Everything you need to know about Quantum Cryptography...
This page is a non-technical introduction to Quantum Cryptography. If you are interested to learn more about the way Quantum Cryptography works, follow the Quantum Key Distribution for Techies link.
- Quantum Cryptography or Quantum Key Distribution?
- What Problem does QKD solve?
- Is it complex to deploy QKD?
- Do commercial QKD products exist?
- What are the practical limitations of QKD?
- Does QKD really offer absolute security?
I have heard about quantum cryptography and quantum key distribution. Is it the same thing?
Both terms describe the same technology. However the more accurate name is Quantum Key Distribution. This technology allows one to distribute sequence of random bit whose randomness and secrecy are guaranteed by the laws of quantum physics. These sequences can then be used as secret keys with conventional cryptography techniques to guarantee the confidentiality of data transmissions.
In the SwissQuantum network, the name Quantum Key Distribution — sometimes abbreviated as QKD — is preferred.
What advantage does QKD really bring in comparision to classical cryptographic techniques?
Cryptography offers — among other things — confidentiality of data transmissions. Before being transmitted, data is encrypted using an encryption algorithm (or process) and a secret key. After transmission, data is decrypted by reversing the encryption algorithm using the same secret key. The security of this scheme is based on the premise that the key is distributed only to the legitimate parties. This implies that the key transmission is a central problem (more information under Key Distribution).
Conventional cryptographic techniques rely on mathematical approaches to secure key transmission. However the security they offer is based on unproven assumptions and depends on the technology available to an eavesdropper.
Quantum Key Distribution is a technology that allows transmission of a sequence of random bits across an optical network and also verifies if this sequence was intercepted or not. This verification is based on the laws of quantum physics.
In practice, QKD is combined with conventional key distribution techniques (dual key agreement) to produce a key that is as secure as the strongest of the two original keys. With this approach, one can be sure to get the best of the classical and quantum world.
In summary, QKD provides long-term data transmission secrecy, which is not vulnerable to technological progress. On the contrary, classical cryptography provides secrecy only for a limited period of time.
QKD is a new technology and it exploits quantum physics. It is certainly complex to deploy and operate, isn’t it?
No, QKD is not complex to deploy. It has reached a level of maturity such that it only takes a typical network engineer a few minutes to install a QKD system. Moreover it can be managed using standard network administration tools.
In the SwissQuantum network, QKD equipments were deployed in less than a day, with most of the time spent in traffic jams whilst travelling from one site to the other.
Is QKD technology really so mature that commercial products already exist?
Other companies claim to offer or to be developing QKD products, but limited information is publicly available. It is however likely that the situation will evolve in the near future.
In what scenarios can QKD be used? What are the limitations of the technology?
QKD requires a direct optical channel — usually an optical fiber — between the emitter and the receiver. Standard optical fibers can be used. Contrary to a widespread misconception, it is not necessary to use a single fiber. Connections, splices and patching can be used.
Furthermore, QKD is also compatible with wavelength division multiplexing (WDM), although it does require more careful network design.
The only constraint is that no amplifiers are used on the optical fiber carrying the quantum signal. Such devices would perturb the communication in the same way an eavesdropper does. This implies in turn that the range of QKD is limited. Current commercial products can cover 100 km, while research prototypes were shown to work up to 250 km.
Due to the fact that it requires a direct optical link, QKD technology is inherently limited to point-to-point. However, it is possible — as demonstrated by the SwissQuantum project — to build a key management layer on top of QKD equipment to route and relay keys securely across meshed networks.
Overall QKD is perfectly compatible with the requirements of metropolitan area networks (MAN) communications. Applications include enterprise backbones and disaster recovery networks.
From time to time, I come across pieces of news that claim that QKD has been broken. Is it true?
Generally speaking, there are two conditions for a system to be secure:
- it must be based on sound principles
- its implementation must be correct and must not open up vulnerabilities
Contrary to classical key distribution techniques, which rely on unproven assumptions and thus do not fulfil the first criterion, the security of QKD is based on the laws of quantum physics and can be rigorously proven.
This having been said, it is then important to make sure that the practical embodiment of a QKD system also fulfils the second criterion and does not have any implementation flaws.
All the announcements about QKD having been cracked actually dealt with implementation flaws. These flaws are important but are inherent to any technological system.
In summary, the security of QKD is based on sound principles and, if properly implemented, it guarantees absolute security for key distribution.
For more technical details, follow the Quantum Key Distribution for Techies link.