quantum cryptography

Quantum cryptography uses our current knowledge of physics to develop a cryptosystem that is not able to be defeated - that is, one that is completely secure against being compromised without knowledge of the sender or the receiver of the messages. The word quantum itself refers to the most fundamental behavior of the smallest particles of matter and energy: quantum theory explains everything that exists and nothing can be in violation of it.

Quantum cryptography is different from traditional cryptographic systems in that it relies more on physics, rather than mathematics, as a key aspect of its security model.

Essentially, quantum cryptography is based on the usage of individual particles/waves of light (photon) and their intrinsic quantum properties to develop an unbreakable cryptosystem - essentially because it is impossible to measure the quantum state of any system without disturbing that system. It is theoretically possible that other particles could be used, but photons offer all the necessary qualities needed, their behavior is comparatively well-understood, and they are the information carriers in optical fiber cables, the most promising medium for extremely high-bandwidth communications.

How It Works in Theory

In theory, quantum cryptography works in the following manner (this view is the "classical" model developed by Bennett and Brassard in 1984 - some other models do exist):

Assume that two people wish to exchange a message securely, traditionally named Alice and Bob. Alice initiates the message by sending Bob a key, which will be the mode for encrypting the message data. This is a random sequence of bits, sent using a certain type of scheme, which can see two different initial values represent one particular binary value (0 or 1).

Let us assume that this key is a stream of photons travelling in one direction, with each of these photon particles representing a single bit of data (either a 0 or 1). However, in addition to their linear travel, all of these photons are oscillating (vibrating) in a certain manner. These oscillations can occur in any 360-degree range across any conceivable axis, but for the purpose of simplicity (at least as far as it is possible to simplify things in quantum cryptography), let us assume that their oscillations can be grouped into 4 particular states: we'll define these as UP/DOWN, LEFT/RIGHT, UPLEFT/RIGHTDOWN and UPRIGHT/LEFTDOWN. The angle of this vibration is known as the polarization of the photon. Now, let us introduce a polarizer into the equation. A polarizer is simply a filter that permits certain photons to pass through it with the same oscillation as before and lets others pass through in a changed state of oscillation (it can also block some photons completely, but let's ignore that property for this exercise). Alice has a polarizer that can transmit the photons in any one of the four states mentioned - in effect, she can choose either rectilinear (UP/DOWN and LEFT/RIGHT) or diagonal (UPLEFT/RIGHTDOWN and UPRIGHT/LEFTDOWN) polarization filters.

Alice swaps her polarization scheme between rectilinear and diagonal filters for the transmission of each single photon bit in a random manner. In doing so, the transmission can have one of two polarizations represent a single bit, either 1 or 0, in either scheme she uses.

When receiving the photon key, Bob must choose to measure each photon bit using either his rectilinear or diagonal polarizer: sometimes he will choose the correct polarizer and at other times he will choose the wrong one. Like Alice, he selects each polarizer in a random manner. So what happens with the photons when the wrong polarizer is chosen?

The Heisenberg Uncertainty Principle states that we do not know exactly what will happen to each individual photon, for in the act of measuring its behavior, we alter its properties (in addition to the fact that if there are two properties of a system that we wish to measure, measuring one precludes us from quantifying the other). However, we can make a guess as to what happens with them as a group. Suppose Bob uses a rectilinear polarizer to measure UPLEFT/RIGHTDOWN and UPRIGHT/LEFTDOWN (diagonal) photons. If he does this, then the photons will pass through in a changed state - that is, half will be transformed to UP/DOWN and the other half to LEFT/RIGHT. But we cannot know which individual photons will be transformed into which state (it is also a reality that some photons may be blocked from passing altogether in a real world application, but this is not relevant to the theory).

Bob measures some photons correctly and others incorrectly. At this point, Alice and Bob establish a channel of communication that can be insecure - that is, other people can listen in. Alice then proceeds to advise Bob as to which polarizer she used to send each photon bit - but not how she polarized each photon. So she could say that photon number 8597 (theoretically) was sent using the rectilinear scheme, but she will not say whether she sent an UP/DOWN or LEFT/RIGHT. Bob then confirms if he used the correct polarizer to receive each particular photon. Alice and Bob then discard all the photon measurements that he used the wrong polarizer to check. What they have, is, on average, a sequence of 0s and 1s that is half the length of the original transmission...but it will form the basis for a one-time pad, the only cryptosystem that, if properly implemented, is proven to be completely random and secure.

Now, suppose we have an eavesdropper, Eve, who attempts to listen in, has the same polarizers that Bob does and must also randomly choose whether to use the rectilinear or diagonal one for each photon. However, she also faces the same problem that Bob does, in that half the time she will choose the wrong polarizer. But Bob has the advantage of speaking to Alice to confirm which polarizer type was used for each photon. This is useless to Eve, as half the time she used the wrong detector and will misinterpret some of the photons that will form that final key, rendering it useless.

Furthermore, there is another level of security inherent in quantum cryptography - that of intrusion detection. Alice and Bob would know if Eve was eavesdropping on them. The fact that Eve is on the "photon highway" can become obvious because of the following.

Let's say that Alice transmits photon number 349 as an UPRIGHT/LEFTDOWN to Bob, but for that one, Eve uses the rectilinear polarizer, which can only measure UP/DOWN or LEFT/RIGHT photons accurately. What Eve will do is transform that photon into either UP/DOWN or LEFT/RIGHT, as that is the only way the photon can pass. If Bob uses his rectilinear polarizer, then it will not matter what he measures as the polarizer check Alice and Bob go through above will discard that photon from the final key. But if he uses the diagonal polarizer, a problem arises when he measures its polarization; he may measure it correctly as UPRIGHT/LEFTDOWN, but he stands an equal chance, according to the Heisenberg Uncertainty Principle, of measuring it incorrectly as UPLEFT/RIGHTDOWN. Eve's use of the wrong polarizer will warp that photon and will cause Bob to make errors even when he is using the correct polarizer.

To discover Eve's nefarious doings, they must perform the above procedures, with which they will arrive at an identical key sequence of 0s and 1s - unless someone has been eavesdropping, whereupon there will be some discrepancies. They must then undertake further measures to check the validity of their key. It would be foolish to compare all the binary digits of the final key over the unsecured channel discussed above, and also unnecessary.

Let us assume that the final key comprises 4,000 binary digits. What needs to be done is that a subset of these digits be selected randomly by Alice and Bob, say 200 digits, in terms of both position (that is, digit sequence number 2, 34, 65, 911 etc) and digit state (0 or 1). Alice and Bob compare these - if they match, then there is virtually no chance that Eve was listening. However, if she was listening in, then her chances of being undiscovered are one in countless trillions, that is, no chance in the real world. Alice and Bob would know someone was listening in and then would not use the key - they would need to start the key exchange again over a secure channel inaccessible to Eve, even though the comparisons between Alice and Bob discussed above can still be done over an insecure channel. However, even if Alice and Bob have concluded that the their key is secure, since they have communicated 200 digits over an un-secure channel, these 200 digits should be discarded from the final key, turning it from a 4,000 into a 3,800 bit key).

Thus, quantum cryptography is a way to combine the relative ease and convenience of key exchange in public key cryptography with the ultimate security of a onetime pad.

How It Works in Practice

In practice, quantum cryptography has been demonstrated in the laboratory by IBM and others, but over relatively short distances. Recently, over longer distances, fiber optic cables with incredibly pure optic properties have successfully transmitted photon bits up to 60 kilometers. Beyond that, BERs (bit error rates) caused by a combination of the Heisenberg Uncertainty Principle and microscopic impurities in the fiber make the system unworkable. Some research has seen successful transmission through the air, but this has been over short distances in ideal weather conditions. It remains to be seen how much further technology can push forward the distances at which quantum cryptography is practical.

Practical applications in the US are suspected to include a dedicated line between the White House and Pentagon in Washington, and some links between key military sites and major defense contractors and research laboratories in close proximity.

This was last updated in September 2005

Continue Reading About quantum cryptography

Dig Deeper on Data security and privacy