Abstract

Today’s networks are quickly evolving toward more dynamic and flexible infrastructures and architectures. This software-based evolution has seen its peak with the development of the software-defined networking (SDN) and network functions virtualization (NFV) paradigms. These new concepts allow operators to automate the setup of services, thus reducing costs in deploying and operating the required infrastructure. On the other hand, these novel paradigms expose new vulnerabilities, as critical information travels through the infrastructure from central offices, down to remote data centers and network devices. Quantum key distribution (QKD) is a state-of-the-art technology that can be seen as a source of symmetric keys in two separated domains. It is immune to any algorithmic cryptanalysis and is thus suitable for long-term security. This technology is based on the laws of physics, which forbids us from copying the quantum states exchanged between two endpoints from which a secret key can be extracted. Thus, even though it has some limitations, a correct implementation can deliver keys of the highest security. In this paper, we propose the integration of QKD systems with well-known protocols and methodologies to secure the network’s control plane in an SDN and NFV environment. Furthermore, we experimentally demonstrate a workflow where QKD keys are used together with classically generated keys to encrypt communications between cloud and SDN platforms for setting up a service via secure shell, while showcasing the applicability to other cryptographic protocols.

© 2017 Optical Society of America

Full Article  |  PDF Article
OSA Recommended Articles
Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD)

Yuan Cao, Yongli Zhao, Carlos Colman-Meixner, Xiaosong Yu, and Jie Zhang
Opt. Express 25(22) 26453-26467 (2017)

Integrated SDN/NFV Management and Orchestration Architecture for Dynamic Deployment of Virtual SDN Control Instances for Virtual Tenant Networks [Invited]

Raul Muñoz, Ricard Vilalta, Ramon Casellas, Ricardo Martinez, Thomas Szyrkowiec, Achim Autenrieth, Víctor López, and Diego López
J. Opt. Commun. Netw. 7(11) B62-B70 (2015)

Highly Available SDN Control of Flexi-Grid Networks With Network Function Virtualization-Enabled Replication

Ramon Casellas, Ricard Vilalta, Ricardo Martínez, and Raül Muñoz
J. Opt. Commun. Netw. 9(2) A207-A215 (2017)

References

You do not have subscription access to this journal. Citation lists with outbound citation links are available to subscribers only. You may subscribe either as an OSA member, or as an authorized user of your institution.

Contact your librarian or system administrator
or
Login to access OSA Member Subscription

Cited By

You do not have subscription access to this journal. Cited by links are available to subscribers only. You may subscribe either as an OSA member, or as an authorized user of your institution.

Contact your librarian or system administrator
or
Login to access OSA Member Subscription

Figures (10)

You do not have subscription access to this journal. Figure files are available to subscribers only. You may subscribe either as an OSA member, or as an authorized user of your institution.

Contact your librarian or system administrator
or
Login to access OSA Member Subscription