The BB84 approach, proposed by Charles Bennett and Gilles Brassard in 1984, is the oldest quantum-encryption scheme and has exhibited some weaknesses attributable to the limitations of existing technology. The ideal would be the use of single photons, but it is relatively difficult to pick out single photons from the background noise in optical fibers. Thus the current tactic is to use highly attenuated photon sources so that each qubit is represented by a small group of photons, making them easier to detect.
Though attenuated sources produce encryption schemes that could be transmitted over realistic distances in optical networks, they could easily be cracked by splitting off a few photons from a packet using a beam splitter. The remaining photons would not be perturbed, so the extraction of information could go undetected.
But now Austrian researchers have demonstrated an optical encryption scheme based on BB84 that uses single photons. Ironically, the method was made possible by using quantum entanglement, although the modified BB84 method is not vulnerable to Kuhn's man-in-the-middle attack.
In a real-world experiment, a commercial bank and Vienna City Hall were connected via a fiber-optic link that was run under the streets. The system was able to generate identical random sequences of bits at both ends of the fiber, and the key was used to send a secure bank transfer.
The demonstration system was built under a joint project of the University of Vienna and ARC Seibersdorf Research GmbH. Anton Zeilinger of the university is a pioneer in quantum cryptography whose group was the first to demonstrate key distribution using entangled photons in 1998. The two groups have been working together for two years to produce a commercial quantum-encryption product. A full account of the encryption system appears this month in the online journal Optics Express.
From the viewpoint of a security expert, an absolutely uncrackable encryption system is unattainable because all technology is a moving target. Kuhn points out that all the progress in cryptology over the past few centuries was instantly rendered obsolete by the invention of the electronic computer.
Two basic approaches are used today in nonquantum encryption. Private keys are based either on computationally difficult problems or on data streams generated by complex bit transformations. But since computer technology is growing rapidly in computational capability, any such scheme quickly becomes dated.
NIST has a large effort in the area of data security and is attempting to stay ahead of the quantum-encryption game with a sophisticated optical testbed. The facility has already produced a notable enhancement in quantum-key generation: Keys were generated at a rate of 1 Mbit/second, which would be fast enough to encrypt multimedia streams. That indicates that quantum encryption may ultimately be faster than conventional approaches. One persistent trade-off for computer security schemes is that increased security results in slower data processing.
Indeed, quantum-computing theory was thrust into the spotlight when Bell Labs researcher Peter Shor showed that a quantum processor could factor huge prime numbers almost instantly, an operation that is the basis for most existing encryption methods. Quantum-computing schemes have blossomed since then, and quantum hardware is emerging at a rate reminiscent of the early days of the electronic computer.
Researchers are also proposing quantum networks based on teleportation of quantum states for both internal connections and a new type of computer networking.
Quantum information science will be the topic of a conference this week at Cambridge University's Newton Institute. There will be 30 invited talks on such fields as quantum algorithm design, quantum communications and cryptography, and fault-tolerant quantum processing.