Quantum Key Distribution (QKD) is a technology that is being developed to provide secure communication between two parties. Conceptually similar to any other shared key protocol, the fundamental difference with QKD is that it leverages quantum mechanics to protect the key.
Unlike mathematics-based cryptography, which protects keys by making it computationally hard to get them, QKD makes it impossible to get them. Not without its drawbacks, however, QKD requires the extra step of having the parties classically authenticate that their key has not been compromised.
It is important to remember that QKD does not protect messages, it protects the keys that protect the messages. Consequently, it is compatible with existing encryption algorithms. For more information, the University of Waterloo’s Institute for Quantum Computing has an article titled “Quantum Communication” that covers quantum cryptography, quantum teleportation, and secure communication. There is also a lot of information in Toshiba’s article, “Quantum Key Distribution (QKD): Delivering provably secure networking for the quantum computing age,” which introduces their QKD solution.
One way to generate quantum keys could be to use quantum computers. Quantum computers can generate random numbers, random quantum states, and even specific distributions of numbers, not that non-uniform distributions are desirable for cryptography. Quantum computers have a significant number of other uses, as detailed in “Understanding the Potential of Commercial Quantum Computers” and “Quantum-as-a-Service: Definition, Advantages and Examples,” but quantum systems definitely excel at generating randomness.
But quantum computers are not ideal for this specific application, and so one method that is growing in popularity is called chip-based quantum key distribution. These chips are small enough to be manufactured into smartphones and other devices, and they generate keys by using tiny photon sources. These keys can then be used to secure communication, as previously described.
Imagine that two parties, commonly referred to as Alice and Bob, want to communicate securely. To protect the key that will encrypt and decrypt their messages:
By leveraging quantum mechanics, eavesdropping is guaranteed to be detectable. There is also a “no-cloning theorem” of quantum mechanics that prevents eavesdroppers from making perfect copies of the quantum states and disturbing the copies instead. Consequently, Alice and Bob can have a high level of confidence that their key is secure.
The key physical components of QKD systems include:
It is important to note that QKD does not necessarily require special infrastructure to implement. Some test deployments are using existing fiber optic networks.
Because current cryptosystems rely on computationally hard math problems, understanding how does quantum key distribution work may actually be easier. The quantum key distribution algorithm relies on random quantum states being randomly measured into random strings of bits. The sender and receiver only use the bits that were measured the same way, unless a sampling of those bits indicates discrepancies. Slight discrepancies may be attributed to errors that can arise in several different ways, but major discrepancies indicate interference by an eavesdropper. If eavesdropping is not detected, some classical processing refines the key, and then the key is ready for use.
It's worth noting that this approach is called a prepare-and-measure protocol, and it’s not the only possible QKD protocol. There are also entanglement-based protocols that use quantum teleportation to transmit keys with even stronger security. The downside, unlike prepare-and-measure protocols, is that entanglement-based protocols rely on quantum networks, which are still in development.