How quantum key distribution works
- By William Jackson
- Oct 29, 2013
Quantum key distribution (QKD) uses individual photons for the exchange of cryptographic key data between two users, where each photon represents a single bit of data. The value of the bit, a 1 or a 0, is determined by states of the photon such as polarization or spin.
At the sender’s end, a laser generates a series of single photons, each in one of two polarizations: horizontal or vertical. The polarization of the photon is measured at the receiver’s end. If an eavesdropper intercepts the photon to determine its polarization, the photon is destroyed in the process, and the eavesdropper would have to generate a new, duplicate photon to pass on to the receiver.
“That’s fine, as long as there is only a single property or state being sent,” said Don Hayford, director of research at Battelle Memorial Institute, which has implemented a QKD system at its Columbus, Ohio, headquarters. But a second state, such as spin, is also part of the photon. The uncertainty principle of quantum physics makes it impossible for the eavesdropper to determine both properties of the photon, so it would be impossible for him to send along an accurate duplicate.
Because of this, the receiver would notice a high error rate in the photons being received, which would indicate someone was intercepting the data.
To determine the error rate, the states of a small percentage of photons are compared over a separate channel by the receiver and the sender. Because the comparison process destroys the photons these cannot be used in creating a key. But the error rate can be used to determine if the session is secure. If the session is secure, an appropriate number of photons can be selected as the bits of the cryptographic key that both the sender and receiver will use.
Battelle’s implementation in August of a QKD system from ID Quantique of Switzerland has produced some useful real-world information about the technology.
“We see a daily variation in the error rate,” Hayford said. Some of the fiber optic cable used in the network runs above ground, and despite its shielding, “apparently some sunlight is getting through,” interfering with the photons. This diurnal variation in errors has to be taken into account when measuring the rate to determine security.
William Jackson is freelance writer and the author of the CyberEye blog.