ID Quantique and SK Broadband deployed the world’s first country-wide quantum-safe network infrastructure, connecting 48 government departments over a single 800-km converged network. It is the largest and most sophisticated commercial-grade quantum communication network, allowing for:
Redundant network ensuring high availability
Integrated network compatible with existing SDN and systems
Ability to provide quantum-safe keys through two telecom operators
Bandwidth on demand to adapt to varying usage patterns
Scalable solution designed for future extension
In an era where the scale and nature of cyber threats are changing drastically with the onset of AI and Quantum computing, securing sensitive data is requiring a strategic approach and innovative remediation technologies. Recognizing the need for a quantum leap in cybersecurity, South Korea embarked on an ambitious project to build the first nation-wide Quantum Key Distribution (QKD) network.
The Korean government sought a long-term solution to safeguard sensitive information and communications among its key agencies, including the Ministry of Employment and Labor, the Ministry of Economy and Finance, the Ministry of Education, and various local governments.
A national backbone network was proposed to interconnect the individual networks of 48 government organizations, enhancing security and improving operational and budgetary efficiency. This backbone network would link multiple smaller networks, enabling organizations with different local area networks (LANs) or subnetworks to exchange data seamlessly.
The plan aimed to integrate each department’s separate networks into a unified convergence network for greater operational efficiency, with the additional key objective to use quantum technologies to guarantee the highest level of security and ensure long-term data communication security from day one.
A mutualized and interoperable QKD infrastructure, one of the key requirements, was implemented with redundancy built into nodes, lines, and equipment. SK Broadband manages the first 48-node network, focusing on cities and provinces, while a second telecom operator deployed a second mesh network connecting 21 nodes for central government buildings.
For the main requirements to be met, IDQ has developed and deployed the most advanced key management, configuration, and monitoring solutions. IDQ’s Clarion KX Platform offers end-to-end security and handles complex routing that enables any-to-any encryption service in real time.
Importantly, the Korean government required fully redundant service, bandwidth on demand, and 24/7 centralized monitoring. The overall solution had to comply with all national cybersecurity regulations.
The government selected SK Broadband and its partner ID Quantique for their unique capability to provide five key elements to achieve a successful deployment:
IDQ’s QKD framework
IDQ’s QKD software
This is one of the world’s largest QKD network, comprising 27 QKD pairs or links, three rings, and one daisy chain connection to connect geographically distant rings. The network includes 10 trusted relays, which operate on the QKD layer. This layer involves dark fiber connectivity between QKD boxes, facilitating key exchange across different network segments. To ensure various customers can control their own security configuration and service, the solution provides three segregated Q-KMS instances that leverage the security of the QKD layer. These software platform instances exchange keys between each other via standard interfaces implemented in three gateways.
To enable a scalable and feature-rich quantum-safe service beyond a native point-to-point topology, the solution leverages IDQ’s Clarion KX platform as its key management layer (the Key Service layer graphic below). This software layer allows for any encryptor within the network to request key exchanges with any other encryptor, regardless of their locations. Clarion KX is embedded in each QKD appliance, and its most fundamental purpose is to orchestrate and synchronize keys between any two points on the network in real-time.
Due to the different security requirements of several customer groups, the solution provides for three separate key management systems that are segregated from each other. This setup allows each customer to manage their own key routing and key buffering configuration, as well as to control the access to the key. Key buffering is a core feature of Clarion KX, allowing for continuous generation of keys that are securely stored and ready for delivery on demand. In the event of a disruption, such as an optical line cut, the buffered keys are available for intelligent rerouting to their required destination – another core feature of IDQ’s industry-leading Q-KMS platform.
Such multi-tenancy enables multiple security profiles of customers leveraging the same QKD infrastructure. As a result, IDQ can operate three isolated key-exchange services across the same infrastructure, serving two telecom operators and providing keys at 17 different locations to several dozens of government agencies.
The final graphic shows the data centers where 16 encryption points can establish 127 different secured links between each other.
At the end of June 2022, all the QKD systems have been installed. In most of the areas of the country, the government agencies are able to use end-to-end quantum cryptography services, with 24/7 real-time monitoring and control through QMS tools.
This is now the largest quantum cryptography network outside of China with a total length of 800 km.
The future plan is to extend the network to more agencies.
Bringing a differentiated business proposal was decisive. Applying next-generation network technologies such as T-SDN and quantum cryptography while making the network’s security future-proof, easy to manage and highly integrated with the current infrastructure has made the difference. SK Broadband is proud to consolidate its status of number 1 QKD network operator in South Korea.
Mr. J.H Jung, PM & account manager of the project at SK Broadband
The journey towards a fully operational nation-wide QKD network continues with plans for further expansion. Future phases will extend the network reach to more consumers, ultimately creating a comprehensive shield for the nation’s digital communications.
One of the key aspects of this expansion is the ability to extend the network without requiring any reconfiguration of the existing infrastructure, such as bringing the QKD backbone to the southeastern part of the country. Furthermore, the network will ensure smooth interoperability with additional vendors, maintaining flexibility and integration capabilities.
Compliance with QSDN standards, specifically ETSI018 and ETSI015, is also a crucial objective to guarantee robust security measures.
Additionally, the project aims to leverage the “Quantum-as-a-Service (QaaS)” concept for the SK Broadband lease line team, providing end-to-end security solutions and enabling future commercial deployments on an ‘as-a-Service’ basis to the business clients. This approach ensures scalable and secure communication services tailored to meet the evolving needs of various sectors on their journey to resilience against Quantum Threat.
The collaboration between ID Quantique and SK Broadband in constructing South Korea’s nation-wide QKD network has marked a significant milestone in the realm of cybersecurity. After China, it has been the second state-orchestrated real-world quantum cryptography deployment at a national level: it is a strong cybersecurity posture statement and a great mark of trust for ID Quantique. As cyber threats evolve, South Korea’s pioneering efforts in QKD will serve as a model for building resilient and future-proof security frameworks globally.
