Cryptography is the art of scrambling data, a process which is called encryption, such that only someone with a specific “key” is capable of unscrambling the data, a process which is called decryption. Ideally, everyone without the “key” ought to be unable to decrypt the data, thus making the encrypted data thoroughly useless to unauthorized holders of it. Ideally, the communication between a sender and a receiver, or the data that is being stored, is protected.
Currently, this is done mathematically. The security of the encrypted data depends on very hard mathematical problems that cannot efficiently be solved even with the most powerful high-performance computers (HPC). These mathematical problems include integer factorization, discrete logarithm, and elliptic-curve discrete logarithm problems. Unfortunately, a large enough fault-tolerant quantum computer (FTQC) running Shor’s Factoring Algorithm could solve these problems efficiently, thus allowing the unauthorized decryption of the data.
In contrast, quantum cryptography foregoes these mathematical problems and protects the data with quantum mechanical principles. The best-known implementation of this is called quantum key distribution (QKD). The properties of a “quantum key” prevent it from being copied – due to the so-called “no cloning theorem” – and alerts the primary parties that the key has been compromised – due to the collapse of the wavefunction. And the key itself is a truly-random sequence of photons, not a pseudo-random sequence from a classical algorithm or classical hardware. Altogether, the data is, theoretically, completely secure.
It is worth stressing that these two approaches have different lifetimes. As recently mentioned, the mathematical approaches will only afford protection until Shor’s Factoring Algorithm becomes viable. Currently, Noisy Intermediate-Scale Quantum (NISQ) computers are neither large enough nor fault-tolerant enough to run this algorithm, but advancements are being made steadily. In contrast, the protection afforded by QKD has no foreseen expiration date.
For more information, the TechTarget Security definition “quantum cryptography” explains in greater detail what quantum cryptography is, how it works, how it is used, what its benefits are, what its limitations are, and its differences from classical cryptography. There is also a video explainer on the page.
Despite the closeness of the two terms, quantum cryptography is not to be confused with post-quantum cryptography (PQC). The differences are explained in a Quantum Xchange article titled “Quantum Cryptography, Explained,” which can be summarized as that the former leverages quantum technology while the latter simply protects against quantum technology.
With the advent of large-scale fault-tolerant quantum computing cryptography based on current approaches will be insufficient. QKD will use quantum technology to protect data with quantum mechanical principles. PQC, on the other hand, which is also referred to as quantum resistant cryptography and quantum safe cryptography, will continue to use classical algorithms. No quantum technologies will be involved. The difference between PQC and current approaches is that these new algorithms are believed to be resistant to attacks by future quantum computers.
For more information on quantum computing, by the way, check out “Important Technical Aspects in Quantum Computing,” which links to information on transversal gates, mid-circuit measurements, qubit shuttling, error correction, coherence, and scaling versus control. There is also a high-level introduction to neutral-atom computing, and more topics are forthcoming.
It is worth stressing that both approaches, QKD and PQC, have the same goal: to protect data from unauthorized access.
The primary benefit of quantum cryptography is, of course, data security. That benefit is achieved through and with the following other benefits:
Perhaps the single greatest benefit of QKD schemes is that they are future-proof. Based on our current knowledge of physics, QKD-protected data ought to be safe against all known and conceivable future attacks.
Quantum cryptography relies on quantum mechanical principles to provide data security. At a high-level, the steps to making it work are:
In the end, the sender and the receiver share a key with which they can have confidence that no one else has. And because the key is truly-random, there is no way that an unauthorized third party can decrypt the data. Leveraging quantum mechanics, therefore, the data is completely secure.