intial basis;secret key;shared secret key">
### Question 110. What is Quantum Cryptography?

*Quantum cryptography* [BBB92]
[Bra93]
is a method for secure key exchange over an insecure channel based on the
nature of *photons*. Photons have a polarization, which can be measured
in any basis, where a basis consists of two directions orthogonal to each
other, as shown in Figure 12. If a photon's polarization is read in the
same basis twice,

Figure 12. Bases

the polarization will be read correctly and will remain unchanged. If
it is read in two different bases, a random answer will be obtained in
the second basis, and the polarization in the initial basis will be changed
randomly, as shown in Figure 13.

Figure 13. Polarization readings

The following protocol can be used by Alice and Bob to exchange secret
keys.

- Alice sends Bob a stream of photons, each with a random polarization,
in a random basis. She records the polarizations.
- Bob measures each photon in a randomly chosen basis and records the
results.
- Bob announces, over an authenticated but not necessarily private channel
(e.g., by telephone), which basis he used for each photon.
- Alice tells him which choices of bases are correct.
- The shared secret key consists of the polarization readings in the
correctly chosen bases.

Quantum cryptography has a special defense against eavesdropping: If
an enemy measures the photons during transmission, he will use the wrong
basis half the time, and thus will change some of the polarizations. That
will result in Alice and Bob having different values for their secret keys.
As a check, they can exchange some random bits of their key using an authenticated
channel. They will therefore detect the presence of eavesdropping, and
can start the protocol over.

There has been experimental work in developing such systems by IBM and
British Telecom. For information on quantum computing (which is quite different
from quantum cryptography), see Question 109.