Secure NFV Orchestration Over an SDN-Controlled Optical Network With Time-Shared Quantum Key Distribution Resources

Alejandro Aguado, Emilio Hugues Salas, Paul Anthony Haigh, Jaume Marhuenda, Alasdair Price, Philip Sibson, Jake Kennard, Chris Erven, John Rarity, Mark Thompson, Andrew Lord, Reza Nejabati, Dimitra Simeonidou

Research output: Contribution to journalArticle (Academic Journal)peer-review

65 Citations (Scopus)
471 Downloads (Pure)


Quantum key distribution (QKD) is a state-of-the-art method of generating cryptographic keys by exchanging single photons. Measurements on the photons are constrained by the laws of quantum mechanics, and it is from this that the keys derive their security. Current public key encryption relies on mathematical problems that cannot be solved efficiently using present-day technologies; however, it is vulnerable to computational advances. In contrast QKD generates truly random keys secured against computational advances and more general attacks when implemented properly. On the other hand, networks are moving towards a process of softwarization with the main objective to reduce cost in both, the deployment and in the network maintenance. This process replaces traditional network functionalities (or even full network instances) typically performed in network devices to be located as software distributed across commodity data centers. Within this context, network function virtualization (NFV) is a new concept in which operations of current proprietary hardware appliances are decoupled and run as software instances. However, the security of NFV still needs to be addressed prior to deployment in the real world. In particular, virtual network function (VNF) distribution across data centers is a risk for network operators, as an eavesdropper could compromise not just virtualized services, but the whole infrastructure.
We demonstrate, for the first time, a secure architectural solution for VNF distribution, combining NFV orchestration and QKD technology by scheduling an optical network using SDN. A time-shared approach is designed and presented as a cost-effective solution for practical deployment, showing the performance of different quantum links in a distributed environment.
Original languageEnglish
Pages (from-to)1357-1362
Number of pages7
JournalJournal of Lightwave Technology
Issue number8
Early online date30 Dec 2016
Publication statusPublished - 15 Apr 2017

Structured keywords

  • Bristol Quantum Information Institute
  • QETLabs
  • Photonics and Quantum


  • Software Defined Networking
  • Network Functions Virtualization
  • Quantum Key Distribution


Dive into the research topics of 'Secure NFV Orchestration Over an SDN-Controlled Optical Network With Time-Shared Quantum Key Distribution Resources'. Together they form a unique fingerprint.

Cite this