To keep electronic information secure – from financial to biometric data – it is encrypted before being shared between parties. Simply, this involves jumbling it up in a particular way, so that is can only be unjumbled by someone who has the key. If the data is stolen by a hacker or a spy, it will be meaningless.
The key to unjumble the message is currently created using a complex algorithm. But there are vulnerabilities. Keys can sometimes be intercepted and stolen. In the longer term, ultra-fast quantum computers will be able to crack encryption algorithms and create their own keys.
Enter quantum key distribution (QKD), a potentially ultra-secure method of sharing encryption keys based on quantum states of light, and one of the most commercially advanced quantum technologies.
How is quantum key distribution so secure?
QKD takes advantage of a fundamental aspect of quantum mechanics, which is that observing a system can change its quantum state.
When Alice sends an encrypted message to Bob, they need the same key to encrypt and decrypt it.
The key is encoded into the quantum states or pulses of light. If a third party – Eve – tries to copy the quantum state in transit, she cannot avoid introducing changes to the light, which can be detected when it is received. In this case, the key will be discarded and a new key will be is created.
Once the stream of quantum light signals has been received unchanged, Bob and Alice know that they – and only they – have the key. They can then begin sending encrypted messages with confidence.
Unlike algorithmic keys, quantum key distribution techniques encode the key using a physical process, so can’t be cracked by mathematical processes. Alice’s transmitter is a pulsed photon source which modulates the properties of the photons. A random number generator selects the state to be encoded at random. Bob has a single-photon detector.
Where are we now?
Commercially viable QKD transmitters and receivers are available, but they are large and expensive, and only suitable for very high value applications.
However, chip-scale prototypes have been recently developed, offering potential for integration into consumer electronics, which could open broader markets for consumers, commerce and government.
The Quantum Communications Hub has created the UK’s first quantum network (the UKQN), providing a place to test and demonstrate new technologies and highlight useful applications of QKD. These are multi-node fibre networks in Bristol and Cambridge, with connections being established between these, and also from Cambridge to BT Labs at Adastral Park near Ipswich.
One challenge with QKD is that fibre limits the range to a few hundred kilometres due to the attenuation loss as photons propagate through fibre. Considerable research is going into extending the range over which QKD can be used.
Setting up trusted nodes is the short-term answer, but these involve detecting keys then re-encoding quantum states, so must be completely secure in order to maintain QKD’s guarantee that no-one has eavesdropped.
A longer-term solution is quantum repeater technology. This involves ‘stretching out’ high quality quantum entanglement over very long distances, but the technology to is still a way off, as quantum processing and quantum memories are required. Nonetheless, it is hoped significant headway will be made towards entanglement distribution and quantum repeater stations during Phase 2 of the UK National Quantum Technologies Programme, which starts in 2019 and runs for five years.
Global QKD could ultimately be achieved by distributing keys via satellites, as there is less photon loss and decoherence experienced in the clear atmosphere and space. This could also bring QKD to locations where it would be costly, unfeasible, or insecure, to create fibre links. This field has been stimulated by a recent demonstrator, and various test missions are in the planning stage. Satellite QKD is another priority area for the UK’s quantum programme over the next five years.
All QKD systems will have to be tested and those in critical applications will have to be rigorously quality-assured in some way. This is likely to involve a combination of testing of the quantum physics at a lab such as NPL, and a security test under the direction of the relevant government authority.
Early adopters are likely to be highly secure industries such as finance, whose high value trading and communications can be lucrative targets for sophisticated hackers.
But in the end, necessity may drive uptake of QKD. The advent of quantum computing will create the ability to quickly crack algorithmic encryption codes. Post-quantum algorithms are being researched, but proving these are ‘uncrackable’ will be very difficult. To truly ‘future-proof’ communications – from financial transactions to sending emails from phones and laptops – secure systems may need to combine both QKD and post-quantum algorithms.
Find out more about the work NPL is doing around quantum