AIT Open Source Software for QKD Post Processing Workshop

Date and Location: Tuesday, Sept. 29, 2015, 9:30-12:30, Room 203 in Hitotsubashi Hall

(If we have many applications, the same workshop will also be held on Thursday, Oct. 1, 2015, 9:30-12:30)

Speakers and Instructors: Oliver Maurhart, Christoph Pacher, AIT Austrian Institute of Technology.


Registration required: you can register for this workshop through the QCrypt 2015 registration page below. Please choose the AIT workshop option. The fee for the workshop is 7,000 JPY.



This 3 hour workshop is a great opportunity for those who perform experiments with their own QKD system and aim to generate secure key. You will learn how the latest release R10 of AIT’s open source software for QKD post processing can be used to do so.


The AIT open source QKD software can be obtained from:

The new release is a significant overhaul of previous releases derived from the trusted repeater SECOQC[1] effort and results. It provides a concise and easy to use set of building blocks to integrate sifting, error estimation, information reconciliation (error correction) and privacy amplification. It supports network integration and information-theoretically secure authentication. The basic QKD post processing is supplemented by the Quantum Point-to-Point Protocol (Q3P), realizing the trusted node concept, which enables Information Theoretically Secure (ITS) network peer-to-peer communication for classical applications.

The workshop will cover:crypto context

  • History of the QKD post processing software: This short chapter outlines the major events which mark the development of the software. We show where and how the software was already used before reaching its current state.
  • QKD post processing primitives: We present a theoretic overview of sifting, error estimation, information reconciliation, and privacy amplification. Another issue in this context is the need for an authentic channel for running QKD post processing and we explain our delayed authentication model to this end.qkd-stack-architecture_small
  • Architecture: We present the design of the software. Keywords at this stage are: monolithic or loosely coupling, centralized or distributed, performance or flexibility and extensibility. Central to the design is the concept of a “QKD module” which operates on a bypassing keystream. We take a look on the possibilities of consecutively series of QKD modules forming a “QKD pipeline”. In this section we show how these translate into decisions that sum up to pros and cons of the current software implementation.
  • Management: An underestimated but major part of QKD post processing is administration. We go into details beyond starting and stopping a QKD pipeline. As this system is an orchestration of parallel and distributed entities which are running sometimes with hard time constraints in the order of magnitude of milliseconds (and some even of nanoseconds) on a 24/7 basis, ease of management is a central concern. After we discuss the basic configuration mechanisms we demonstrate the starting and stopping of QKD pipelines. big pictureThe software relies only on open standards on how to interact with each QKD module at runtime. Therefore any QKD module can be observed (e.g. current QBER or bps) and tweaked in real-time during processing of key material utilizing popular programming languages, even including BASH.
  • Modules: here we discuss the core open source QKD modules like qkd-sifting-bb84, qkd-cascade, etc. These are accompanied by specialized QKD modules dedicated to pipeline structure (like qkd-resize, qkd-demux), development (like qkd-cat, qkd-tee, qkd-throttle, qkd-drop, qkd-reorder), integration (qkd-enkey, qkd-dekey) and QKD analysis (qkd-statistics).
  • Tools: In order to develop, test, observe and analyze the system we also offer a set of tools. These range from command line tools like qkd-view to get a snapshot of all QKD related entities on the current machine or qkd-key-gen to create a pair of keystreams up to tools with a graphical user interface like qkd-simulator which simulates a quantum channel and produces “correlated qubits”.


Besides slide-based presentation and discussions we demonstrate live how to setup QKD pipelines and how to observe and manage these. The qkd-simulator will create detector signals and the participants can study how certain QKD modules react to changes of the input signals. For participants Virtual Machine images based on VirtualBox with preinstalled AIT QKD software will be available for download. With the help of these Virtual Machines participants can directly lay hands on the software and directly try out the various features and running QKD pipelines.

A final Q&A session will end the workshop. If time permits and if it is requested by the audience we will give a quick overview of the source code layout and will create live a simple “Hello World” QKD module and place it into a QKD pipeline. The Virtual Machines are Linux based and as such require some minimal knowledge how to operate a Linux system. During the Q&A session when discussing the source code or creating a QKD module basic C++ knowledge is welcomed.

[1]  SECOQC: “Secure Communication based on Quantum Cryptography” has been a project funded by the European Union within its FP6 from 2004 to 2008. It showed the first MAN QKD network consisting of 6 nodes up to a distance of 82 km in Vienna by utilizing different QKD technologies and systems (such as CV and EPR) provided by the project partners.


Should you be willing to attend the workshop….