Question 110. What is Quantum Cryptography?

Quantum cryptography [BBB92] [Bra93] is a method for secure key exchange over an insecure channel based on the nature of photons. Photons have a polarization, which can be measured in any basis, where a basis consists of two directions orthogonal to each other, as shown in Figure 12. If a photon's polarization is read in the same basis twice,

Figure 12. Bases

the polarization will be read correctly and will remain unchanged. If it is read in two different bases, a random answer will be obtained in the second basis, and the polarization in the initial basis will be changed randomly, as shown in Figure 13.

Figure 13. Polarization readings

The following protocol can be used by Alice and Bob to exchange secret keys.

• Alice sends Bob a stream of photons, each with a random polarization, in a random basis. She records the polarizations.
• Bob measures each photon in a randomly chosen basis and records the results.
• Bob announces, over an authenticated but not necessarily private channel (e.g., by telephone), which basis he used for each photon.
• Alice tells him which choices of bases are correct.
• The shared secret key consists of the polarization readings in the correctly chosen bases.

Quantum cryptography has a special defense against eavesdropping: If an enemy measures the photons during transmission, he will use the wrong basis half the time, and thus will change some of the polarizations. That will result in Alice and Bob having different values for their secret keys. As a check, they can exchange some random bits of their key using an authenticated channel. They will therefore detect the presence of eavesdropping, and can start the protocol over.

There has been experimental work in developing such systems by IBM and British Telecom. For information on quantum computing (which is quite different from quantum cryptography), see Question 109.