Quantum Key Distribution (QKD) is an emerging cybersecurity technology which provides the means for two geographically separated parties to grow “unconditionally secure” symmetric cryptographic keying material. Unlike traditional key distribution techniques, the security of QKD rests on the laws of quantum mechanics and not computational complexity. This unique aspect of QKD is due to the fact that any unauthorized eavesdropping on the key distribution channel necessarily introduces detectable errors (Gisin, Ribordy, Tittel, & Zbinden, 2002). This attribute makes QKD desirable for high-security environments such as banking, government, and military applications. However, QKD is a nascent technology where implementation non-idealities can negatively impact system performance and security (Mailloux, Grimaila, Hodson, Baumgartner, & McLaughlin, 2015). While the QKD community is making progress towards the viability of QKD solutions, it is clear that more work is required to quantify the impact of such non-idealities in real-world QKD systems (Scarani & Kurtsiefer, 2009).
Written for security practitioners, managers, and decision makers, this article provides an accessible introduction to QKD and describes this seemingly strange quantum communications protocol in readily understandable terms. Additionally, this article highlights recent developments in the field from the 5th international Quantum Cryptography conference (QCrypt) hosted in fall of 2015 with an eye towards the US hosted conference in 2016. Lastly, we comment on several of QKD’s advantages (i.e., the boon) and its drawbacks (i.e., the bust) while also considering QKD’s viability as a cybersecurity technology.