1. Introduction
2. Vulnerability of trusted-relay QKD networks
Figure 1. The structure of a trusted-relay QKD network. |
Figure 2. Attack on a trusted-relay QKD network. |
3. A model for a cascading attack on a trusted-relay QKD network
where ${{\rm{\Gamma }}}_{i}$ and ${{\rm{\Gamma }}}_{j}$ represent the sets of neighboring nodes of node i and node j, respectively, and ρ denotes the proportion of traffic transferred. We assume that the capacity Cij of edge eij is proportional to its initial load for ${C}_{{ij}}=\beta {L}_{{ij}}$, where $\beta$ is a tolerance parameter, $\beta \geqslant 1$.
This means that if the load of edge eij, Lij is lower than $\gamma {C}_{{ij}}$, eij does not crash. If Lij is greater than C, eij transfers traffic $\rho * {L}_{{ij}}$ to its adjacent edges. If the remaining traffic passing through eij is greater than Cij, eij crashes with a probability of 1.
Figure 3. Influence of γ on $E(P({e}_{{ij}}))$ in the simulation of a cascading attack on a QKD network. |
Figure 4. Influence of ρ on $E(P({e}_{{ij}}))$ in the simulation of a cascading attack on a QKD network. |
4. Defense strategy against cascading attacks on trusted-relay QKD networks
By substituting Lim, ${\rm{\Delta }}{L}_{{im}}$, Cim into the above formula, we obtain
which can be written as
Also, ${\sum }_{a\in {{\rm{\Gamma }}}_{i}}{k}_{a}^{\alpha }={\sum }_{k^{\prime} ={k}_{\min }}^{{k}_{\max }}{k}_{i}P(k^{\prime} | {k}_{i})k{{\prime} }^{\alpha }$, where $P(k^{\prime} | {k}_{i})$ is the probability that node i has a neighbor $k^{\prime} $, and ${k}_{\min }$ and ${k}_{\max }$ denote the minimum and maximum degrees in the network, respectively. Because the BA network has no degree-degree correlation, $P(k^{\prime} | {k}_{i})=k^{\prime} P(k^{\prime} )/\langle k\rangle $, where $\langle k\rangle $ denotes the average degree of the network. We then obtain ${\sum }_{a\in {{\rm{\Gamma }}}_{i}}{k}_{a}^{\alpha }={\sum }_{k^{\prime} ={k}_{\min }}^{{k}_{\max }}\tfrac{{k}_{i}\langle {k}_{\alpha +1}\rangle }{\langle k\rangle }$ and ${\sum }_{b\in {{\rm{\Gamma }}}_{j}}{k}_{b}^{\alpha }={\sum }_{k^{\prime} ={k}_{\min }}^{{k}_{\max }}\tfrac{{k}_{j}\langle {k}_{\alpha +1}\rangle }{\langle k\rangle }$. Eq.5 can be rewritten as
In view of $\tfrac{{k}_{i}}{{k}_{j}^{\alpha }}+\tfrac{{k}_{j}}{{k}_{i}^{\alpha }}\geqslant \tfrac{2}{{\left({k}_{i}{k}_{j}\right)}^{\tfrac{\alpha -1}{2}}}$, we can obtain
As described above, if we want to reduce the breakdown probability, the value of $\beta$ should be increased. Supposing the breakdown probability of eim, p = 0, then we have
According to this formula, we can reduce the requirement for $\beta$ by increasing the value of γ. At the same time, we can increase the value of ρ and transfer more payload to other paths. We can then obtain a suitable value for $\beta$ by adjusting the parameters ρ and γ in order to defend against the cascading attack on the QKD network.