What is QKD?
The genesis of QKD traces back to the late 1960s, when Stephen Wiesner first proposed the idea of encoding information on photons to securely transfer messages (Wiesner, 1983). In 1984, the physicist Charles Bennett and cryptographer Gilles Brassard worked together to mature this idea by introducing the first QKD protocol, known as “BB84” (Bennett & Brassard, 1984). Five years later, they built the first QKD prototype system which was said to be “secure against any eavesdropper who happened to be deaf” as it made audible noises while encoding crypto key onto single photons (Brassard, 2006). From its relatively humble beginnings, QKD has gained global interest as a unique cybersecurity solution with active research groups across North America, Europe, Australia, and Asia. Moreover, commercial offerings are now available from several vendors around the world: ID Quantique, SeQureNet, Quintessence Labs, MagiQ Technologies, Qasky Quantum Science Technology, and QuantumCTek (Oesterling, Hayford, & Friend, 2012).
Figure 1 illustrates a notional QKD system architecture consisting of a sender “Alice,” a receiver “Bob,” a quantum channel (an optical fiber or line-of-sight free space path), and a classical channel (a conventional network connection). Alice is shown with a laser source configured to generate single photons, while Bob measures them using specialized Single Photon Detectors (SPDs). The QKD system provides a point-to-point solution for generating shared secret key, , which can be used to encrypt sensitive data, voice, or video communications as desired by the user.
Commercial QKD systems often use the secret key to increase the security posture of traditional symmetric encryption algorithms through frequent re-keying. For example, a QKD system can be used to update a 256-bit AES key once a second. This increases the cryptosystem’s security posture by significantly reducing the time and information available to an adversary for performing cryptanalysis.
Alternatively, QKD systems can be used to provide an unlimited supply of secret keying material for use in the one-time pad encryption algorithm – the only known cryptosystem to achieve perfect secrecy (Vernam, 1926), (Shannon, 1949). However, the one-time pad has strict keying requirements, which are not easy to meet with conventional technologies. More specifically, the keying material must be: 1. truly random, 2. never reused, and 3. as long as the message to be encrypted. Thus, the appeal of QKD is found in its ability to generate (or grow) shared cryptographic key, making unbreakable one-time pad encryption configurations possible.
Figure. 1. Quantum Key Distribution (QKD) system context diagram. The sender “Alice” and receiver “Bob” are configured to generate shared secret key for use in bulk encryptors, where the quantum channel (i.e., a free space or optical fiber link) is used to securely transmit single photons and the classical channel is used to control specific QKD processes and protocols.