1. Quantum Key Distribution

Quantum Key Distribution (QKD) is a method for producing a shared random secret key known only to two parties, which can then be used to encrypt and decrypt messages. Usually we use mathematics-based Key Exchange protocols.

QKD uses the physics of quantum systems, instead of hard mathematics problems, to guarantee the security of the system. and to make sure nobody but Alice and Bob know the final result.

2. The Quantum Channel

Unlike normal communication, QKD uses a quantum channel in addition to a classical channel. Classical channels are the ones we are familiar with to send bits (1's and 0's) over - WiFi, Ethernet, etc.

We send "qubits" as photons down the quantum channel, which in this case we can think of as an optical fiber, or just through the air if we have line of sight. Measuring a qubit changes its state, which is the core security feature used by QKD.

3. Basis Selection

Alice sends bits in one of two "bases" (like + or x). Bob measures them, choosing his own basis at random. They don't compare notes yet.

Each base and bit is chosen randomly. So Alice will choose one basis, and send one photon, and Bob will choose one basis and measure the photon when recieved.

4. Sifting the Key

After sending, they announce which basis they used for each bit. They keep only the bits where their bases matched. This is the "sifted key".

What makes this secure is that even if someone listening on the classical channel knows the basis, there's still a 50/50 probability as to whether it's a 0 or a 1 (or a + or a -) measured at the other end.

Click on the 'Regenerate' button to generate more bases and bits and show how sifting works.

5. Detecting Eve

Here is the ✨magic✨: in quantum mechanics, measuring a particle changes it. If an eavesdropper (Eve) tries to listen, she disturbs the qubits, creating errors that Alice and Bob can detect.

This works because Eve must destroy the state of the photon to make a measurement. Eve, when transmitter their own photon, can at best make a 50/50 guess as to what the basis from Alice actually was - therefore, reducing the effectiveness of the sifting process down well below 50%. This is what Alice and Bob can detect and determine if there is an eavesdropper present.

6. Secure Chat

If the error rate is low, the key is safe! Alice and Bob can now use this shared secret to encrypt their messages with perfect secrecy.

We did it! We achieved secure key exchange!

Scroll down to learn about the issues with QKD...

7. Problems with QKD

There are several issues with QKD that are most immediate with how we have built complex, authenticated, packet switched channels since the dawn of the internet:

• Reliance on the Quantum Channel: If the Quantum channel is not available for any reason, then the whole thing falls back to classical or post-quantum based key exchange. This makes QKD particularly prone to Denial of Service (DoS) attacks or increases in error rates due to the fragility of quantum states.
• Lack of Authentication: Modern key exchange relies on authentication. We use techniques such as digital signatures to verify the other party - Even if we detect Eve, that doesn't guarantee we aren't negotiating a key with Eve entirely.
• Implementation based Security: As with all cryptography, QKD is very reliant on secure and well made hardware to bolster the theoretical guarantees. So far, the hardware security of QKD has proved very difficult to ascertain owing to limited availability of hardware.