image

Overview

My exploration of quantum computing continues with the next chapter focusing on security, specifically cryptography.  Quantum computing cryptographic security (try saying that fast twice ) depends on developing new cryptographic protocols and algorithms that protect against quantum computer attacks.  Technical advancements can also bring harm.

Current encryption methods face a potential security breach from quantum computers because these systems solve mathematical problems faster than classical computers. The way quantum mechanics transforms security mechanisms caught my attention. I will share what I discovered about Quantum Key Distribution (QKD) alongside encryption methods. I am developing this content around the scenario of the engineer speaking to the reader, as the requestor or program manager.

How Secure Is It?

Most individuals fail to understand that modern security standards are based on computational complexity instead of true unbreakability. The encryption protocols used today do not employ unbreakable encryption methods. Nothing is unbreakable. The security system depends on mathematical problems that require excessive time for computers to solve. Classic refers to the security measures used in the past.

The Key

All internet security mechanisms exist because traditional computers struggle to perform specific mathematical functions, particularly large number factorization operations.RSA encryption is a public key cryptographic algorithm that encrypts and decrypts data and creates digital signatures. It relies on a pair of keys: a public key for encryption and a private key for decryption.

Image

RSA depends on the challenge of finding prime factors of massive numbers, which conventional supercomputers would take thousands or millions of years to do.

Quantum Computers have changed the way we view computing. We covered this in my previous post.

Unlike classical computers that process bits (0s and 1s), quantum computers use qubits that can exist in multiple states simultaneously based on superposition. This gives them tremendous advantages for certain problems. Shor’s algorithm, developed in 1994, demonstrated that quantum computers could, in theory, factor large numbers exponentially faster than classical methods, potentially reducing those numerous problems to minutes or hours. These classic methods are no longer as effective.

And it’s not just public key cryptography that is at risk. Grover’s algorithm provides a quadratic speedup against symmetric encryption like AES, effectively cutting the security of these systems in half.

I’ve included links to both of these algorithms to take a closer look at how they work.                                                 

Unfortunately, today’s quantum computers aren’t powerful enough to withstand these attacks, but they’re improving rapidly. Google, IBM, Microsoft, and other companies are racing to build more powerful quantum machines. This means our classic cryptography may fail if it is subject to a quantum computer attack.

The Foundation of QKD

Quantum Distribution Key, or QKD, securely shares a secret key between two parties using elements of quantum mechanics called photons. Quantum physics guarantees this key is random. Most individuals fail to understand that modern security standards are based on computational complexity instead of true unbreakability. The encryption protocols used today do not employ unbreakable encryption methods. Nothing is unbreakable. The security system depends on mathematical problems that require excessive time for computers to solve. Classic refers to the security measures used in the past. These methods are limited because traditional computers struggle to perform specific mathematical functions, particularly large number factorization operations.

QKD  exchanges cryptographic keys between two parties. It approaches security from a completely different angle. Instead of using hard math problems, it relies on the unique behavior of quantum systems, which seems unusual but has been consistently verified by experiments.

Quantum Mechanics

Let’s dig a little deeper. There are three properties of quantum mechanics that form the foundation of QKD:

Quantum Superposition. In classical computing, a bit must be either 0 or 1. But quantum bits (qubits) can exist in a superposition state, essentially being both 0 and 1 simultaneously until measured. It’s not that the bit is either 0 or 1; it exists in both states at once. This is probably one of my favorite characteristics.

The NoCloning Theorem is a great security feature. Quantum mechanics prevents the user from creating a perfect copy of an unknown quantum state. If you have a qubit in some arbitrary quantum state and want to make a copy, it’s physically impossible without disturbing the original. Consider the security implications if information is encoded in quantum states; it can’t be copied without detection.

Measurement Disturbance: Whenever you measure a quantum system, you unavoidably change it. It’s a fundamental law of physics. Before measurement, a qubit can exist in a superposition of states. After measurement, it collapses to just one state. It is literally in flux.

Think about what this means for security: a communication channel where eavesdropping isn’t just difficult, it’s physically impossible without detection.

This is what makes QKD cutting-edge. Traditional cryptography says, “This would take too long to break.” QKD says, “The laws of physics themselves prevent this from being broken without detection.” Quantum computing has changed the game.

BB84: The First QKD Protocol

It sounds like a secret code or password, but the most widely implemented QKD protocol is called BB84. It is named after its inventors, Charles Bennett and Gilles Brassard, and the year they published it (1984). Despite being nearly 40 years old, it remains the foundation of most practical QKD systems today.

Here’s how it works

1. Quantum Bit Preparation. For example, you want to establish a secure key with another engineer. You start by generating a random sequence of bits (0s and 1s). For each bit, you randomly select one of two polarization bases to encode it, either the rectilinear basis (horizontal/vertical) or the diagonal basis (45°/135°). For example, horizontal polarization might represent 0 on a rectilinear basis, and vertical polarization might represent 1. On a diagonal basis, 45° might represent 0, and 135° might represent 1.
2. Transmission: You send individual photons to the engineer, with each photon encoded according to a random choice of bit values and bases.
3. Measurement: The engineer doesn’t know which basis you used for each photon. They randomly choose a measurement basis for each incoming photon, rectilinear or diagonal, and record the result. When the engineer’s chosen basis matches yours, they should get the correct bit value (barring errors). Quantum mechanics ensures the result is essentially random when they use different bases.
4. Basis Reconciliation After the quantum transmission is complete, you and the engineer communicate over a regular (public but authenticated) channel. They compare which basis they used for each bit position, but importantly, not the actual bit values. They keep only the bits where they happened to use the same basis and discard the rest. On average, they’ll keep about 50% of the original bits.

 

1. Error Estimation: To check for eavesdropping, you and the Engineer compare a random subset of their matching bits. If someone were intercepting the quantum transmission, the no cloning theorem and measurement disturbance principles guarantee that they would have introduced errors. If the error rate is below a certain threshold, they proceed; if it’s too high, they abort and try again.
2. Error Correction and Privacy Amplification: They perform error correction to fix discrepancies caused by normal noise and apply “privacy amplification” mathematical operations to reduce any partial information an eavesdropper might have gained.

The Idea

The core idea of BB84 is not overly complex, yet it gives us security based on the laws of physics that we can validate. No matter how powerful your computer is, you cannot break the laws of quantum mechanics.

It’s also important to note that there are many first-time references here, so it may be a good idea to invest in a journal to document some of these terms. I found myself going back and forth during the development of this post to define terms.

Quantum Computing Terms

• Rectilinear refers to a measurement basis where a qubit is measured along the standard |0? and |1? directions, also known as the vertical/horizontal basis. 
• No-cloning theorem in quantum mechanics states that it’s impossible to create an exact, independent copy of an unknown quantum state. 
• Horizontal polarization (one of the two fundamental, orthogonal states that can be used to encode information in a qubit) might represent 0
• Vertical polarization(one of the two fundamental, orthogonal states that can be used to encode information in a qubit) might represent 1.
• Cryptography ensures confidentiality by encrypting sent messages using an algorithm with a key only known to the sender and recipient.
• Bell’s inequality violations: The measured correlations between entangled particles cannot be explained by any local hidden variable theory.

 

Alternative QKD Protocols

Several important variations on the basic QKD concept have emerged:

• The E91 Protocol: Developed by Artur Ekert in 1991, this approach uses entangled photon pairs to establish secure keys. It offers enhanced security through Bell’s inequality violations, confirming the communication channel’s quantum nature.
• Continuous Variable QKD: Rather than using discrete properties like polarization, CVQKD employs continuous quantum variables such as the quadratures of coherent states. This offers compatibility with standard telecommunications components, potentially reducing implementation costs.
• Measurement Device Independent QKD: This innovative protocol addresses vulnerabilities in detection equipment by having an untrusted third party perform the quantum measurements. Counterintuitively, this approach eliminates an entire category of side channel attacks while maintaining security.

QKD Limitations

The theoretical security of QKD is mathematically proven, but implementing it in the real world introduces significant challenges that have limited widespread adoption.

Distance

Distance Limitations: This is perhaps the biggest practical constraint. Quantum signals attenuate exponentially with distance in optical fibers. Current fiber-based QKD systems are typically limited to around 100200 kilometers before the signal becomes too weak to detect reliably.

Some specialized laboratory setups have pushed this to around 500 kilometers using ultra low loss fibers and superconducting detectors, but these remain experimental. The fundamental issue is that, unlike classical signals, quantum signals cannot be amplified without destroying their quantum properties.

Researchers are working on quantum repeaters that could extend these distances, but fully functional quantum repeaters remain in the research stage.

Slowness

Painfully Slow Key Rates QKD systems generate cryptographic keys much more slowly than conventional methods. Typical rates range from about 10 kilobits per second for short distances to less than 1 kilobit per second for longer links.

This isn’t necessarily a dealbreaker; you don’t need to encrypt your communication with QKD-generated keys. A more practical approach is to use QKD to refresh keys for conventional encryption periodically. Still, these low rates constrain how QKD can be used in practice.

Expensive

Specialized (and Expensive) Hardware QKD requires specialized components that aren’t found in conventional communication systems:

• Single photon sources (or approximations using attenuated lasers)
• Single photon detectors that can detect individual photons
• Quantum random number generators for truly random choices
• Precise timing systems for synchronization
• Phase and polarization control systems

These components make QKD systems expensive. Commercial systems typically cost hundreds of thousands of dollars and are out of reach for all but the most secure applications. You won’t find this in your typical remote office at home.

Authentication

The Authentication Bootstrapping Problem. The quantum channel is secure against eavesdropping, but you still need a classical channel to compare basis choices. It is important that this classical channel be authenticated to prevent attacks.

But how do you authenticate this channel securely? You typically need some pre-shared key or credential, which means you need some initial secure communication method before using QKD. This complicates deployment in many scenarios.

Organizational security groups should start evaluating where QKD might fit into their security strategies. The road map for this integration will be essential to communicate the value and justify the additional cost. For most others, following developments in postquantum cryptography will be more immediately relevant.

Value

Security is not an optional investment it cannot be delayed or not prioritized.  Classic cryptography is no longer a long-term solution.  The next step is post-quantum cryptography (PQC), which is the development of cryptographic algorithms designed to be secure against attacks from classical and quantum computers. It’s a necessary shift in data protection due to the potential of quantum computers to break many of the encryption algorithms currently in use. 

Despite some limitations, quantum computing offers many opportunities for deeper learning and exploration. Although it may feel like you’re traveling down a rabbit hole at times,  there continues to be a lot of activity and advancements in this space. QKD represents one of the most interesting options available. I will continue to explore this topic in my next post. Personally, I am fascinated with this journey.