A team of researchers from Northwestern University in the US and BBN Technologies have demonstrated the world's first working quantum cryptography network. Northwestern University's Dr Gregory Kanter, who coordinated the demonstration, talks to Liz Tay about the basics of quantum cryptography and its potential for use in security systems of the future.

What is quantum cryptography?

A broad definition would be any system that utilizes effects arising from quantum physics to aid in creating cryptographic systems. Quantum key distribution, quantum data encryption, and quantum bit commitment are some examples. Key distribution generates shared secret keys usually for use in data encryption, which protects data from unauthorized observation.

You can view key distribution as the combination to a safe and data encryption as the safe itself. If I want to send a package over an insecure distribution system without allowing it to be tampered with, I could put the package in a safe, send the safe to the desired party, and have them open the safe with the combination. In order to do this I need to securely share a secret (the combination) and have a safe which is not easy to open without the combination. These two functions are distinct, but necessary for end-to-end security.

One can classify quantum cryptography into two types. One type exploits effects that are fundamentally 'quantum' and have no classical analog. An example would be quantum key distribution (QKD) based on entangled photon states. Such techniques can be very powerful, but are also quite fragile, making them difficult to implement in fibrer links greater than about 100km.

Another class would be systems that exploit certain immutable properties of quantum physics, such as the ultimate limit on signal-to-noise ratio dictated by quantum optical theory, and exploit these phenomena in a classical (macroscopic and easily observable) environment. This latter classification is much more robust. An example of such a system would be the AlphaEta method of data encryption.

One type of quantum cryptography is not strictly better than the other (although some quantum cryptographic systems are better than others) as both types have different beneficial properties.

Why is there a need for quantum cryptography?

Cryptographers, who try to build systems which can securely communicate information, are forever hounded by cryptanalysts who try to break into these systems. Methods of providing security that were effective some years ago may, due to advances in computation power or analysis techniques, become vulnerable. In fact, there are cases where new systems designed for security are shown to have critical flaws very early in their life cycle (for instance, security issues associated with WiFi).

Using quantum effects is a new tool which can greatly increase the power of a cryptographer. In principle quantum effects can also be used to increase the power of an eavesdropper, but this requires a quantum computer which is extremely difficult to build.

Some researchers think useful quantum computers will never materialize, but the field is still very young. If a quantum computer can be built, it could wreak havoc on many traditional cryptographic protocols, particularly those based on the difficulty of factoring large numbers which are often used to distribute secret keys (so called public key cryptography).

However, in principle some quantum cryptographic objectives, such as quantum key distribution, may be proven to be invincible to any advances in technology including a quantum computer. Although no concrete quantum system has been proven to be fully (unconditionally) secure, this is one of the goals of the community. Note that the quantum effects used in cryptography are much easier to produce than a quantum computer, and commercial quantum key distribution systems currently exist.

Thus, it appears that quantum cryptography has the upper hand over quantum cryptanalysis, as it is both achievable and probably more powerful. In any event, users must continue to improve their cryptographic systems as attackers can also benefit from new technologies.

What was new about the NU/BBN demonstration?

Northwestern University researchers developed a new method to encrypt data which uses quantum noise to help improve the security of optical communication systems. This quantum-enhanced encryption technique is called AlphaEta.

AlphaEta is inherently compatible with the current fibre infrastructure. For instance, the signals can travel through long-haul amplified fibre links. AlphaEta has been demonstrated in realistic environments previously. However, previous demonstrations required the secret keys to be directly coded into the system (pre-shared).

Note that AlphaEta is an encryption system which is a fundamentally different function than a quantum key distribution (QKD) system. QKD systems are severely hampered by the fragility of the quantum states used, and thus are not amplifiable and can not propagate long distances (about 100km). AlphaEta, in contrast, is much more robust and performs similarly to traditional optical communication systems.