WO2024059063A1 - Mobile quantum key distribution via space - Google Patents

Abstract

This disclosure generally relates to quantum information processing, computation, cryptography, and communication. It particularly concerns mechanisms for generation, delivery, and application of quantum encryption keys in a mobile communication environment via space. For example, a low earth orbit (LEO) satellite may be configured to communicate with a plurality of ground terminals via quantum channels established through the earth atmosphere and space for secure quantum key exchange and distribution. The LEO satellite itself or the LEO satellite together with the ground terminals may act as trusted nodes for providing QKD as a service. The quantum channels between the LEO satellite and the ground terminals may rely on optical links over space for transmission and reception of single photons.

Description

Mobile Quantum Key Distribution via Space

CROSS REFERENCE

[0001] This PCT International Patent Application is based on and claims the benefit of priority to U.S. Provisional Patent Application No. 63/405,655, filed on September 12, 2022, entitled “Mobile Quantum Key Distribution,” which is herein incorporated by reference in its entirety.

TECHNICAL FIELD

[0002] This disclosure generally relates to quantum information processing, computation, cryptography, and communication. It particularly concerns mechanisms for generation, delivery, and application of quantum encryption keys in a mobile communication environment via space.

BACKGROUND

[0003] Secure communications rely on encryption of messages using secret keys. Various encryption schemes may require that these keys be exchanged or distributed between parties. It is thus critical to secure such key exchange or distribution. While encryption keys may be exchanged or distributed via ground-based quantum channels for secure quantum key distribution (QKD), such quantum channels may be limited in range.

SUMMARY

[0004] This disclosure generally relates to quantum information processing, computation, cryptography, and communication. It particularly concerns mechanisms for generation, delivery, and application of quantum encryption keys in a mobile communication environment via space. For example, a low earth orbit (LEO) satellite may be configured to communicate with a plurality of ground terminals via quantum channels established through the earth atmosphere and space for secure quantum key exchange and distribution. The LEO satellite itself or the LEO satellite together with the ground terminals may act as trusted nodes for providing QKD as a service. The quantum channels between the LEO satellite and the ground terminals may rely on optical links over space for transmission and reception of single photons.

BRIEF DESCRIPTION OF THE DRAWINGS

[0005] FIG. 1 is an example schematic of the temporal distribution of tasks during an optical contact time duration between a ground terminal and a LEO satellite.

[0006] FIG. 2 illustrates a quantum system and an Alignment Pointing and Tracking (APT) system within a LEO satellite or a ground terminal and the optics used to combine both systems.

[0007] FIG. 3 shows measurement results of the Stokes parameters of polarized light transmitted through an example spun optical fiber.

[0008] FIG. 4 illustrates an example quantum source for a reference frame independent (RFI) protocol based on spun fibers.

[0009] FIG. 5 illustrates an example optical source based on active components for polarization encoding.

[0010] FIG. 6 illustrates an example free-space optical source for polarization encoding.

[0011] FIG. 7 illustrates principle of optical beam divergence.

[0012] FIG. 8 illustrates optical loss due divergence of optical beams.

[0013] FIG. 9 illustrates optical loss due to a pointing error of 10 micro radiant for different lens size at the emitter.

[0014] FIG. 10 shows an example procedure for private key distribution via a quantum channel in space involving two parties.

[0015] FIG. 11 illustrates a mobile scheme for quantum key distribution.

DETAILED DESCRIPTION

[0016] Throughout the specification and claims, terms may have nuanced meanings suggested or implied in context beyond an explicitly stated meaning. The phrase “in one embodiment or implementation” or “in some embodiments or implementations” as used herein does not necessarily refer to the same embodiment/implementation and the phrase “in another embodiment/implementation” or “in other embodiments” as used herein does not necessarily refer to a different embodiment. It is intended, for example, that claimed subject matter includes combinations of exemplary embodiments/implementations in whole or in part.

[0017] In general, terminology may be understood at least in part from usage in its context. For example, terms, such as "and", "or", or "and/or," as used herein may include a variety of meanings that may depend at least in part upon the context in which such terms are used. Typically, the term "or", if used to associate a list, such as A, B or C, is intended to mean A, B, and C, here used in the inclusive sense, as well as A, B or C, here used in the exclusive sense. In addition, the term "one or more" or "at least one" as used herein, depending at least in part upon context, may be used to describe any feature, structure, or characteristic in a singular sense or may be used to describe combinations of features, structures or characteristics in a plural sense. Similarly, terms, such as "a", "an", or "the", again, may be understood to convey a singular usage or to convey a plural usage, depending at least in part upon context. In addition, the term "based on" or "determined by" may be understood as not necessarily intended to convey an exclusive set of factors and may, instead, allow for the existence of additional factors not necessarily expressly described, again, depending at least in part on context.

[0018] By way of instruction, current every day communications requiring a medium level of confidentiality, such as various transactions and information exchange over the Internet, use a mix of encryption or cryptographic systems.

[0019] Two example types of cryptographic systems, namely, public-key cryptographic systems and secret-key cryptographic systems, may be implemented separately or in a mixed manner.

[0020] In public-key cryptosystems, each user may possess two different keys: a public key and private key. The public key is made public and is used for encryption. The private key is kept secret and used for decryption. Anybody can send encrypted information using the public key, but only the legitimate recipient, who knows the private key, can decrypt the encrypted information. For example, if Alice wants her friends to send her secret information, she can post her public key on her social media accounts or via a public key service platform. All her friends can now use the public key to encode messages they would like to send to her. Only Alice, using her private key, can decrypt these messages. Thus, an advantage of public-key cryptosystems is that any two users can exchange secure information, even if they have never met and are located far apart. For this reason, the public key encryption systems are heavily used for day-to-day transactions over the communication networks that requires medium security.

[0021] The security of such public-key cryptosystems, for example, relies on the complexity of deriving private keys that are only know to the individual parties from large public keys. In other words, encryption in such a system is relatively an “easy” task, while decryption is a computationally “difficult” task, except for a legitimate user, who possesses some extra information (knowledge of the private key). Here, the terms “easy” and “difficult” relate to the time it takes to perform the computational task of encrypting or decrypting the message given a set of computation hardware of certain capability. The computational complexity for private key derivation for decryption without knowledge of the private keys, however, depends on the size of the public key. The longer the public keys are, the harder such private key derivation becomes. For that reason, the public keys are generally made lengthy in order to make the computational complexity for deriving private keys from them and within a reasonable amount of time beyond normal capability of today’s available computational hardware.

[0022] On a flip side, encrypting large amounts of data using length public keys would also require significant computing power and thus would not be very practical for on-line applications. As such, any application requiring large amounts of data, as well as network links, which carry large amounts of data, may need instead to rely more on the second type of cryptography, the secret key cryptography (as described in further detail below), rather than public-key cryptography for data encryption, and only use the public-key cryptosystems for encryption and distribution of the secret keys, as described in further detail below.

[0023] While the public-key cryptosystems relying of computational complexity for decryption are seemly secure, such computational complexity is only perceived or assumed. A proof that such decryption process is indeed theoretically complex without knowledge of the private key is still lacking. It may well be that a task deemed “difficult” might be performed much faster using new, yet unknown algorithms. In fact, several such “secure” systems based on perceived computational complexity have been broken in the past, triggering a rush towards new encryption principles. In addition, it has now been shown theoretically that an algorithm running on a large enough quantum computer would be able to break current public-key cryptographic systems (because, for example, a quantum computer can easily factorize large numbers in order to derive private keys based on lengthy public keys in a reasonably amount of time that does not scale exponentially with a size of the keys). Quantum computers based on various types of physical systems and operation principles have been experimented with and could be commercially available in the near future. They may be used to break, e.g., the public-key cryptographic systems above, calling for other ways of secure distribution of the secret keys.

[0024] The public-key cryptosystems are thus not quantum-resistant. The term quantum-resistant may be used to refer to a cryptographic system that is still secure even when hardware such as a large-scale quantum computer is available. Accordingly, the public-key cryptosystems may not be used for application requiring high-level confidentiality, such as military applications. Instead, such sensitive applications should rely on quantum-resistant cryptographic mechanisms.

[0025] In comparison to the public-key cryptosystem described above, security of a secret-key cryptosystem, also referred to as symmetric-key system, does not rely on computational complexity, but on the secret key shared between two users, and thus could be made quantum-resistant. This secret key can be used, for example, in the Advanced Encryption System (AES) as a standard established by the National Institute of Standards and Technology (NIST) in the USA. AES is available in various implementations, with different safety levels and has become a world-wide standard. To date, the full version of AES is considered secure. For ultimate and provably secure transmission, it is possible to use the so-called one-time pad, which is used as a key for encryption/decryption only once (such that there is no information for an eavesdropper to guess a next key based on a previous key). In both the AES case and the one-time pad type of secret-key cryptosystems, and for all other implementation of secret-key cryptosystems, the safety of the encryption relies on the secure transmission/distribution/delivery of the secret keys between the partners rathe rather than computational complexity.

[0026] With respect to the key distribution for secret-key cryptosystems, in some example implementations, public-key mechanisms may be used to encrypt and transmit secret keys, which are then used in the secret-key cryptosystems for encrypting the data. These systems may be referred to as a mixed public-key and secret-key systems. This idea avoids the intensity of computation to encrypt a large amount of date using lengthy public keys and only infrequent public key encryption of secret keys for distribution is needed. However, as also described above, such mixed public-key and secret-key systems ultimately still need to rely on perceived computational complexity for deriving the private keys for encrypting the secret keys. A quantum computer, once available, would still be able to easily derive lengthy private keys that is used in for the decryption of the secrete keys. In other words, such mixed systems are still not quantum-resistant.

[0027] As such, for sensitive data, or for information which needs to be kept safe for a long period of time, the distribution of secrete keys should rely on a channel other than that uses public-key cryptography. In addition, managing secure key distribution for many users would quickly become cumbersome if key distribution is provided as a service. This is even more so when secret keys are frequently refreshed to maintain their strengths (the more they are used, the weaker they become, as information about them is leaked as they are being used) and to avoid putting at risk large volume of data in case one key is compromised.

[0028] A Quantum Key Distribution (QKD) scheme constitutes one of the solutions being considered, which relies on transmitting physical elements (typically single photons) between users for key distribution such that secret keys cannot be intercepted or eavesdropped without being unnoticed. Such QKD schemes enable encryption technologies that provide 'unconditionally secure communications, meaning they are secure regardless of the computing resources of any adversary, even if they are using a quantum computer, as reflected in the term “quantum-resistant encryption”. In QKD, the distribution channel for the secret keys may be referred to as quantum channels. A quantum channel obtains its security for distributing keys from principles of quantum mechanics. Cryptography based on QKD is thus provably secure and will remain so even with the introduction of advanced computing hardware such as the quantum computers.

[0029] Effectiveness of a quantum channel may be limited by loss in the transmission of information in the quantum channel. Ground-based physical channels used for QKD may be optical, using optical fibers to carry information needed for QKD. For the current ground-based optical systems use optic fibers cables, the maximum distance for key distributism achievable with such a system is around 100 miles for commercial environment, and around 300 miles in laboratories, thereby necessitating deployment of regularly spaced “trusted nodes” in regional network, and very much precluding inter-continental secure key distributions, even with the development of quantum repeaters that may extend the reach of quantum channels to several hundred kilometers.

[0030] In some example implementations disclosed below, quantum key distribution may be moved into a hybrid environment involving space, satellites at Low Earth Orbits (LEO), and secure transmission nodes, where optical losses may be significantly reduced, in order to extend the range of quantum key distribution. The secure distribution quantum key relying on such space-earth hybrid environments and nodes may be provided as a service. In the minimum, such a service may be provided relying on as few as a single LEO satellite, as described in further detail below, particularly in relation to FIG. 10.

[0031] The system described below, for example, uses a small LEO satellite (LEOS) dedicated to QKD from Space (QKDS). The LEOS may rely on a specially designed optical communication channel as a quantum channel to securely exchange secrete keys between ground stations and the LEOS using the quantum QKD mechanisms. The LEOS, for example, may be placed on a near-polar orbit. As few as a single LEO satellite may be configured to exchange encryption keys with one ground terminal and may then fly to a second ground terminal to exchange a second key with the second ground terminal, and may later connects the two ground terminals, thus providing a single-satellite global QKDS service. The term “ground terminal” may be interchangeably referred to as “ground station” in the disclosure below.

[0032] In effect, the LEO satellite may act as a trusted node in space which can ultimately provide secure communications between any two points on Earth. Ground terminals, either connect single users or may be used as gateways for ground QKD networks.

[0033] In some example implementations, the optical communication among the ground stations and between the ground stations and the LEO satellite may be achieved using laser communication technologies, as described in further detail below. [0034] In some example implementations, multiple LEO satellites may further interconnect to one another in space via, again, optical communication channels, thereby forming a larger QKDS acting as ingredient for a global QKD service network, for provably secure communication networks.

[0035] Turing to further detail with respect to QKD implementations, it is noted that QKD represents an entirely different scheme which is not based on computational complexity. The QKD schemes thus distinguish from other quantum-resistant algorithms, which still rely on increasing computational complexity of code breaking so that it is difficult for any computing hardware including quantum computers to break the keys. However, it has not been proven that any of the current and future quantum- resistant algorithms based on computational complexity could not be broken by a quantum computer. The QKD schemes, on the other hand, would not be threatened by quantum computers in principle are considered truly quantum-resistant.

[0036] It is further noted that the distribution of encryption keys, either by quantum means or not, is only one element of a whole cryptosystem for communications that must be complemented with secret key encryption methods, such as AES for high security or even combined with One-Time Pad for provable security to provide quantum-safe encryption. In addition, quantum-safe methods for authentication and signature may also be included in a cryptosystem. A post-quantum cyber security environment of the future will comprise a variety of techniques and systems. The term “post-quantum” refers to communication environment after quantum computers becomes feasible.

[0037] The distribution of encryption keys via QKD schemes may involve one or more intermediate communication nodes, and such intermediate nodes must be trusted. In particular, such intermediate nodes may be placed in space. For example, QKD in Space (QKDS) may rely on elements including but not limited to: (1 ) a LEO satellite that is assumed to be a trusted node that will carry encryption keys from one location to another; and (2) one or more quantum channels that link the LEO satellite to ground terminals.

[0038] A quantum channel for QKD may be achieved via a modified optical communication channel designed to transfer single photons with specific properties. In some implementations, it may be complemented with an open Service Channel to transform the raw quantum exchange into a secure key.

[0039] One limitation of QKD on earth surface may be that it relies on a physical communication channel that may be lossy. As described in further detail below, this brings about a distance limitation, which a trusted node space as in QKDS can remove. Specifically, the use of satellites as intermediate trusted nodes between two parties or remote users for QKD would help remove the distance limitation and opens the QKD schemes towards global network security.

[0040] In some implementation of QKDS, an optical link that connects the LEO satellite with the ground terminal may be established and maintained with an Acquisition, Pointing, and Tracking (APT system). An APT system, for example, may include two beacon lights (from the LEO satellite to the ground terminal and vice-versa) that lock to the LEO satellite's movement. The APT system would also include detectors for receiving pointing lasers.

[0041] Optical link may be used to establish quantum communication for QKD. For example, such optical link may be configured for an emission and detection of single photons in order to establish the quantum communication. Such a link for quantum communication may be referred to as a quantum link or quantum channel. Such a quantum link or quantum channel thus may include an optical path that single photons follow to connect the LEO satellite to the ground terminal or vice versa.

[0042] For QKD, the key distribution direction in the optical link can, in principle, be arbitrary, either uplink (from the ground terminal to the LEO satellite) or downlink (from the LEO satellite to the ground terminal). Uplink brings the advantage of larger transmitter systems on earth surface, which can be further conveniently upgraded after the launch of the satellite. However, studies have shown that a downlink direction of key distribution can present benefits over an uplink in some aspects since, for a downlink, the dominant factor for optical loss is divergence (because of limitation of emitter size at the LEO satellite), whereas in an uplink, turbulence broadening dominates over diffraction (so that the emitter size advantage may not be important). This reduces the advantage of having a larger emitter size (which is more conveniently implemented for uplink direction).

[0043] One of the main merits of a QKD system may be its secret key generation rate (i.e. , the production rate of highly secure bits). This rate may depend on the pulse repetition rate of the emission system, the loss in the quantum channel, and the post-processing rate.

[0044] For QKDS, the loss in the quantum channel depends on different factor including but not limited to: optical wavelength of the optical source (lasers), divergence of the optical source (lasers), and atmospheric transmittance. In addition to these factors, there are other contributors to the successful detection of single photons transmitted from the LEO satellite towards a ground terminal, including but not limited to pointing precision, beam wander, scintillation, and optical and detection efficiency. Impact of each of these factors on a QKDS system is described in further detail below.

[0045] Further for QKDS, post-processing may be performed after the single photons have been transmitted and detected. Such post-processing, for example, may include but is not limited sifting (e.g., two users randomly choose a measurement basis, and if the two bases do not match, the measurement would be meaningless and must be discarded), error correction, and privacy amplification. Such postprocessing may be implemented through a communication link between the satellite and the ground terminal, referred to as a service channel in QKD systems, which may be a classical rather than quantum channel.

[0046] In some example implementations, this service communication link above between the LEO satellite and the ground station can be an open channel. Itis preferably bidirectional as information is exchanged between the satellite and the ground terminal.

[0047] Returning to the various factors that may affect optical losses in the quantum channel above, optical wavelength of the information carrier may be one of the more important factors. In some example implementations, the choice of wavelength for the source of single photons may depend mainly on two factors among others: (1 ) the transmission (or losses) through the atmosphere (2) and the technology available to encode (manipulate) and detect single photons at such wavelength.

[0048] As the optical losses are mainly due to the absorption and diffusion of photons by molecules in the atmosphere, different optical wavelengths may experience different loss values. However, transmission windows exist for visible light (400-800 nm) and near-infrared (around 1 ,550 nm), as shown in the last column of Table 1 below, making the optical wavelengths within these transmission windows good candidates for optical communication with satellites. Modeling of single photons of various wavelength through atmosphere to LEO satellite may be performed according to local parameters using commercial software such as MODTRAN and 6SV. As an example, detection efficiency at these wavelengths using currently available photo detectors is shown in the middle column in Table 1 below.

Table 1 : State of art single photon detectors for different wavelengths

[0049] In addition, divergence of the optical beam used for QKD may lead to optical losses. That is because due to optical divergence (as a result of optical diffraction), the size of an optical beam spot increases as a function of the distance to the aperture where the beam originates, after beam waist (assuming Gaussian beam), and as such, part of the beam or some single photons may not hit the detector. Further, such divergence may increase with the emission wavelength and decrease with the transmitter size, as shown in Table 2 below. Specifically, to avoid losses due to divergence, a telescope used for in the receiver of the optical beam and single photons at the ground station may have a diameter that match the beam's diameter at the ground level. Such a matching, however, may be impractical, as the beam diameter at the ground level can be tens of feet after a long propagation distance from the LEO satellite. Therefore, the beam's divergence will introduce a loss in the system, depending on the transmitter telescope size (lens diameter), the wavelength choice, and receiver telescope size.

Table 2: Divergence magnitude for different wavelengths and transmitter size

[0050] Another factor contributing to the quantum channel's loss may be the atmospheric turbulence, which may be due to local temperature variations/fluctuation that translates into fluctuations of the index of refraction. As a result of such refractive index fluctuations, atmospheric turbulence causes optical intensity fluctuations, beam spread, beam wanders, and the like. These random variations happen on, for example, 10-100 ms time scales. Among these effects, beam wander may be the biggest source of optical loss. Beam wander can effectively be treated as beam spread as it causes spatial position fluctuations of the beam. In addition, intensity fluctuations, for example, may result from the propagation of the optical beam through the atmosphere and are known as scintillation. Such intensity fluctuations can be spatial (referred to as speckle) or temporal (referred to as twinkle). These intensity fluctuations do not increase the average loss, but they distort the wavefront, making it harder to use phase information for QKD, as described in further detail below.

[0051] Another loss may come from imperfection in pointing precision of the optical beam. The term pointing precision is used to refer to an alignment accuracy of the APT system between the telescopes of the satellite and the ground terminal.

[0052] Typically, one can expect a spatial jitter of the beam alignment during the optical contact and communication process. Such a jitter effectively translates into beam broadening, producing additional losses that depend on the system's alignment accuracy. In some example implementations, a compromise may be made between the loss due to pointing error and the loss due to divergence as the transmitter size decreases. Specifically, pointing error increases whereas the divergence lass decreases as the size of the transmitter increases (see Table 3, line 7). Likewise, the pointing loss decreases as the transmitter size decreases (see Table 3, line 8) whereas the divergence will cause a larger beam size at the ground for a smaller transmitter size. As such, this relationship indicates that there is an optimal point between transmitter size and the total of divergence and pointing error. Finding the optimal point is essential because achieving a small pointing error can be technologically challenging and may significantly increases the cost of the system.

[0053] Considering each of the losses described above, it is possible to estimate an optical loss budget of the QKD scheme. An example is presented in Table 3. The example loss budget assumes that one of two wavelengths, 1550 nm or 850 nm, is used. The loss due to divergence is calculated considering a transmitter telescope size of 150 mm or 100 mm, and a receiver telescope size of 600 mm.

[0054] With respect to the optical detectors, for some detectors, for example, the detection efficiency may be about 40% at 1550 nm or 67% at 850 nm (see middle column of Table 1 ). The pointing error is considered for a 10 prad in accuracy at the transmitter. The atmospheric transmittance considered for 1550 nm and 850 nm is 0.75 and 0.5, respectively. The loss in the system due to each of these parameters is calculated and presented at the bottom of each column in Table 3.

Table 3: Loss for a quantum optical source at an attitude of 450 miles

[0055] Specifically, Table 3 shows that, for the choice of parameters described in detail above, the overall loss for the system is around 40 dB. Furthermore, achieving key distribution with this level of loss has already been implemented for ground based QKD and thus should also be applicable for QKDS. In other words, QKDS involving a LEO satellite is, therefore, technologically feasible.

[0056] The QKDS systems described above rely on the detection of single photons. Apart from imperfections in the system described above, there exist several sources of noises. For example, noises may original from dark counts in the photon detectors. For another example, noise may originate from background light. Any stray photon that reaches the detectors and any dark count in the detectors could cause a false count, increasing the system's error rate. Therefore, both background noise and dark counts should be minimized to provide sufficient signal to noise ratio in the detection. [0057] With respect to the background light, the amount of background light that will be present during the system's operation may be estimated. It may be assumed that the system will operate at night time when performing quantum key distribution, as day light may present excessive background light.

[0058] Such background light level or noise may depend on the location of the ground terminal (e.g., whether the ground station is located in urban or rural environment). To lower the background light level at the detector, one or more spectral filters may be applied in front of the detector at the ground terminal, so that a majority of background light at wavelengths other than the quantum communication optical wavelength is removed. The one or more filters may be arranged such that it only passes a narrow spectral window at the operating wavelength. For example, after such filtering, an estimate of the background noise at 850 nm is 200 counts/second at night-time for a 1 nm spectral window. For 1550 nm, it may be estimated that the background noise may be of the order of 20 counts/second for a 1 nm window.

[0059] Additional or alternative to spectral filtering, background noise may be reduced by applying temporal filtering or gating, such that the detector does not count impinging photons outside of the temporal window of interest. The filtering may be performed during optical detection or electronically via data processing after time resolved detection. Other techniques, such as modulation and lock-in detection of the electric signal from the detector may be used to reduce background noise.

[0060] In some example implementations, temporal filtering may be performed by synchronizing an opening (activation) of the sensors with the arrival of a photon from the satellite (gated detection). An active synchronization may be implemented as the distance (and hence the optical propagation time) between the satellite and the ground terminal may be constantly evolving. In addition to reducing the background noise, temporal filtering may further help reduce the dark counts, as the detector is only active at the expected arrival time of the signal. In Table 4, the background noise as a portion of the total noise is estimated, by performing spectral filtering and adding temporal filtering where possible.

Table 4: OBER for different wavelengths and detectors

[0061] The dark count rate may depend on characteristics of the detector and how it is operated. For example, it may be possible to lower the dark count at the expense of lowering the efficiency (hence the key distribution rate). As examples, in Table 6 and Table 7 below, several detectors are analyzed with respect to dark count characteristics. In some implementations, the detectors may be configured to lower temperature (e.g., liquid nitrogen temperature and the like) in order to further reduce dark count.

[0062] Considering the noise due to the dark count in the detector, and the background noise as expected, and the loss in the system, it is possible to calculate or estimate a signal-to-noise ratio and hence the expected quantum bit error rate (OBER) of the system, as shown in Table 4.

[0063] In an example QKD implementation, the OBER may be used to estimate the amount of information leaked to an eavesdropper during the key distribution process. Assuming that the entire OBER is due to eavesdropping for security purposes, the OBER may be one of the most critical parameters, which may ultimately decide the feasibility of the QKDS. For example, it may be impossible to distribute a key securely if the QBER exceeds 11 %. Therefore, a QBER of up to a few percent may be desired or even required for QKD applications.

[0064] The noise budget may be calculated assuming a 450 miles low earth orbit, a 100 mm transmitter size, and a 600 mm receiver lens size. When possible, the total noise may be calculated assuming adaptive gating for 1550 nm or digital filtering for 850 nm. An example noise budget is shown in Table 4 above. Table 4 shows that several single-photon detectors are suitable for QKDS. The detectors shown in bold font (detectors 2, 3, and 5), may be suitable for use in a practical QKD system.

[0065] Turning to optical contact duration, it is noted that optical losses may be too high to establish an optical link at low elevation angles. Hence useful contact between instruments will be limited to elevation angles above a certain threshold angle, e.g., 30°. The term elevation angle may be defined as the angle formed between the horizon and a line connecting the satellite and the ground terminal. It is further noted that a time duration needed to establish the initial optical connection between the LEO satellite and the ground terminal and stabilize the APT system may be no shorter than a minimal time duration. Such a minimal time duration, for example, may be 60 seconds. It is further noted that quantum communication may be performed in less than, e.g., three minutes when the satellite is close to the zenith, but with a minimal amount of time. Finally, a certain minimal time duration, e.g., one minute (60 second), may be needed for performing various data processing. These time metrics or thresholds are listed in Table 5 below.

Table 5: Time estimates for different tasks during satellite pass for optical contact

[0066] FIG. 1 illustrates the optical contact duration above. The ground plane is shown by 102 on which the ground station 104 is located. The LEO for the satellite 106 is shown by 101. Angle 105 illustrates the satellite elevation angle where the optical contact begins. The angle 105, for example, may be above a minimal threshold of, for example, 30 degrees. In duration 120 of the satellite movement, lasting for, e.g., 60 seconds, optical communication may be initiated and established. After that, in the duration 130 of the satellite movement around the Zenith 110, for a duration of, e.g., 100 seconds, optical communication for quantum key distribution between the satellite 106 and the ground station 104 may be performed, followed by the duration of 140 of, e.g., 60 seconds, where data post-processing for QKD may be performed.

[0067] In some implementations of a QKD system, the key information may be encoded in one degree of photon freedom. This degree of freedom may remain robust after the photon has been transmitted over several hundred miles of free space and a few tens of miles of atmospheric turbulence to the ground station. In some example implementations, the chosen degree of freedom may be easily manipulated with commercial off-the-shelf components and easily detected. Such degree of freedom and encoding is illustrated by the examples below. [0068] In some example implementations, a polarization degree of freedom of photons may be utilized for QKDS. For example, polarization states of the photons created in the satellite may be conserved when the photon is transmitted through space due to no birefringence. They may also be conserved when transmitted through the atmosphere due to very low birefringence of the atmosphere.

[0069] Unitizing the polarization degree of freedom, the key information may be encoded in the polarization state of single photons. For example, a horizontally polarized photon as detected may correspond to 0 state of a bit, whereas a vertically polarized photon as detected may correspond to 1 of the bit.

[0070] However, for QKD, and to ensure security against an eavesdropper, it is not enough to use only two different polarization states of photons. Most example QKD schemes instead use four or even six different states. In addition, as the position of the satellite changes relative to the ground station during its flight over the ground terminal, so does its relative orientation. As such, polarization states of similarly generated photons may also change relative to the ground station.

[0071] In some example implementations, a polarization compensation scheme may be implemented to account for the movement of satellite. For example, the polarization of the received photons at the receiver may be adjusted using polarization optics continuously according to satellite movement. Optical components that are used to control or allow discriminating polarization states may be commercial off-the- shelf components. Alternative, they may be configured as more intricate than standard optical components.

[0072] Polarization states not usually not relied on in ground-based QKD because the fiber systems used for transferring photons (rather than in free space) usually do not preserve or maintain polarization states of photons. Even though polarization maitaining optical fibers may be designed, such fibers may only maintain orthogonal polarization aligned with the birefringent axis of the fiber and not all sets of arbitrary polarizations states. This characteristic disfavors a use of polarization states in polarization maintaining fibers as part of the quantum source since only two of the four or six polarization states required for polarization-based QKD protocols could be produced with high quality (e.g., with highly maintained polarization state). [0073] In some example implementations, phase of the electromagnetic field associated with the photons may be used as the degree of freedom for encoding the key information, rather than using the polarization states, similar to some ground- based QKD, where polarization states of photons are not used because the optical fiber used for carry the photons are usually not polarization conserving during the photon propagation.

[0074] For example, a Coherent One-Way (COW) scheme may be used for encoding the key information. The COW scheme, for example, may rely on time-bin qubits, as in existing ground-based QKD systems. Adapting such existing QKD systems for satellite applications may represent a lower cost than developing an entirely new approach based on polarization states of photons.

[0075] In the time-bin encoding, the key information may be encoded in the time emission of the photon with respect to a clock. For example, an early emission corresponds to 0 of a bit, whereas a late emission corresponds to 1 of the bit. In some example implementations, the time-bin encoding may involve interferometric measurements at the ground terminal in order to check for the presence of an eavesdropper. Because the transmission of the single photons through the atmosphere disturbs the wavefront (hence phase), for example, by creating speckles, which may make these interferometric measurements challenging. In some example implementations, adaptive optics may be used to correct such wavefront distortion in order to improve the interferometric measurements.

[0076] In some other example implementations, a Continuous Variable QKD (CV- QKD) may be used to encode the key information. Such implementations may not rely on single photons, but uses macroscopic fields instead. The main advantage of CV-QKD may be that it does not require single-photon detectors but can use more standard telecom detection systems. In CV-QKD, the variables may correspond to the quadrature of the electromagnetic field, and may be detected through interference with another field, referred to as a Local Oscillator.

[0077] Another aspect that needs to be considered for the QKDS is the design of the optical source. In some example implementations, the quantum source, which will be onboard the satellite, should be lightweight, compact, and have low power consumption. The source design should also consider the thermal fluctuations on board the satellite. Due to its orbital movement, the satellite will go from high to low temperature in a small period of time (for example, approximately from 104°F to -4°F in less than 90 minutes). In addition, the polarization or time-bin states produced by the source should be of high quality. The discrimination between the various states should be high in order to minimize the error rate. In addition, the quantum signal (single photons) should be preferably multiplexed with the APT signal, another optical system that emits and receives the beacon beams as described above.

[0078] In some example implementations, for practical reasons, the quantum system and the APT systems may use a same telescope in the satellite, as shown in FIG. 2. Specifically, FIG. 2 shows that the satellite containing the quantum system 202 and the APT system 204. The optical output/input from the quantum system 202 and the APT system 204 may combined by an optical fiber combiner 210. The quantum system 202 and the APT system 204 may share the same telescope 206 for emitted/received beams. The quantum system 202 may include single photon transceiver for transmitting and/or detecting single photons.

[0079] In some example implementations, the quantum system 202 and the APT system 204 may be operated at different optical frequency and do not interfere with one another spectrally. Optical signal in the quantum system 202 and the APT system 204 may be processed and carried using optical fibers and optical fiber devices. The architecture of FIG. 2 applies to the ground terminal as well.

[0080] Between the LEO satellite and the ground station, a service channel in addition to the quantum channel may be implemented. The service channel may be implemented optically. The optical portion may be shared with the APT system. In some other implementations, if a laser communication cannot be used for the service channel, then the service channel may be established via RF. In that case, a stable clock signal will be needed; and a potential solution may then use GPS technology. The APT system in that case would have to be implemented separately with lasers.

[0081] In the QKD implementations, completing a secret key includes sending single photons from the quantum source to the quantum receiver. The parties that want to share a key must also perform sifting, error correction, and privacy amplification. These additional tasks may be done through the so-called service channel. As described above, such a service channel may be an additional open communication channel (where information may be broadcast to any potential listener), and may be implemented optically or via RF. These channels need to be quantum mechanical. Rather, then can be classical channels.

[0082] In some example implementations, to allow information exchange between the users, this service channel may be configured as available in both directions: from the LEO satellite to a ground station and vice-versa.

[0083] In some example implementations, the bandwidth needed for this service channel may depend on the detection rate determined by the loss of the quantum link and the repetition rate at which single photons are produced.

[0084] The estimated losses in Table 3, for example, may allow a use of a bandwidth of several MHz for the service channel, which is available through RF communication in existing radio telecommunication systems. However, a problem may arise if one considers that the QKD systems also use the service channel to synchronize the emission of the qubits and their detection.

[0085] Specifically, the frequency of qubit emission is in the GHz range to maximize the number of detections, thereby requiring a synchronization system with a precision level of hundreds of picoseconds or better. In principle, optical communications can be implemented to reach GHz rates and may be combined with the quantum system to set up a service channel from the satellite to the ground terminal.

[0086] In some example implementations, an uplink service channel may be included. Such an uplink service channel, for example, may be implemented in RF.

[0087] Turning now to key management in the QKDS systems above, the satellite may be used as a trusted node, which exchanges a key with one ground terminal, e.g., user A, and stores the key at the satellite. Then, later, the satellite mayfly over another ground terminal, say user B, and exchange a new key. In some example implementations, by acting with an XOR function on the two keys and sending the result (over an open channel) to one of the users, user A and user B can then share a secret key. A specific example is given below in relation to FIG. 10.

[0088] As such, all keys may be stored onboard the satellite and these keys may need to be property managed. In some example implementations, quantum memories may be implemented for generating, manipulating, and storing the keys at the satellite as quantum states without knowing the values of the key. [0089] Without quantum memory, and with all keys being stored in the satellite, the satellite operator may ultimately have access to these keys and might, for example, breach the security of the keys. In addition, potential customers of the QKD service above may object to having their secret keys entirely open to an external entity, such as the satellite operator.

[0090] In some implementations, an architecture and structure for the key managing may be designed to permit a clear separation between satellite commands and key material. For example, key material should be kept in a safe environment, such as a Hardware Safety Module (HSM) in the satellite. It should not be copied or transmitted to other parts of the satellite. Upon request of users, the satellite should only perform an XOR of two keys and broadcast the result. In some other example implementations, it may also be possible to encrypt the keys with conventional cryptographic techniques to fulfill certification requirements.

[0091] The various example implementations above, thus provide a system capable of providing a QKD as service. In addition to the point-to-point service for pairs of users described above, if a large enough key storage facility in added to the satellite, the QKDS system above may also be used as a gateway to disseminate quantum keys all over the globe. This gateway may act as a trusted key distribution server.

[0092] For example, if there are N customers, who may need to exchange secret information pairwise, the number of keys needed for direct exchange is N(N-1 )/2. Using the trusted server would reduce it to a more manageable 2N exchanges. An additional advantage is that this gateway could be connected to a terrestrial QKD network with a few additional trusted nodes, thus providing secure QKD throughout a large geographical region or a country, or a continent. As such, adding a long-term secure storage facility in the LEO satellite above may increase the scope of potential applications.

[0093] In comparison to a LEO satellite-based telecommunication network, the aim of such a Telecom Satellite Network is to provide instantaneous Internet connectivity, enabling high bandwidth data exchange for low-value bits. The number of satellites required there is in the hundreds, corresponding to a considerable investment. In contrast, a QKDS network above only involves the transmission of a few high-value bits. Permanent contact is not required, which leads to a much smaller number of satellites. In some example implementation scenarios, even one satellite can provide global coverage.

[0094] Turing now to example implementations of topology for a QKDS network, a basic two types of ground terminals may be implemented to cover different configurations. Other topological implementations may be used depending on user demand.

[0095] Such example topological configuration may include a type of single user ground terminal by sacrificing the key distribution rate, as single users may only need to renew the keys occasionally, for example, once per day or even week, depending on usage. Of course, such type of ground terminal requires regular contact with the satellite, but the key rate is not the main concern. Accordingly, this type of ground terminal would use a small-size mirror. In some example implementations, this type of ground terminal may be mobile, for example, carried by a truck.

[0096] In contrast, the other type of ground terminals may use the keys distributed by the satellite within a ground-based QKD network. Therefore, the emphasis for this type of ground terminals is on key rate, thereby requiring a more oversized mirror and more complicated components, which may be shared between several users to distribute cost.

Such type of ground terminals may be used as a trusted hub to deliver keys to different local users. As such, the infrastructure would be like a Local Area Network (LAN), where different users of the LAN can exchange secure information between themselves. As such, this type of ground terminal may be configured as an access point linking the LAN to a global network through the satellite.

[0097] As an example of how the QKDS scheme above functions, consider that Alice and Bob are at two distant places 1002 and 1004 on earth ground surface 1001 , respectively, as shown in FIG. 10. Alice 1002 has written a highly confidential report, which she wishes to send to Bob and for which they need an ultra-safe communication channel. Both Alice and Bob possess an Optical Ground Terminal for the QKDS described above. In a first example step, a secrete key may be generated by Alice. When the LEO satellite is in direct visibility of Alice (e.g., above the threshold elevation angle described above, e.g., larger than 30 degrees), Alice and the satellite may establish optical communication and contact during 1010 portion of the satellite trajectory 1003, and may then , during 1012, exchange a series of photons carrying the secret key information, and use these photons to generate a series of secret bits, constituting the key Ka, known only to the satellite and Alice, as shown by 1005.

[0098] This procedure may include a series of bidirectional transmissions over an open channel for support. Such a procedure may be referred to as a Key Distillation Process (KPD). The KPD completes after post-data processing duration 1014.

[0099] Next, several hours to a few days later, depending on the respective locations of Alice 1002 and Bob 1004 (and the pointing capabilities of the payload on the spacecraft), the LEO satellite may be in visibility range of Bob. Bob then follows a similar method to establish contact and optical communication with the LEO satellite during 1020, and to then, during 1022, generate and send a second key, Kb, known only to himself and the LEO satellite after the key distribution, as shown by 1007, followed by the post-data processing duration 1024 to complete the key distribution.

[00100] After that, it is straightforward to reconcile between Alice and Bob via the LEO satellite. For example, the LEO satellite may transmit to Bob, the value of Ka + Kb over an open Discussion Channel (e.g., a non-quantum channel). Bob now knows the same key, Ka, as Alice. Similarly, the LEO satellite may also send Ka + Kb to Alice and Alice would then know the same Kb as Bob. To ensure future security, the LEO satellite should now erase both keys in a secure manner from its memory. Alice can then use her key (Ka) at any later time to encrypt a message using, for example, the AES protocol. The resulting cypher text may be sent through any classical open communication channel, be it optical fiber network or space-based network. Bob alone, who now knows Alice’s secret key, will be able to decipher it.

[00101] This example above shows some key features of QKDS:

• For example, the very property of LEO satellites, their high speed with respect to ground is not a limiting factor because it is used for transferring keys as opposed to large amount of data, as would have been the case in a space-based telecommunication network situation.

• For another example, there is no need for simultaneity. In other words, Alice can generate her key at any time, Bob likewise can generate his key at any other time, when they are in visibility of the satellite. The keys so generated can then be stored and used at leisure. Any telecommunication network can be used to send the enciphered information using the exchanged secret key in a secure manner.

[00102] Returning to the optical components including the optical source within the LEO satellite prior to the single photons are transmitted towards the ground terminal via the transmitter telescope, it is critical that these optical components be polarization maintaining, particularly when polarization state of the single photons are used to encode the key information for QKD.

[00103] For example, optical fibers that maintains polarization may be considered. Polarization maintaining fibers may have a high birefringence along a specific axis, hence polarization states that are sent along the birefringent axis will be maintained. However, as described above, polarization maintaining fibers only maintain orthogonal polarizations aligned with the birefringent axis of the fiber and not all sets of arbitrary polarizations states. This characteristic very much precludes the possibility of using polarization maintaining fibers as part of the quantum source in the quantum system of the LEO satellite since only two of the four or six polarization states required for QKD protocols could be produced with high quality.

[00104] Another possibility is to use spun fibers. Specifically, spun fibers are fibers that are spun during the production process. As a result, the birefringence that results from stress may be averaged. It is possible for spun fibers, in principle, to preserve both linear and circular polarization states.

[00105] FIG. 3 shows an evolution of left circular and vertically polarized light transmitted through a spun fiber as measured by a polarimeter. If the stokes parameters S1 , S2, S3 in cartesian coordinates are plotted for optical polarizations, they would form a sphere. The set of all polarizations are mapped to the surface of this sphere which is referred to as Poincare sphere. Linear polarization states lie in the equator of the sphere, while circularly polarized states lie at the poles. FIG. 3 shows injected linear polarization state into the spun fiber and its transformation to another linear state when we apply heat to the spun fiber (302). Injected left circular polarization is also shown (306) with its transformation when heating the fiber (304). Unlike linear polarization, FIG. 3 shows that the circular polarization in the spun fiber remains practically unchanged. The tilted axis of the sphere is due to miscalibration of the polarimeter.

[00106] As seen in FIG. 5, circularly polarized states can be transmitted and maintained through spun fibers even in the presence of fast changes of temperature or stress. The ability to maintain circular states with spun fibers leads to the possibility of implementing the reference frame independent (RFI) protocol. This protocol allows a key to be distributed between two parties if their two terminals share at least one well defined polarization direction, which, for example, can be the circular polarization states, which can be produced in a robust manner and are minimally affected by the movement of the satellite. In such implementations, a right or left circular polarization emitted by the satellite, even if propagated through the spun fiber in the satellite, would arrive respectively as right or left circular polarization to the ground terminal. Spun fibers are available at least for 1550 nm. Other spun fiber based optical components may correspondingly be built to support the optical functions in the LEO satellite. Finally, although circular polarization states can be shared reliably, the RFI protocol also requires a slow change in the other (linear) polarization sates.

[00107] FIG. 4 shows an example quantum source for RFI protocol based on spun fibers. The quantum source includes light sources for generating single photons in 6 different polarization state: 402 right circular polarization state, 402 for left circular polarization state, 406 for horizontal linear polarization state, 408 for vertical linear polarization state, and then 410, and 412 for +45 degree and -45 degree linear polarization states, respectively.

[00108] With respect to fiber-based polarization active components, it is possible to create polarization states using electro-optic modulators. Such modulator devices are electrically controlled wave guides which can produce different polarization states at high rates. Such optical components involve active components such as voltage supplies, high-rate electric amplifiers and circuits to power and control the quantum state production process. FIG. 5 illustrates a fiber based active electro-optical modulator (EOM) component for polarization encoding.

[00109] Another possibility for optical implementations in LEO satellite may be to employ free-space optical components. The benefit of using these components is that several QKD systems have already been developed and operated in ground QKD systems using these components. The polarization states produced by these free space components will be more robust due to a higher polarization extinction ratio available for free-space components as compared to fiber-based components, and temperature changes will not affect the quality of the quantum state produced. Note that a high polarization extinction ratio is important as imperfect quantum state preparation is reflected on a higher OBER of the system.

[00110] The main drawback of using free-space components may include: 1 ) they are heavier and bulkier than fiber-based components, 2) to facilitate the integration with the APT system this system should also be composed of free-space components, 3) it may be necessary to design a mechanism to maintain the free space optical alignment through the deployment of the satellite where the whole system may be exposed to high vibration. However, all these issues can be dealt with suing commercial off-the-shelf components.

[00111] FIG. 6 shows an example free space subsystem in the quantum system within the LEO satellite. Such a system may be built in a box that contains all the optical elements necessary and fix these components to maintain the optical alignment. The system of FIG. 6 may include various beam splitters and polarization beam splitters for splitting and combing optical beams or single photons of various polarization, and for combining quantum optical output and APT optical output.

[00112] Returning to the alternative of time-bin encoding of the key information in the quantum system of the LEO satellite, it has been shows that such phase or timebin encoding may be possible in QKDS. As described above, one challenge of timebin encoding in QKDS may be the need to perform interferometric measurements at the receiver. As the photons are transmitted through the atmosphere the wavefront may be distorted and speckle effects can be seen at the receiver lens. These speckle effects may adversely hinder but does not seem to prevent the interference measurement. For example, such interference measurement may be possible due to a use of a system of relay optics in the interferometer. Such relay optics system may help remove the spatial evolution of the wavefront in the interferometer due to the path-length difference.

[00113] For testing purposes, multimode optical fibers may be used to emulate the wavefront distortion effect of atmosphere. Such testing shows that even with the wavefront distortion, interferometric measurements for time-bin encoding with high visibility is possible.

[00114] Returning further to optical loss budget, it is noted that optical loss in the quantum channel in QKDS is partly due to the divergence of the beam emitted by a telescope lens in the satellite transmitter, as indicated above. Specifically, due to such divergence, the size of the beam spot will increase as a function of the distance to the aperture where the beam originates, as shown in FIG. 7. FIG. 7 shows that an optical source 702 emits photons at a wavelength A. The radius of the aperture of the emitter lens is given by wo (as shown by 704). The radius of the beam after a distanced d (as shown by 708) is labeled as R, as shown by 706. Such enlargement of the beam radius causes loss in the quantum channel. For practical reasons the diameter of the receiver lens will be smaller than the diameter of the beam at the ground, this mismatch will cause some optical loss. Fig. 8 shows that as the distance between sender and receiver is increased, corresponding to an increment in the orbit height of the satellite, the optical loss will increase.

[00115] FIG. 8 particularly shows the loss as a function of the distance between emitter and receiver for a 1550 nm source and a receiver diameter of 600 mm. The upper curve corresponds to an emitter lens size of 100 mm. The bottom curve corresponds to an emitter lens size of 150 mm. FIG. 8 shows that the optical loss in the quantum channel decreases for larger emitter lens.

[00116] However, additional loss in the quantum channel due to pointing error should also be considered. FIG. 9 shows such excess loss in the quantum channel due to a pointing error of 10 prad for different emitter lens sizes. FIG. 9 shows that the additional optical loss in the quantum channel increases as the emitter lens size increases.

[00117] Hence configuring the emitter in the satellite with a large telescope lens may not necessarily reduce the total loss. In fact, there may be a tradeoff between the divergence loss and pointing error loss by adjusting the lens size of the emitter to an optimal value.

[00118] Turning to optical detectors that may be disposed in ground terminals for QKD, it is noted that single photon detectors may be needed. Tables 6 and 7 below show testing results of 6 different state-of-the-art single photon detectors at either 850 nm (Table 6) or 1550 nm (Table 7) with respect to various figures of merit for single photon detectors including quantum efficiency (probability of detecting the photon given that it arrived to the detector) and internal noise characteristics (produced by dark counts and after pulsing). Tables 6 and 7 also indicate running mode of the tested single photon detectors.

Table 6. State of the art single photon detectors for 800 nm

Table 7. State of the art single photon detectors for 1 .550 nm

[00119] Example single photon detectors 1 and 3 are silicon-based avalanche photodiodes. Detector 1 , for example, is the detector ID 120 from the Swiss company IDQ. Detector 3 is from Excellitas. Detector 2 is based on superconducting nanowire single-photon detector based on NbN developed by the Shanghai Institute of Microsystem and Information Technology (SIMIT) in China. Detector 4 is ID 230 developed by IDQ. Detector 5 is an experimental detector, developed at the Group of Applied Physics at the University of Geneva. Detector 6 corresponds to superconducting detectors developed at NIST(USA), which are being commercialized by IDQ.

[00120] Further, due to noise in the environment (background radiation, light pollution produced by human activity, etc.), it may be advantageous to use a synchronized system to reduce background noise, as described above. For 1550 nm, for example, the testing system is implemented through adaptive gating in the detector, which allows to open or activate the detector when a photon is expected to arrive. In the case of 800-850 nm, the testing system can be implemented by processing the output signal with a digital circuit, using for example, an AND gate or a time-to-digital converter in combination with the clock signal of the system.

[00121] As shown in Table 7, for a 1550 nm source, detector 6 appears to be the best option due to its high quantum efficiency and low noise. However, detector 6 has two main drawbacks. The first drawback is that is must be operated close to absolute zero in order to obtain the tested performance, which would require an expensive and rather large dilution refrigerator. Second, due to the small size of the detecting element of detector 6, these detectors need to be coupled through a single mode fiber. Coupling the received beam with wavefront having been distorted during propagation through the atmosphere into a single mode fiber (with a core size of approximately 8 pm) would introduce much loss and instability, which would negate any advantage offered by the high efficiency of detector 6. Alternatively, an array of such detector may be used. A potential solution would be to use an array of detectors instead, which can be coupled with multimode fibers rather than single mode fibers with much larger core sizes.

[00122] Other detectors in Tables 6 and 7 may be used in the QKDS system described above.

[00123] FIG. 11 further shows a mobile QKD scheme that enables a mobile device to transmit or receive keys via quantum channels. As shown in Fig. 11 , a station 1102 in a form of sleeve, case, dongle, or dock for a mobile device 1104 (e.g., cell phone or other mobile devices) may be configured to communicate with a QKD node 1106 via one or more quantum channels 1108 (and other classical servicing and/or data or control channels, not shown in FIG. 11 ). The QKD node 1106 may any network node that is capable of QKD, including but not limited to a ground terminal or station or the LEO satellite described in the QKDS systems above for providing QKD services. The mobile device 1104 may be connected to the station 1102 via any type of connection, e.g., via a secure local USB connection 1112 (wire or connector) using a USB port 1110 of the mobile device 1104. The station 1102 include a quantum transceiver 1114 that communicate with the QKD node 1106 for transmitting or receiving keys via the quantum channel 1108. The connection between the station 1102 and the Mobile device may alternatively via short range wireless means (the short-range aspect is preferable so that the communication of keys between station 1102 and the mobile device is not likely to be intercepted).

[00124] The quantum channel 1108 may be optical, in the form of transmission of single photons. For example, the channel may be based on single mode or multimode optical fiber (with sufficient short span so that the optical loss, polarization and/or wavefront distortion is under some operational threshold, otherwise, quantum, repeaters may be inserted therebetween). Alternatively, the optical quantum channel maybe free space. In that situation, the station 1102 and or the QKD node 1106 may further contain optical alignment and pointing components for establishing free space contact via alignment channel 1120, similar to the APT components (such as alignment lasers 1130, scanning and pointing stages and controllers, not shown, and alignment receiver 1140) described above between the satellite and the ground terminals.

[00125] In some implementations, single photons may be transmitted in the quantum channel 1108. Information (e.g., key information) may be encoded by polarization states of the single photons, as described above in the context of the quantum channels between the LEO satellite and ground terminal in the QKDS system above. If the quantum channel 1108 is provided via optical fibers, the manipulation and processing of polarization state of single photons in the optical fibers may follow the various manner described above.

[00126] In some implementations, the LEO satellite in the QKDS system above may function as the QKD node. Correspondingly, the station 1102 may then function similar to the ground terminal described in the QKDS system above with both a quantum subsystem and an APT subsystem. [00127] In some example implementations, the QKD node 1106 may transmit/receive key information via another quantum channel between itself and the LEO satellite described above. The QKD node 1106 thus may transmit or receive a key to/from the satellite via that quantum channel and then act as a trusted node and for retransmitting the received key to the station 1102 via the secure quantum channel 1108.

[00128] In some other example implementations, the QKD node 1106 may act as a quantum repeater that relay the key information (single photons) from the LEO satellite or other nodes via quantum channels to the station 1102 via the quantum channel 1108, without detecting the single photons at the QKD node 1106.

[00129] The station 1102 above thus may be configured with optical, electronic, and other processing components that is capable of processing the information associated with the QKD procedure and the quantum transceiver 1114 to process the key information communicated via the quantum channel 1108. Alternatively, the processing capability may be included in the mobile device 1104, and the station 1102 may simply provide signals associated with the quantum transceiver 1114 to the mobile device 1104.

[00130] In the system of FIG. 11 , in normal operation a user of the mobile device 1104 would have the mobile device connected to the station 1102 to allow for an application on the device to securely connect to the station 1102 and request or deliver keys transmitted through the quantum key distribution system (from the QKD node 1106, where the key could be from the LEO satellite in the QKDS system above). These keys would be used to perform additional key exchanges over unsecured mediums or purely as the encryption keys for communication channels. When the mobile device reaches either the time limit or data limit for the usage of the keys it would request additional keys from the station 1102.

[00131] The station 1102 may be configured to further provide visual or audio cues to the user either through the application or from a display or speaker on the therein when the remaining amount of key material is below a defined threshold.

[00132] The user would then be prompted to bring the station 1102 within line of sight of the QKD node 1106 and allow the station 1102 to perform alignment (via the APT channel of FIG. 11 ) and negotiation with the QKD node 1106 to obtain additional keying material wirelessly. Alternatively, the user may attach a fiber optic cable to the station 1102 that is pre-connected at another end to the QKD node 1106 and allow the station 1102 to negotiate with the QKD node 1106 to obtain additional keying material via single photons in the quantum channel 1108 in the form of the optical fiber. [00133] As described in detail above, a ground terminal configured to communicate with a satellite for quantum key distribution (QKD) is disclosed above. The ground terminal may include a secrete key generator; a QKD activation controller; an optical alignment pointing and tracking (APT) subsystem; a telescope; a single photon transceiver; and a processing circuitry. The QKD activation controller may be configured to trigger a QKD procedure when detecting a request for QKD service and when detecting that the satellite has entered an optical contact window with the ground terminal. The optical APT subsystem may be configured to perform an optical alignment to control and track a pointing of the telescope towards the satellite in response to the QKD procedure being triggered during the optical contact window. The single photon transceiver and the processing circuitry are configured to perform the QKD procedure by encoding a secrete key generated by the secrete key generator in a series of single photons and to transmit the series of single photons via the telescope to the satellite during the optical contact window in a quantum channel between the ground terminal and the satellite.

[00134] In the example implementation above, the series of single photons encode the secret key in their polarization states.

[00135] In any one of the example implementations above, the series of single photons are generated at a first optical wavelength near 850 nm or 1550 nm.

[00136] In any one of the example implementations above, the APT subsystem performs the optical alignment using one or more alignment lasers at a second optical wavelength.

[00137] In any one of the example implementations above, the first optical wavelength and the second optical wavelength are distinct.

[00138] In any one of the example implementations above, the APT subsystem and the single photon transceiver share the telescope. [00139] In any one of the example implementations above, the quantum channel between the ground terminal and the satellite comprises a space portion and an atmospheric portion.

[00140] In any one of the example implementations above, a size of the telescope is determined via an optimization procedure that minimizes an aggregated optical loss of a beam divergence loss and a pointing error loss of the quantum channel. [00141] In another example implementation, a QKD system enclosed in a satellite is disclosed. The QKD system may be configured to communicate with at least a first ground terminal and a second ground terminal. The QKD system may include an optical APT subsystem; a telescope; a single photon receiver; and a processing circuitry. The optical APT subsystem may be configured to perform an optical alignment to control and track a pointing of the telescope towards the first ground terminal during a first optical contact window and towards the second ground terminal during a second optical contact window separate from the first optical contact window. The single photon receiver and the processing circuitry may be configured to perform a QKD procedure by receiving a first series of single photons encoding a first secrete key from the first ground terminal during the first optical contact window via the telescope in a quantum channel between the satellite and the first ground terminal and the second ground terminal; receiving a second series of single photons encoding a second secrete key from the second ground terminal during the second optical contact window via the telescope in the quantum channel; combining the first secrete key and the second secrete key into a combined key; and transmitting the combined key to the first ground terminal or the second ground terminal using an open classical communication channel.

[00142] In the example implementation above, the first series of single photons and the second series of single photons carry the first secret key and the second secret key in their respective polarization states.

[00143] In any one of the example implementations above, the first series of single photons and the second series of single photons are generated at a first optical wavelength near 850 nm or 1550 nm. [00144] In any one of the example implementations above, the APT subsystem performs the optical alignment using one or more alignment lasers at a second optical wavelength.

[00145] In any one of the example implementations above, the first optical wavelength and the second optical wavelength are distinct.

[00146] In any one of the example implementations above, the APT subsystem and the single photon receiver share the telescope.

[00147] In any one of the example implementations above, the quantum channel comprises a space portion and an atmospheric portion.

[00148] In any one of the example implementations above, a size of the telescope is determined via an optimization procedure that minimizes an aggregated beam divergence loss and pointing error loss in the quantum channel.

[00149] In yet another example implementation, a mobile quantum communication station electrically connectable to a mobile processing device is disclosed. The mobile quantum communication station may include an optical port for a quantum channel the mobile quantum communication station and a QKD node; a single photon transceiver; and an electric connector. The electric connector is configured for signal connection with the mobile processing device. The single photon transceiver is configured to perform a QKD procedure on behalf of the mobile processing device by transmitting or receiving a secret key via the optical port and the quantum channel between the mobile quantum communication station and the QKD node.

[00150] In the example implementation above, optical port comprises a telescope, and the quantum channel comprises a free space optical communication channel.

[00151] In any one of the example implementations above, the mobile quantum communication station may further include an optical APT subsystem configured to perform an optical alignment to control and tracking a pointing of the telescope towards the QKD node.

[00152] In any one of the example implementations above, the optical port may include an optical fiber connector. [00153] The method and system may also be embedded in a computer program product, which includes all the features enabling the implementation of the operations described herein and which, when loaded in a computer system, is able to carry out these operations. Computer program in the present context means any expression, in any language, code or notation, of a set of instructions intended to cause a system having an information processing capability to perform a particular function, either directly or after either or both of the following: a) conversion to another language, code or notation; b) reproduction in a different material form.

[00154] Many other modifications of the implementations above may be made to adapt a particular situation or material to the teachings without departing from the scope of the current disclosure. Therefore, it is intended that the present methods and systems not be limited to the particular embodiments disclosed, but that the disclosed methods and systems include all embodiments falling within the scope of the appended claims.

Claims

1. A ground terminal configured to communicate with a satellite for quantum key distribution (QKD), comprising: a secrete key generator; a QKD activation controller; an optical alignment pointing and tracking (APT) subsystem; a telescope; a single photon transceiver; and a processing circuitry, wherein: the QKD activation controller is configured to trigger a QKD procedure when detecting a request for QKD service and when detecting that the satellite has entered an optical contact window with the ground terminal; the optical APT subsystem is configured to perform an optical alignment to control and track a pointing of the telescope towards the satellite in response to the QKD procedure being triggered during the optical contact window; and the single photon transceiver and the processing circuitry are configured to perform the QKD procedure by encoding a secrete key generated by the secrete key generator in a series of single photons and to transmit the series of single photons via the telescope to the satellite during the optical contact window in a quantum channel between the ground terminal and the satellite.

2. The ground terminal of claim 1 , wherein the series of single photons encode the secret key in their polarization states.

3. The ground terminal of claim 1 , wherein the series of single photons are generated at a first optical wavelength near 850 nm or 1550 nm.

4. The ground terminal of claim 3, wherein the APT subsystem performs the optical alignment using one or more alignment lasers at a second optical wavelength.

5. The ground terminal of claim 4, wherein the first optical wavelength and the second optical wavelength are distinct.

6. The ground terminal of claim 4, wherein the APT subsystem and the single photon transceiver share the telescope.

7. The ground terminal of claim 1 , wherein the quantum channel between the ground terminal and the satellite comprises a space portion and an atmospheric portion.

8. The ground terminal of claim 7, where a size of the telescope is determined via an optimization procedure that minimizes an aggregated optical loss of a beam divergence loss and a pointing error loss of the quantum channel.

9. A QKD system enclosed in a satellite, configured to communicate with at least a first ground terminal and a second ground terminal, the QKD system comprising: an optical APT subsystem; a telescope; a single photon receiver; and a processing circuitry, wherein: the optical APT subsystem is configured to perform an optical alignment to control and track a pointing of the telescope towards the first ground terminal during a first optical contact window and towards the second ground terminal during a second optical contact window separate from the first optical contact window; and the single photon receiver and the processing circuitry are configured to perform a QKD procedure by: receiving a first series of single photons encoding a first secrete key from the first ground terminal during the first optical contact window via the telescope in a quantum channel between the satellite and the first ground terminal and the second ground terminal; receiving a second series of single photons encoding a second secrete key from the second ground terminal during the second optical contact window via the telescope in the quantum channel; combining the first secrete key and the second secrete key into a combined key; and transmitting the combined key to the first ground terminal or the second ground terminal using an open classical communication channel.

10. The QKD system of claim 9, wherein the first series of single photons and the second series of single photons carry the first secret key and the second secret key in their respective polarization states.

11 . The QKD system of claim 9, wherein the first series of single photons and the second series of single photons are generated at a first optical wavelength near 850 nm or 1550 nm.

12. The QKD system of claim 11 , wherein the APT subsystem performs the optical alignment using one or more alignment lasers at a second optical wavelength.

13. The QKD system of claim 12, wherein the first optical wavelength and the second optical wavelength are distinct.

14. The QKD system of claim 12, wherein the APT subsystem and the single photon receiver share the telescope.

15. The QKD system of claim 9, wherein the quantum channel comprises a space portion and an atmospheric portion.

16. The QKD system of claim 15, where a size of the telescope is determined via an optimization procedure that minimizes an aggregated beam divergence loss and pointing error loss in the quantum channel.

17. A mobile quantum communication station electrically connectable to a mobile processing device, comprising: an optical port for a quantum channel the mobile quantum communication station and a QKD node; a single photon transceiver; and an electric connector. wherein: the electric connector is configured for signal connection with the mobile processing device; and the single photon transceiver is configured to perform a QKD procedure on behalf of the mobile processing device by transmitting or receiving a secret key via the optical port and the quantum channel between the mobile quantum communication station and the QKD node.

18. The mobile quantum communication station of claim 17, wherein the optical port comprises a telescope, and the quantum channel comprises a free space optical communication channel.

19. The mobile quantum communication station of claim 18, further comprising an optical APT subsystem configured to perform an optical alignment to control and tracking a pointing of the telescope towards the QKD node.

20. The mobile quantum communication station of claim 17, wherein the optical port comprises an optical fiber connector.