Redefining Security

Clavis XG QKD System

Quantum Key Distribution for production environments requiring high

key transmission rate or extended range interconnection

Safety of current encryption methods, and especially of the key data. Clavis XG is the 4th generation of QKD product line
exchange mechanisms based on asymmetric cryptography, is a and expands the XG Series with higher key throughput
major concern today. Possible back-doors in current systems and extended distance range. QKD exploits a fundamental
combined with massive computing power already put high- principle of quantum physics – observation causes
value sensitive data at risk of being decrypted by malevolent perturbation – to exchange cryptographic keys over fiber
actors. Moreover, the arrival of quantum computers is imminent optic networks with provable security: an eavesdropper
and will render arithmetic asymmetric key exchanges unsafe: intercepting keys transmitted on the QKD quantum channel
encrypted data can be stored now and easily decrypted later. will necessarily translate into a perturbation that can be
Governments or enterprises, which must protect data for five detected by the sender and recipient.
to ten years or more, need to move to new crypto solutions now.
In contrast to conventional key distribution algorithms, QKD
As a leading security solution provider, IDQ has developed is the only known cryptographic technique which offers
Quantum Key Distribution (QKD) systems that generate 100% forward security, resilience to new attack algorithms
and distribute cryptographic keys across a provably secure from current and upcoming quantum computers.
communication network, to safely encrypt or authenticate

KEY MARKETS KEY APPLICATIONS

Telecom & Data Banking & Government Data center Long distance or high Extended distance
Center Service Finance & Defence interconnections throughput backbone distribution using
Providers optical networks fewer relay nodes

Critical Healthcare IP-rich Key distribution Crypto keys Validation of QKD

Infrastructure Organizations Enterprises across a complex as-a-service and encryption
network pilot networks
Clavis XG QKD System
Robust and standard design to be integrated in any Data Center
The Clavis XG is IDQ’s 4th generation of QKD systems, based on 20 years of experience in the
development and commercialization of quantum-based products. It supports any kind of network
topologies, such as point-to-point, relay, ring, and star networks. The XG Series is designed for
uninterrupted and long-term operation by providing high availability services.

SYSTEM DESCRIPTION

Clavis XG systems can be deployed in any network configuration that requires high key throughput or includes long
distance links. It is well suited for point-to-point, relay for extended distances, ring or star topologies. At each QKD
network node, an embedded Key Management System (KMS) software arbitrates the key distribution between QKD and
key consumers as well as performing add/drop or forward functions depending on the recipient’s location.

IDQ XG Series of products operates at standard telecommuni- and minimized total cost-of-ownership. All optical channels
cation wavelengths (in the O and/or C bands) and can be easily are compatible with the ITU recommendation for Dense-Wave-
retrofitted onto existing fiber optic network. The XG Series length-Division-Multiplexing (DWDM). To maximize the
meets all requirements for a simple and easy integration in distance between nodes, operation of the quantum channel
any data center. Its compact 19’’ rackmount 1U size offers the over a dark fiber is recommended. However, channel multi-
highest integration of QKD technology available in the market plexing over a single core can be performed with quantum
today. All the necessary key management, monitoring and ad- channel around 1310 nm (O-band) whenever fiber resources
ministration functions are embedded in the chassis to perform are scarce.
quantum key generation and distribution over a quantum chan-
nel with a transmitter (Alice) on one end and a receiver (Bob) In practice, QKD is often combined with conventional key dis-
on the other end. High availably features like redundant power tribution techniques, such as RSA or ECC, to generate a dual
supplies, hot swap battery and fans module are supported. key agreement. The resulting key is always at least as secure
as the strongest of the two original keys and provides proven
Quantum communication is performed over a standard quantum-safe security. Importantly, the dual key agreement
optical fiber leading to easy installation and maintenance, retains the existing certifications of the conventional system.
 KEY MANAGEMENT AND MONITORING

The XG Series integrates enhanced trusted security components, like

tamper detection, a secure memory module, as well as IDQ’s QRNG
chips which provide proven randomness for all related crypto functions.
These features guarantee the highest security standards throughout the
whole key management process, from key generation to key delivery, and
The Clavis XG QKD System including key storage.

The XG Series is compatible with IDQ’s QKD management and monitoring

framework. It consists of an Extensive Network and Key Management
Interoperability is key software suite: Clarion KX. This framework integrates current Software-
Defined Network (SDN) QKD ETSI standards as well as IDQ’s Quantum
Management System (QNET QMS) to facilitate all large QKD deployments.
The XG Series is the next generation It ensures a seamless integration in existing infrastructure.
commercial QKD system that can
interface with link encryptors from major
vendors. It answers high availability
requirements thanks to dual redundant
power supply, hot swap battery and fans
module, key buffering, and alerting and
monitoring functions.

Layer 3 Network
INTEROPERABILITY WITH
THIRD-PARTY SECURITY SYSTEMS
Layer 2.5 MPLS
The XG Series can interface and communicate with major
encryptor vendors. The XG Series supports standard and
proprietary interfaces. ID Quantique is actively taking part in
the standardization processes, particularly at ITU and ETSI, Layer 2 Data Link
to boost interoperability of QKD and other security systems.
Leading Optical Transport Network (OTN) vendors offer this
QKD-ready interface in their encryption’s appliances (OSI
Layer 1 Physical
Layer 1/2/3 and MPLS). ®

Integration with other suppliers available upon request

MAIN ADVANTAGES
Provably secure key distribution and Resilient to mechanical vibrations and thermal changes
instantaneous intarusion detection in fiber optics (polarisation-independent scheme)

Centrally monitored solution available

True Quantum random key generation
with QNET software

Single core for metropolitan area, through

Non-intrusive to data communication channels
multiplexing of all channels on the same fiber

Interoperability with major Ethernet and

Small form factor: 1U compact chassis (Alice or Bob)
OTN encryption vendors

Trusted Security (Tamper Detection, Secure

Easy installation and remote support
Memory Module, IDQ20MC1 QRNG chip)
SPECIFICATIONS

Key features

Maximum length of quantum channel (typ. @ 0.2 dB/km) 120 km (@ 24 dB, optional 150 km @ 30 dB)
Secret key rate Typical 14’000 AES-256 Keys per hour @ 24 dB
Integrated KMS Secret key rate Up to 700’000 AES-256 Keys per hour
Protocol BB84 with decoy state
Key generation source IDQ QRNG chip
Quantum channel C-Band – dark fiber (Optional: O-Band – WDM single core)
Service Channel 1 TX/RX DWDM channel (C-Band)
Optical engine Intrinsically Polarization independent
Key processing High speed hardware-based
Key security parameter1 �QKD = 4. 10-9
Pulse repetition rate 1 GHz

Environmental and physical parameters (per device)

Form factor 1U, 19’’ rackmount chassis

Dimensions (without front & back handles, and mounting kit) W 428 mm x L 610 mm x H 43.6 mm
Interfaces • Full Status LEDs available on the front panel
• 2x Duplex Fiber SFP (Service Channel, KMS-O)
• 1x Simplex Fiber (Quantum Channel)
• 4x 1Gb Ethernet ports (Keys / Encryptors, KMS, Mgt, Aux)
• 1x RS-232 (Console)
• 1x USB 2.0
Power supply 1+1 Redundant hot-swappable power supply
Each 300 W, 100-240 VAC, 47-63 Hz, 5-2.5 A or 36-72 VDC
(optional)
Weight 14 kg
Temperature range Operating +5 to +40°C
Non-operating -10 to +60°C
Relative humidity range Operating 5% to 85% RH, non-condensing2
Non-operating 5% to 90% RH, non-condensing2

Management and monitoring

Alerting functions & continuous monitoring3 XG Series can be administrated, configured and monitored via
multiples interfaces (QNET REST Web API, QNET CLI Tools,
QMS Web Application, SNMP, Syslog)

Applicable standards FCC: 47 CFR, Part 15 (Class A) CE Safety: IEC 62638-1:2018, IEC 60825-1:2014
Industry Canada: ICES-003, Issue 7 (Class A) CE EMC: EN 55032:2015+A11:2020 (Class A)
RoHS: 2015/863/EU EN 55035:2017+A11:2020
NIST: ESV IID SP 800-90B (IDQ QRNG chip)
1
With the above value, the probability that an eavesdropper knows at least one bit of a 256-bits AES key is about 10-12. See this example.
2
As per ETSI-300-019-1-3 Class 3.1
3
Provided separately

WORLD HEADQUARTERS SALES AND SUPPORT OFFICES

ID QUANTIQUE SA USA Austria Singapore South Korea

Boston, MA Vienna Singapore SungNam-si
Rue Eugène-Marziano 25
1227 Acacias/Geneva
Switzerland
www.idquantique.com | info@idquantique.com

Disclaimer: The information and specification set forth in this document are subject to change at any time by ID Quantique without prior notice.
Copyright©2025 ID Quantique SA - All rights reserved - G.192.0121-PB-2.2 - Specifications as of March 2025.