HTML5 Webook

30/84

(3-6) e data owner calculates MAC from 00 as in the rst phase. If is equal to the calcu-lated MAC, the data owner successfully reconstructs the secret data .In the procedure described above, note that there are no risks of data leakage when , because secret data is masked by and . erefore, the procedure ensures safe data transmission, data preservation, password authen-tication and data reconstruction in line with information theory. Figure 2 shows an outline of the protocol.3Implementation of and experiments on QKD networkTo put the scheme we developed into practice, a com-munications network with networked QKD links is re-quired. Since 2010, NICT and JGN have been cooperatively operating Tokyo QKD Network, whose op-eration center is based at NICT Headquarters (Koganei) [14]. Even with QKD systems made in Japan having world-highest performances, our QKD network is susceptible to transmission path losses because the system uses a series of single photons as transmission media. However, the key generation rate of these systems is 1 M bps with transmis-sion of 50 km optical ber[7] [8]. To extend the eective service area of QKD, we have been conducting operations on a connection of QKD links—a number of QKD links are interconnected at a connector. Such a connector is called a node, and it preserves the key information as a normal bit-stream. Such a node, because it is strictly pro-tected to secure its safety so that no risks of intrusion and information the assumedly exist, is dened as a “trusted node.”Service-area extension is realized by relaying the other link’s key stored in a node aer being exclusive-OR pro-cessed from a link to another link. e operation of such a QKD network requires a network architecture enabling strict key management. Since 2010, NICT has been devel-oping a QKD network architecture and communication applications using a QKD key [11] [15] [16]. e network architecture we proposed has a structure of 3 layers follow-ing the OSI model; the layer called the quantum layer contains QKD links; in the key-management layer, keys generated in individual QKD systems are format-converted FiF3　Schematic diagram of QKD platform and shared storage network constructed on Tokyo QKD NetworkQKD linkPrivate channelBoundary of responsivitydata ownerTrusted nodeSecure key transferAuthenticated classical channelKMSNEC-0NEC-1NTT-NICTToshibaSeQureNetGakushuinTokyo QKDNetwork Secret sharingShareholderKMADistributed storage network 26　　　Journal of the National Institute of Information and Communications Technology Vol. 64 No. 1 (2017)3 Quantum Key Distribution Network