The basic idea here is that the act of measuring a quantum object, such as a photon, always changes it. So any attempt to eavesdrop on a quantum message cannot fail to leave telltale signs of snooping that the receiver can detect. That allows anybody to send a “one-time pad” over a quantum network which can then be used for secure communication using conventional classical communication.

via Government Lab Reveals It Has Operated Quantum Internet For Over Two Years | MIT Technology Review.

That may sound limiting but it still allows each node to send a one-time pad to the hub which it then uses to communicate securely over a classical link. The hub can then route this message to another node using another one time pad that it has set up with this second node. So the entire network is secure, provided that the central hub is also secure.