Security can be an important quality of a communication system. One aspect of this is confidentiality in the sense that eavesdropping is not possible, i.e. that no unauthorized person has a chance to intercept the transmitted information. Another aspect is authentication, i.e. a secure way of verifying that the person on the other end of the line is the one who he or she is pretending to be.
Such security demands are usually satisfied with secret key schemes. Transmission of information is known to be perfectly safe when a so-called one-time pad is used, i.e., a key which is perfectly random, has the same length as the message, and is used only once. This, however, raises the problem of key distribution, i.e. the generation of a key which is shared by the sender and recipient while being sure that nobody else can know it. This problem is frequently addressed by using an asymmetric key scheme, involving a public and a private key, where the public key is used for encryption, the private key for decryption at the receiving end, and the private key can not be computed from the public key. The latter assertion is ultimately based on computational assumptions, for example the assumption that factoring large numbers is a computationally very intensive task. In such a computationally secure system, the private key could theoretically be calculated from the public key by factoring a large number, which however would require a very long time even when using the most advanced computers. Therefore, the key can be considered safe at least for a sufficiently long amount of time. However, this may change, e.g. with the advent of quantum computers, which should be able to solve such factoring tasks in much shorter times, or if an efficient mathematical algorithm for factoring numbers were to be invented. The latter has not been found in many years of research, but it is not proven that it can not exist – in fact it is even conceivable that someone has already developed such an algorithm without revealing this fact to the public.
Quantum cryptography is a way to obtain perfect (unconditional) security. It usually involves quantum key distribution, i.e. a system for key distribution which exploits quantum mechanics to prohibit with perfect security that anyone can intercept or break the secret key. The generated keys are perfectly random (and not usually e.g. a product of two large prime numbers), and there is certainly no way to break such a system e.g. with refined computational means. The article on quantum key distribution explains this in some more detail. A problem is that quantum key distribution systems tend to be relatively slow. When the generated key is used as a one-time pad, this greatly limits the data transmission rate, whereas repeated use of the key is not fully secure.
Several schemes for quantum communications have been demonstrated experimentally, and there are nowadays even commercial versions. Strictly, unconditional security is normally not achieved in practical implementations. For example, the use of weak light pulses instead of single photons for key distribution can create some chances of success for pulse-splitting or pulse-cloning attacks. Also there is concern about impersonation attacks (“man-in-the-middle” attacks), where an eavesdropper intercepts the transmission and acts as a sender himself. Such kind of risks are being carefully studied and minimized or eliminated by further refinements of quantum cryptography. Standards will have to be worked out which exactly define the conditions for assuming true unconditional security.
Questions and Comments from Users
Here you can submit questions and comments. As far as they get accepted by the author, they will appear above this paragraph together with the author’s answer. The author will decide on acceptance based on certain criteria. Essentially, the issue must be of sufficiently broad interest.
Please do not enter personal data here; we would otherwise delete it soon. (See also our privacy declaration.) If you wish to receive personal feedback or consultancy from the author, please contact him e.g. via e-mail.
By submitting the information, you give your consent to the potential publication of your inputs on our website according to our rules. (If you later retract your consent, we will delete those inputs.) As your inputs are first reviewed by the author, they may be published with some delay.
|||N. Gisin et al., “Quantum cryptography”, Rev. Mod. Phys. 74, 145 (2002), doi:10.1103/RevModPhys.74.145|
|||A. K. Ekert, “Quantum cryptography based on Bell's theorem”, Phys. Rev. Lett. 67 (6), 661 (1991), doi:10.1103/PhysRevLett.67.661|
|||N. Gisin and R. Thew, “Quantum communications”, Nature Photon. 1, 165 (2007), doi:10.1038/nphoton.2007.22|
|||P. Villoresi et al., “Experimental verification of the feasibility of a quantum channel between space and Earth”, New J. Phys. 10, 033038 (2008), doi:10.1088/1367-2630/10/3/033038|
|||A. Pasquinucci, various resources on quantum cryptography, http://www.ucci.it/en/docs/index.html#artscien; including: A. Pasquinucci, “A first glimpse to quantum cryptography”, http://www.ucci.it/docs/QC-First_Glimpse-0.5.pdf|
|||S. Pirandola et al., “Advances in quantum cryptography”, Advances in Optics and Photonics 12 (4), 1012 (2020), doi:10.1364/AOP.361502|