Hacking quantum networks!

Daily supervisor: Thomas Beauchamp (t.r.beauchamp@tudelft.nl)
Project supervisor: Stephanie Wehner

To run quantum network applications such as blind quantum computing, it is necessary to generate entangled links between the two end nodes involved in running the application. To do so, they must make use of shared resources in the quantum network, which in near-term networks will be mediated by a centralised controller. Access is only granted in response to requests submitted by end nodes (users). Therefore, to provide a good quality of service, the central controller needs to periodically accept new demands to be served and then compute and distribute new network schedules to the components of the network. However, this introduces a potential weakness: disrupt the operation of the central controller and potentially no-one in the network will be able to obtain service.

In our current implementation of the central controller, which we call Arqon, when a demand is submitted it immediately undergoes a (potentially computationally intensive) initial registration process. Therefore, for example, by flooding the controller with new demands, one could overload this process and prevent other users from accessing the network. There are, however, potentially more sophisticated attacks against not only the demand registration process, but also the other components which make up Arqon.

Figure 1: Simplified interaction diagram for the Arqon architecture showing its constituent component processes. Double stroked arrows indicate interactions with parties outside the central controller. Dashed arrows indicate responses to messages. Processes in light blue run in real-time in response to messages from end nodes. Processes in red run periodically. The network capabilities manager contains further subsystems not shown here.

Whilst we have implemented some crude measures against flooding the controller with new demands, we have not yet taken any measures against more sophisticated attacks, nor demonstrated that our measures are in fact sufficient. Therefore, we want to investigate possible ways one could implement a denial-of-service attack against Arqon, and, more importantly, find methods to counteract them.

This project is part of the Quantum Internet Alliance (QIA), a pan-European project funded by the European Commission to build a prototype quantum network by 2030.

Project Goals:

In this context, “evaluate” means to perform simulations and produce relevant plots or tables demonstrating the effectiveness of the subject countermeasure in counteracting the corresponding attack vector

• To evaluate the effectiveness of the simple countermeasures against DoS attacks implemented in Arqon.
• Identify possible attack vectors to affect a DoS attack on Arqon, focussing on demand registration.
• Design countermeasures for these attack vectors and evaluate their effectiveness in simulation.

Valued Background:

A background in computer science is preferred, however a maths or physics background may be possible. Knowledge of network security will be very useful, (e.g. CS4430). Knowledge about quantum computing and quantum networks is appreciated but is not necessary.

We will provide a simulator for Arqon written in Python, so a good knowledge of Python is required.

References/Background Reading

Thomas R. Beauchamp, Hana Jirovskà, Scarlett Gauthier, and Stephanie Wehner. A modular quantum network architecture for integrating network scheduling with local program execution. Unpublished., 2024