] - Wengerowsky, S.; Joshi, S.K.; Steinlechner, F.; Zichi, J.R.; Dobrovolskiy, S.M.; van der Molen, R.; Los, J.W.N.; Zwiller, V.; Versteegh, M.A.M.; Mura, A.; et al. Entanglement distribution over a 96-km-long submarine optical fiber. Proc. Natl. Acad. Sci. USA
**2019**, 116, 6684–6688. [Google Scholar] [CrossRef] - Lopez, D.; Brito, J.P.; Pastor, A.; Martin, V.; Sánchez, C.; Rincon, D.; Lopez, V. Madrid Quantum Communication Infrastructure: A testbed for assessing QKD technologies into real production networks. In Proceedings of the 2021 Optical Fiber Communications Conference and Exhibition (OFC), Washington, DC, USA, 6–11 June 2021; pp. 1–4. [Google Scholar]
- Zhou, L.; Lin, J.; Xie, Y.M.; Lu, Y.S.; Jing, Y.; Yin, H.L.; Yuan, Z. Experimental Quantum Communication Overcomes the Rate-Loss Limit without Global Phase Tracking. Phys. Rev. Lett.
**2023**, 130, 250801. [Google Scholar] [CrossRef] - Grünenfelder, F.; Boaron, A.; Resta, G.V.; Perrenoud, M.; Rusca, D.; Barreiro, C.; Houlmann, R.; Sax, R.; Stasi, L.; El-Khoury, S.; et al. Fast single-photon detectors and real-time key distillation enable high secret-key-rate quantum key distribution systems. Nat. Photonics
**2023**, 17, 422–426. [Google Scholar] [CrossRef] - Li, W.; Zhang, L.; Tan, H.; Lu, Y.; Liao, S.K.; Huang, J.; Li, H.; Wang, Z.; Mao, H.K.; Yan, B.; et al. High-rate quantum key distribution exceeding 110 Mb s–1. Nat. Photonics
**2023**, 17, 416–421. [Google Scholar] [CrossRef] - Networks it uc3m. QKD Digital Twin Service (QDTS). Available online: https://github.com/Networks-it-uc3m/QDTS (accessed on 24 January 2024).
- Tuegel, E.J.; Ingraffea, A.R.; Eason, T.G.; Spottswood, S.M. Reengineering aircraft structural life prediction using a digital twin. Int. J. Aerosp. Eng.
**2011**, 2011, 154798. [Google Scholar] [CrossRef] - Almasan, P.; Ferriol-Galmés, M.; Paillisse, J.; Suárez-Varela, J.; Perino, D.; López, D.; Perales, A.A.P.; Harvey, P.; Ciavaglia, L.; Wong, L.; et al. Digital twin network: Opportunities and challenges. arXiv
**2022**, arXiv:2201.01144. [Google Scholar] - Singh, M.; Fuenmayor, E.; Hinchy, E.P.; Qiao, Y.; Murray, N.; Devine, D. Digital Twin: Origin to Future. Appl. Syst. Innov.
**2021**, 4, 36. [Google Scholar] [CrossRef] - Vaezi, M.; Noroozi, K.; Todd, T.D.; Zhao, D.; Karakostas, G.; Wu, H.; Shen, X. Digital Twins From a Networking Perspective. IEEE Internet Things J.
**2022**, 9, 23525–23544. [Google Scholar] [CrossRef] - Barricelli, B.R.; Casiraghi, E.; Fogli, D. A Survey on Digital Twin: Definitions, Characteristics, Applications, and Design Implications. IEEE Access
**2019**, 7, 167653–167671. [Google Scholar] [CrossRef] - Wootters, W.K.; Zurek, W.H. A single quantum cannot be cloned. Nature
**1982**, 299, 802–803. [Google Scholar] [CrossRef] - Horodecki, R.; Horodecki, P.; Horodecki, M.; Horodecki, K. Quantum entanglement. Rev. Mod. Phys.
**2009**, 81, 865. [Google Scholar] [CrossRef] - Clauser, J.F.; Horne, M.A.; Shimony, A.; Holt, R.A. Proposed Experiment to Test Local Hidden-Variable Theories. Phys. Rev. Lett.
**1969**, 23, 880–884. [Google Scholar] [CrossRef] - Nurhadi, A.I.; Syambas, N.R. Quantum Key Distribution (QKD) Protocols: A Survey. In Proceedings of the 2018 4th International Conference on Wireless and Telematics (ICWT), Nusa Dua, Bali, Indonesia, 12–13 July 2018; pp. 1–5. [Google Scholar] [CrossRef]
- Bennett, C.H.; Brassard, G. Quantum cryptography: Public key distribution and coin tossing. arXiv
**1984**, arXiv:2003.06557. [Google Scholar] [CrossRef] - Ekert, A.K. Quantum cryptography based on Bell’s theorem. Phys. Rev. Lett.
**1991**, 67, 661–663. [Google Scholar] [CrossRef] - ETSI Industry Specification Group (ISG) on Quantum Key Distribution (QKD). Available online: https://www.etsi.org/committee/1430-qkd (accessed on 23 October 2023).
- IETF Quantum Internet Research Group (QIRG). Available online: https://datatracker.ietf.org/group/qirg/about/ (accessed on 27 October 2023).
- Kozlowski, W.; Wehner, S.; Meter, R.V.; Rijsman, B.; Cacciapuoti, A.S.; Caleffi, M.; Nagayama, S. Architectural Principles for a Quantum Internet; RFC 9340; RFC Editor: Phoenix, AZ, USA, 2023. [Google Scholar]
- ETSI. Quantum Key Distribution (QKD); Application Interface; ETSI GS QKD 004 V2.1.1 (2020-08); ETSI: Sophia Antipolis, France, 2020. [Google Scholar]
- ETSI. Quantum Key Distribution (QKD); Protocol and Data Format of REST-Based Key Delivery API; ETSI: Sophia Antipolis, France, 2019. [Google Scholar]
- Wang, C.; Rahman, A.; Li, R.; Aelmans, M.; Chakraborty, K. Application Scenarios for the Quantum Internet; Internet Engineering Task Force. 2023. Work in Progress. Available online: https://datatracker.ietf.org/doc/draft-irtf-qirg-quantum-internet-use-cases/ (accessed on 24 January 2024).
- ETSI. Quantum Key Distribution (QKD); Device and Communication Channel Parameters for QKD Deployment; ETSI GS QKD 012 V1.1.1 (2019-02); ETSI: Sophia Antipolis, France, 2020. [Google Scholar]
- Lopez, V.; Pastor, A.; Lopez, D.; Aguado, A.; Martin, V. Applying QKD to improve next-generation network infrastructures. In Proceedings of the 2019 European Conference on Networks and Communications (EuCNC), Valencia, Spain, 18–21 June 2019; pp. 283–288. [Google Scholar] [CrossRef]
- Mehic, M.; Niemiec, M.; Rass, S.; Ma, J.; Peev, M.; Aguado, A.; Martin, V.; Schauer, S.; Poppe, A.; Pacher, C.; et al. Quantum Key Distribution: A Networking Perspective. ACM Comput. Surv.
**2020**, 53, 1–41. [Google Scholar] [CrossRef] - Cao, Y.; Zhao, Y.; Wang, Q.; Zhang, J.; Ng, S.X.; Hanzo, L. The Evolution of Quantum Key Distribution Networks: On the Road to the Qinternet. IEEE Commun. Surv. Tutorials
**2022**, 24, 839–894. [Google Scholar] [CrossRef] - Aji, A.; Jain, K.; Krishnan, P. A Survey of Quantum Key Distribution (QKD) Network Simulation Platforms. In Proceedings of the 2021 2nd Global Conference for Advancement in Technology (GCAT), Bangalore, India, 1–2 October 2021; pp. 1–8. [Google Scholar] [CrossRef]
- Wu, X.; Chung, J.; Kolar, A.; Wang, E.; Zhong, T.; Kettimuthu, R.; Suchara, M. Simulations of Photonic Quantum Networks for Performance Analysis and Experiment Design. In Proceedings of the 2019 IEEE/ACM Workshop on Photonics-Optics Technology Oriented Networking, Information and Computing Systems (PHOTONICS), Denver, CO, USA, 18 November 2019; pp. 28–35. [Google Scholar] [CrossRef]
- Diadamo, S.; Nötzel, J.; Zanger, B.; Beşe, M.M. QuNetSim: A Software Framework for Quantum Networks. IEEE Trans. Quantm Eng.
**2021**, 2, 1–12. [Google Scholar] [CrossRef] - Coopmans, T.; Knegjens, R.; Dahlberg, A.; Maier, D.; Nijsten, L.; de Oliveira Filho, J.; Papendrecht, M.; Rabbie, J.; Rozpedek, F.; Skrzypczyk, M.; et al. NetSquid, a discrete-event simulation platform for quantum networks. Commun. Phys.
**2021**, 4, 164. [Google Scholar] [CrossRef] - Wu, X.; Zhang, B.; Jin, D. Parallel Simulation of Quantum Key Distribution Networks. In Proceedings of the 2020 ACM SIGSIM Conference on Principles of Advanced Discrete Simulation, Miami, FL, USA, 15–17 June 2020; pp. 187–196. [Google Scholar] [CrossRef]
- Dahlberg, A.; Wehner, S. SimulaQron—A simulator for developing quantum internet software. Quantum Sci. Technol.
**2018**, 4, 015001. [Google Scholar] [CrossRef] - Condoluci, M.; Mahmoodi, T. Softwarization and virtualization in 5G mobile networks: Benefits, trends and challenges. Comput. Netw.
**2018**, 146, 65–84. [Google Scholar] [CrossRef] - Morabito, R.; Kjällman, J.; Komu, M. Hypervisors vs. Lightweight Virtualization: A Performance Comparison. In Proceedings of the 2015 IEEE International Conference on Cloud Engineering, Tempe, AZ, USA, 9–13 March 2015; pp. 386–393. [Google Scholar] [CrossRef]
- Mijumbi, R.; Serrat, J.; Gorricho, J.; Bouten, N.; De Turck, F.; Boutaba, R. Network Function Virtualization: State-of-the-Art and Research Challenges. IEEE Commun. Surv. Tutorials
**2016**, 18, 236–262. [Google Scholar] [CrossRef] - ETSI Open Source MANO. Available online: https://osm.etsi.org/ (accessed on 11 October 2023).
- Cloudify. A Platform that Turns Clouds, Tools & Technologies into Self-Managed Environments. 2023. Available online: https://cloudify.co (accessed on 15 November 2023).
- OpenStack. Build the Future of Open Infrastructure. 2023. Available online: https://www.openstack.org/ (accessed on 15 November 2023).
- The Linux Foundation. Kubernetes: Production-Grade Container Orchestration. 2023. Available online: https://kubernetes.io (accessed on 15 November 2023).
- Liu, G.; Huang, B.; Liang, Z.; Qin, M.; Zhou, H.; Li, Z. Microservices: Architecture, container, and challenges. In Proceedings of the 2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C), Macau, China, 11–14 December 2020; pp. 629–635. [Google Scholar] [CrossRef]
- Ansible Community Documentation. Available online: https://docs.ansible.com/ (accessed on 23 October 2023).
- Kimani, R. How to Implement Parallelism and Rolling Updates in Ansible. Enable Sysadmin, RedHat. 2022. Available online: https://www.redhat.com/sysadmin/ansible-parallel-serial-keyword (accessed on 11 October 2023).
- gRPC, a High Performance, Open Source Universal RPC Framework. Available online: https://grpc.io/ (accessed on 24 November 2023).
- 5TONIC, an Open Research and Innovation Laboratory Focusing on 5G Technologies. Available online: https://www.5tonic.org/ (accessed on 30 October 2023).
- Nogales Dorado, B.; González Blázquez, L.F.; Vidal Fernández, I.; Valera Pintor, F.; García Reinoso, J.J.; López, D.R.; Rodríguez, J.; González, N.; Berberana, I.; Azcorra Saloña, A. Integration of 5G experimentation infrastructures into a multi-site NFV ecosystem. J. Vis. Exp.
**2021**, 168, e61946. [Google Scholar] - Bernstein, D.J.; Hülsing, A.T.; Lange, T. Post-Quantum Cryptography-Integration Study; ENISA: Brussels, Belgium, 2022. [Google Scholar]
- Lopez, D.; Martin, V.; Lopez, B.; Contreras, L.M. A Multiplane Architecture Proposal for the Quantum Internet. Internet Engineering Task Force. 2023. Work in Progress. Available online: https://datatracker.ietf.org/doc/draft-lopez-qirg-qi-multiplane-arch/ (accessed on 24 January 2024).
- Suh, G.E.; Devadas, S. Physical Unclonable Functions for Device Authentication and Secret Key Generation. In Proceedings of the 2007 44th ACM/IEEE Design Automation Conference, San Diego, CA, USA, 4–8 June 2007; pp. 9–14. [Google Scholar]

**Figure 1.**General example of two sites in a QKD network by ETSI [27].

**Figure 2.**Outline of how the QKD network digital twin orchestrator service works. The numbers indicate the order in which the steps are carried out.

**Figure 3.**Functional architecture of the QKD network digital twin sites. Components along with their interfaces are shown.

**Figure 4.**Left, steps followed by the QKD Network Digital Twin orchestrator application when a pre-deployed machines pool exists. Right, steps followed when the OSM is used to deploy the QKD network machines.

**Figure 5.**Overview of the software architecture of a quantum node. Layers can be identified by sections and colours.

**Figure 8.**Scenario scheme of the functional validation and the tests regarding key exchange time and discarded qubits.

**Figure 10.**Performance evaluation results. (

**a**) Time spent in the exchange of one key as a function of the key size. For each key size, the distribution of the 20 exchanged keys is shown. (

**b**) Qubits discarded when exchanging a key as a function of the key size. For each key size, the distribution of the 20 exchanged keys is shown.

**Figure 12.**Deployment evaluation results. (

**a**) Deployment time as a function of the network node number. For each network, the distribution of the 20 deployments is shown. (

**b**) Average percentage that each process represents in a deployment.

**Table 1.**Comparison of the different quantum network simulators considered [34].

Simulator | Publicly Available | Distributed Nodes | Modularity | Simulation Environment |
---|---|---|---|---|

SeQueNCe | Yes (open source) | Not allowed | High | Python |

QuNetSim | Yes (open source) | Not allowed | Low | Python |

NetSquid | Yes (upon registration) | Not allowed | High | Python |

Parallel Simulation Framework | No | Not allowed | Low | N/A |

SimulaQron | Yes (open source) | Allowed | High | Python |

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |

© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Martin, R.; Lopez, B.; Vidal, I.; Valera, F.; Nogales, B.
Service for Deploying Digital Twins of QKD Networks. *Appl. Sci.* **2024**, *14*, 1018.
https://doi.org/10.3390/app14031018

**AMA Style**

Martin R, Lopez B, Vidal I, Valera F, Nogales B.
Service for Deploying Digital Twins of QKD Networks. *Applied Sciences*. 2024; 14(3):1018.
https://doi.org/10.3390/app14031018

**Chicago/Turabian Style**

Martin, Raul, Blanca Lopez, Ivan Vidal, Francisco Valera, and Borja Nogales.
2024. "Service for Deploying Digital Twins of QKD Networks" *Applied Sciences* 14, no. 3: 1018.
https://doi.org/10.3390/app14031018