Security can be an important quality of a communication system. One aspect of this is confidentiality in the sense that eavesdropping is not possible, i.e. that no unauthorized person has a chance to intercept the transmitted information. Another aspect is authentication, i.e. a secure way of verifying that the person on the other end of the line is the one who he or she is pretending to be.
Such security demands are usually satisfied with secret key schemes. Transmission of information is known to be perfectly safe when a so-called one-time pad is used, i.e., a key which is perfectly random, has the same length as the message, and is used only once. This, however, raises the problem of key distribution, i.e. the generation of a key which is shared by the sender and recipient while being sure that nobody else can know it. This problem is frequently addressed by using an asymmetric key scheme, involving a public and a private key, where the public key is used for encryption, the private key for decryption at the receiving end, and the private key can not be computed from the public key. The latter assertion is ultimately based on computational assumptions, for example the assumption that factoring large numbers is a computationally very intensive task. In such a computationally secure system, the private key could theoretically be calculated from the public key by factoring a large number, which however would require a very long time even when using the most advanced computers. Therefore, the key can be considered safe at least for a sufficiently long amount of time. However, this may change, e.g. with the advent of quantum computers, which should be able to solve such factoring tasks in much shorter times, or if an efficient mathematical algorithm for factoring numbers were to be invented. The latter has not been found in many years of research, but it is not proven that it can not exist – in fact it is even conceivable that someone has already developed such an algorithm without revealing this fact to the public.
Quantum cryptography is a way to obtain perfect (unconditional) security. It usually involves quantum key distribution, i.e. a system for key distribution which exploits quantum mechanics to prohibit with perfect security that anyone can intercept or break the secret key. The generated keys are perfectly random (and not usually e.g. a product of two large prime numbers), and there is certainly no way to break such a system e.g. with refined computational means. The article on quantum key distribution explains this in some more detail. A problem is that quantum key distribution systems tend to be relatively slow. When the generated key is used as a one-time pad, this greatly limits the data transmission rate, whereas repeated use of the key is not fully secure.
Several schemes for quantum communications have been demonstrated experimentally, and there are nowadays even commercial versions. Strictly, unconditional security is normally not achieved in practical implementations. For example, the use of weak light pulses instead of single photons for key distribution can create some chances of success for pulse-splitting or pulse-cloning attacks. Also there is concern about impersonation attacks (“man-in-the-middle” attacks), where an eavesdropper intercepts the transmission and acts as a sender himself. Such kind of risks are being carefully studied and minimized or eliminated by further refinements of quantum cryptography. Standards will have to be worked out which exactly define the conditions for assuming true unconditional security.
The RP Photonics Buyer's Guide contains 5 suppliers for quantum cryptography systems. Among them:
|||N. Gisin et al., “Quantum cryptography”, Rev. Mod. Phys. 74, 145 (2002)|
|||A. K. Ekert, “Quantum cryptography based on Bell's theorem”, Phys. Rev. Lett. 67 (6), 661 (1991)|
|||N. Gisin and R. Thew, “Quantum communications”, Nature Photon. 1, 165 (2007)|
|||P. Villoresi et al., “Experimental verification of the feasibility of a quantum channel between space and Earth”, New J. Phys. 10, 033038 (2008)|
|||A. Pasquinucci, various resources on quantum cryptography, http://www.ucci.it/en/docs/index.html#artscien; including: A. Pasquinucci, “A first glimpse to quantum cryptography”, http://www.ucci.it/docs/QC-First_Glimpse-0.5.pdf|