Quantum cryptography, more aptly
named quantum key distribution
(QKD), has emerged as a new paradigm
for high-speed delivery of encryption
key material between two remote parties.
Typically, the security integrity of key exchange
protocols is rooted in either a
trusted third party, such as a trusted courier
for symmetric encryption protocols, or the
hypothesized computational complexity of
one-way mathematical functions, such as
the RSA encryption protocol.
QKD derives its security from the fundamental
physical laws of quantum mechanics,
affording the capability to remove from
security proofs many of the assumptions
about the capabilities of eavesdroppers in
a public channel. In 2003, as part of the
DARPA QuIST program, BBN Technologies
deployed the world's first quantum network
in metropolitan Boston and demonstrated
how quantum cryptography can be used as
an important tool in securing the world's
most critical information-carrying networks.
QKD uses a single quantum particle as
the physical medium on which to encode
a single bit of key material. A quantum
particle encoded with information is referred
to as a quantum bit, or qubit. The
quantum mechanical nature of these particles
exhibit two uniquely quantum physical characteristics which make the encoded
information robust against interception
by eavesdroppers:
- Quantum particles are indivisible units of energy, so they cannot be divided by an
eavesdropper for passive monitoring.
- Quantum particles are subject to the Heisenberg uncertainty principle, so measurement
of a quantum particle by an eavesdropper irreversibly alters the state of the particle, yielding an effect that is noticeable to the two communicating
parties.
While there is a broad spectrum of implementation
techniques for performing
practical QKD, there are overarching
commonalities to all the protocols and
techniques. Figure 1 shows a system-level
schematic. A designated sender and receiver
have distinct roles in the protocol.
To begin the negotiation of a secret key, the
sender prepares a single photon for transmission
to the receiver by generating a
bright laser pulse and attenuating the pulse
to an intensity much less than one photon
per pulse, ensuring that very rarely a data
pulse exits the transmitter that has two photons
that would provide an eavesdropper
with excess information. Next, the transmitter
randomly encodes two bits of information
on the photon from a set labeled Φ
S,
and the encoded photon is directed into the
transmission channel. The information can
be encoded in any measurable quantity of
the photon such as electric field polarization
or optical phase.
The transmission channel can consist
of any transparent medium, whether it is
free-space or fiber-optics. For long-distance,
high-data-rate communications, telecommunications-band optical fiber is
often the channel of choice. As photons
enter the receiver from the channel, the
receiver randomly chooses a measurement
basis, from one of two choices Φ
R, in
which to measure the photon, and then
performs photon counting with two single
photon detectors (SPDs).
The sender and receiver repeatedly execute
this protocol and monitor the error rate of
the resulting bit streams. Since any interrogation
of the photon in the channel by an
eavesdropper alters the state of the quantum
bit, the presence of an eavesdropper
can be detected as an increase in the error
rate of the communications, as tested
through error detection routines for the
protocol utilizing an unsecured classical
communications channel.
In 2003, in collaboration with Boston
University and Harvard University, Raytheon
BBN Technologies deployed the world's first
quantum key distribution network in the
metropolitan Boston area
1. A multidisciplinary
team of physicists, software and hardware
engineers, and network architects
designed and built the quantum network.
QKD nodes at each university were connected
to BBN via dedicated optical fiber
channels and networked through an optical
switch located in the laboratories at
BBN. In addition, several variant QKD systems
were integrated into the network,
including free-space and quantum-entanglement-based links.
The system was engineered to operate
without manual intervention, continuously
generating key material shared between
pairs of locations. A critical component to
the project focused on integrating QKD
with the security protocols for network communications that are currently used.
BBN developed a suite of protocols for key
negotiation, as well as the integration of
key material into protocols such as IPSec,
commonly used for secure communications
on the Internet.
Since the deployment of BBN's quantum
network, several other demonstrations
have emerged around the world. Perhaps
the most recent is the deployment of the
European SECOQC network
2 in Vienna, integrating
several QKD technologies into a
ring topology network. The European network
has addressed the important issue of
network scalability by forming a trust
model between intermediate nodes in the
network through which key material flows.
Ultimately, for quantum networks to scale
without such a constrained trust model, it
requires the integration of quantum entanglement
sources and quantum memories to
construct quantum repeater stations at intermediate
nodes between users, and
Raytheon BBN Technologies is pursuing
these technologies.
QKD has been demonstrated as a practical
and useful tool in securing critical communication
networks. Important challenges lie
ahead, including increasing key exchange
throughput, and extending reach and compatibility
with currently installed fiber networks
that are not optically transparent
from user to user. Continued research on
quantum-based sources, detectors and
processing subsystems is aimed at addressing
these challenges.
Jonathan L. Habif
