ODKE+: Multi-Field Technical Protocols
- ODKE+ is a designation for distinct technical systems, including ontology-guided LLM knowledge extraction, optical key exchange using IM/DD, and onion-routed quantum-resilient key establishment.
- It employs layered modular designs with hybrid methods—combining pattern rules with LLM prompts and rigorous cryptographic parameterization—to optimize precision and security.
- ODKE+ systems have demonstrated practical success by refreshing large-scale knowledge graphs, ensuring physical layer security in optical channels, and securing sessions through distributed, anonymized key fragments.
ODKE+ designates several unrelated but highly technical protocols and systems across distinct fields. The ODKE+ designation has appeared in: (1) ontology-guided LLM-based knowledge extraction pipelines for knowledge graphs, (2) optical direct key exchange protocols using binary intensity modulation and direct detection under eavesdropping, and (3) onion-routed, multi-circuit key establishment protocols for quantum-resilient session security. Each instantiation is detailed independently below, anchored in the published literature and experimental deployments.
1. Ontology-Guided Open-Domain Knowledge Extraction with LLMs
ODKE+ as presented in "Ontology-Guided Open-Domain Knowledge Extraction with LLMs" (Khorshidi et al., 4 Sep 2025) specifies a modular production-scale system for the high-precision extraction and ingestion of open-domain facts from web sources—primarily Wikipedia—into large-scale knowledge graphs (KGs). The primary objective is to maintain KG completeness and temporal freshness through automated workflows, minimizing human curation costs and ensuring schema consistency across a broad predicate space.
Pipeline Architecture
ODKE+ integrates five sequential modules:
- Extraction Initiator: Continuously monitors for entity page creations or updates and compares KG state () versus newly surfaced facts () to detect both "missing" () and stale facts (where is superseded by ).
- Evidence Retriever: Fetches full text or structured snippets for flagged entities from a web crawl index; canonicalizes entity-to-URL mapping.
- Hybrid Knowledge Extractors:
- Pattern-based: Deploys high-precision, field-aligned extraction rules against semi-structured tables (e.g., infoboxes), comprising a Predicate Mapper, Value Extractor (regex/unit handling), and Aggregator.
- LLM-based with Ontology-Guided Prompting: Constructs contextually pruned "ontology snippets" per entity type , listing top-K predicates (ranked by ), canonical descriptions, qualifiers (), normalization requirements, and allowable units (). The snippet, combined with page context, forms a constrained JSON extraction prompt for the LLM.
- Grounder: Validates candidate triples by querying a lightweight LLM in a factual-checking regime: for each assertion generated, it outputs "Yes" only if the supporting evidence is explicit in the source context.
- Corroborator: Normalizes extracted values, aggregates candidates per , deduplicates, and applies a linear or AutoML-derived ranking function based on a feature vector 0 (extractor type, model/rule confidence, document frequency, qualifier richness).
Prompt Construction and Schema Guidance
Ontology-guided snippets are computed offline from KG schema and metadata, producing token-limited JSON fragments (predicate, description, qualifiers, normalization rules) tailored per type. LLM extraction prompts explicitly list allowed schema fields and instruct for exact-match, non-inferential, and non-hallucinatory extraction. The grounder employs minimalistic natural language assertions for efficient, low-latency support verification.
Metrics and Results
- Production metrics: 19M high-confidence facts extracted, 195 predicates supported, 4M entity pages processed.
- Precision: 98.8% (weekly human QA), with raw LLM output at 91% pre-corroboration.
- Coverage gain: +10% answerable facts versus legacy, 48% predicate overlap with third-party KGs.
- Update lag: Average KG update latency reduced by 50 days.
- Operational modes: Batch (full re-crawl), and streaming (real-time entity edits, 150–250K new facts/day, <2h latency).
- Empirical findings: Post-grounding, hallucinations reduced by 35%. LLM-based methods are essential for full predicate coverage (>195), whereas pattern rules suffice for a small infobox subset.
Summary Table: ODKE+ Knowledge Extraction Pipeline
| Module | Primary Function | Key Feature |
|---|---|---|
| Extraction Initiator | Detects missing/stale facts | KG-page diffing |
| Evidence Retriever | Collects canonicalized source documents | Deterministic URLs |
| Knowledge Extractors | Extracts candidate facts; hybridized LLM/pattern | Schema-constrained prompts |
| Grounder | Validates factual support with secondary LLM | Hallucination filtering |
| Corroborator | Ranks, normalizes, and exports triples | Linear/AutoML scoring |
2. Optical Direct Key Exchange Plus Protocol
In the cryptographic context, ODKE+ denotes "Optical Direct Key Exchange Plus," an intensity-modulation/direct-detection (IM/DD) protocol operating over optical channels, specifically optimized under passive eavesdropping models (Banaszek et al., 2021). This protocol is a variant of classical key distribution using binary optical intensities and statistical security against an eavesdropper limited only by shot noise and device parameters.
Protocol Model
- Transmitter (Alice): Encodes bits as optical pulses with mean photon numbers 1, uniform random bit selection.
- Channel splitting: Bob receives fraction 2; eavesdropper (Eve) intercepts 3 (beam-splitter model), 4.
- Detection: Both legitimate and adversarial receivers implement direct detection with additive Gaussian noise (5, 6).
Secret-Key Rate Analysis
The key rate per slot is
7
where:
- 8: non-erasure probability,
- 9: Bob’s bit error rate,
- 0: binary entropy,
- 1: Eve's mutual information on Bob’s bit,
- 2: reconciliation efficiency.
Eve's information is computed via
3
with 4 the normalized Gaussian density, and normalized modulation depths 5, 6.
In the strong-splitting limit (7), the rate simplifies to
8
where 9.
Design Guidance
- Modulation depth: 0
- Hard-decision thresholds: 1, 2
System parameters are calibrated in real-time based on measured channel conditions (3, 4) and pre-tabulated optimal 5 pairs for given reconciliation efficiencies. This approach guarantees key rate maximization against passive, quantum-unbounded adversaries attuned only by physical noise constraints.
3. Onion-Routed Multi-Circuit Key Establishment for Quantum-Resilient Sessions
A third protocol labeled ODKE+ is specified in "Onion-Routed Multi-Circuit Key Establishment for Quantum-Resilient Sessions" (Mallick et al., 20 May 2026). Here, ODKE+ targets the "harvest-now, decrypt-later" (HNDL) threat from future cryptographically relevant quantum computers. It achieves session key confidentiality and unlinkability by partitioning a session key into 6 cryptographically protected fragments, which are then independently transmitted over 7 Tor circuits, each established using the NEWNYM Tor control signal.
Threat Model
- Adversary 8: Archives all ciphertext and can eventually break classical public-key encryption. Controls a fraction 9 of the Tor relay set (0 total relays) but not all.
- Anonymity property: 1's probability of linking all 2 fragments for a single session decays as 3, under the assumption of (quasi-)independent circuit selection.
Protocol Steps
- Session tag and key parameters are agreed out-of-band.
- The client requests a session key (256–768 bits typical), specifying number of fragments 4, from the Key Management Service (QKMS), via a Tor-based onion service proxy.
- QKMS splits the session key, optionally shuffles fragments, encrypts each with the client’s key (RSA-2048 or a hybrid KEM), and distributes fragments to the proxy’s channels.
- For each bundle/chunk of fragments, proxies trigger a new Tor circuit (SIGNAL NEWNYM), wait for stabilization, then POST to the client’s hidden service endpoint.
- Client reconstructs the session key after all 5 encrypted fragments are received and decrypted.
Pseudocode is provided for all roles (QKMS, proxy, client) in the protocol (Mallick et al., 20 May 2026).
Security Analysis
- Per onion circuit, end-to-end correlation probability is approximately 6.
- For 7 independent circuits, adversary's success probability is 8.
- With 9 and 0, this implies 1 circuit correlations, effectively ensuring unlinkability between the key and the associated session.
Parameterization and Performance
- Number of fragments (2): Security rises exponentially with 3; latency increases linearly (Tor circuit build and stabilization dominate: per-circuit 0.5–1.5s typical).
- Encryption: RSA-2048 or hybrid KEM per fragment; AES-GCM for data after establishment.
- Measured prototype: 13–20s end-to-end latency (n=10), with ≈88% Tor-overhead; cryptographic processing ≈12%; per-fragment decryption cost 0.18–0.21s.
- Trade-off: High anonymity suitable for non-interactive, high-confidentiality session setup with multi-year security requirements.
| Parameter | Security Impact | Latency Impact |
|---|---|---|
| 4 (fragments) | Anonymity 5 (exp.) | Linear in 6 |
| 7 (key length) | Fragment size adjustment | Crypto cost per frag. |
| Fragment encryption | PQ-resilience (hybrid KEM) | Extra per-fragment ops |
4. Core Insights and Lessons Learned
Across these diverse ODKE+ instantiations, the following principles underpin their effectiveness:
- Layered, modular design enhances both adaptability and production viability, whether for LLM-centric pipelines or distributed cryptographic protocols.
- Schema and context anchoring (in LLM-based extraction and PG KEM selection) delivers both precision and resilience to adversarial or unstructured input.
- Hybridization (pattern rules plus ML/LLM for extraction, PQ + classical for encryption) leverages complementary strengths, expanding coverage while containing operational costs and error rates.
- Parameter tuning—whether for key establishment anonymity (via 8) or optical modulation (via 9, 0)—enables systems to dynamically optimize under real-world latency, resource, or security constraints.
- Verification and corroboration modules systematically reduce error rates (hallucinations, false positives) to practical thresholds for deployment.
5. Practical Applications and Impact
In KG construction, ODKE+ has demonstrated production-scale capacity to refresh knowledge graphs with millions of high-confidence, schema-compliant facts, substantially reducing update lag and boosting real-world task coverage (Khorshidi et al., 4 Sep 2025). In cryptography, ODKE+ protocols deliver sound, quantifiable security either rooted in physical channel statistics (optical, shot-noise-limited settings (Banaszek et al., 2021)) or in composite anonymity via network fragmentation and post-quantum cryptography (Tor-based sessions (Mallick et al., 20 May 2026)). These results indicate broad applicability where trustworthiness, interpretability, and adversarial robustness are core operational requirements.