My IBM Log in Subscribe

What is quantum cryptography?

01 December 2023

Authors

Josh Schneider

Senior Writer

IBM Blog

Ian Smalley

Senior Editorial Strategist

What is quantum cryptography?

Quantum cryptography (also known as quantum encryption) refers to various cybersecurity methods for encrypting and transmitting secure data based on the naturally occurring and immutable laws of quantum mechanics.

While still in its early stages, quantum encryption has the potential to be far more secure than previous types of cryptographic algorithms and is even theoretically unhackable.

Unlike traditional cryptography, which is built on mathematics, quantum cryptography is built on the laws of physics. Specifically, quantum cryptography relies on the unique principles of quantum mechanics:

  • Particles are inherently uncertain: On a quantum level, particles can simultaneously exist in more than one place or in more than one state of being at the same time. And it is impossible to predict their exact quantum state.
  • Photons can be measured randomly in binary positions: Photons, the smallest particles of light, can be set to have specific polarities, or spins, which can serve as a binary counterpart for the ones and zeros of classical computational systems.
  • A quantum system cannot be measured without being altered: According to the laws of quantum physics, the basic act of measuring or even observing a quantum system will always have a measurable effect on that system.
  • Particles can be partially, but not totally cloned: While the properties of some particles can be cloned, a 100% clone is believed to be impossible.
Woman shopping in candy store

Turn good intentions into action

The weekly Think newsletter provides access to news and research on sustainability, AI and more.

Why is quantum cryptography important?

To date, traditional data encryption has generally been sufficient for maintaining secure communications in most cybersecurity settings. However, the rise of quantum computing poses an existential threat to even the most secure traditional cryptographic algorithms.

Like quantum cryptography, quantum computing is a rapidly emerging technology that also harnesses the laws of quantum mechanics. Compared to our fastest and most cutting-edge classical computers, quantum computers have the potential to solve complex problems orders of magnitude faster.

Mathematician Peter Shor first described the threat quantum computers pose to traditional security systems in 1994. Today’s cryptosystems can be divided into two main categories, symmetric systems, which use one secret key to both encrypt and decrypt data. And asymmetric systems, which use a public key that anyone can read and private keys that only authorized parties can access. Both types of cryptosystems create these keys by multiplying large prime numbers. And rely on the massive computing power that is required for factoring large numbers to ensure that these encryption keys can’t be cracked by eavesdroppers or hackers.

Even the most powerful supercomputers on earth would require thousands of years to mathematically break modern encryption algorithms like the Advanced Encryption Standard (AES) or RSA. According to Shor’s Algorithm, factoring a large number on a classical computer would require so much computing power it would take a hacker many lifetimes before even coming close. But a fully functional quantum computer—should one be perfected—might potentially find the solution in only a matter of minutes.

For this reason, the use cases for quantum cryptography are as endless as there are use cases for any form of cryptography at all. In the event that anything from corporate information to state secrets must be kept secure, when quantum computing renders existing cryptographic algorithms obsolete. Quantum cryptography may be our only recourse for securing private data.

As computer scientists around the world work day and night to develop practical quantum technology. It’s critical that we also develop new forms of cryptography to prepare for the quantum age of computing. Although quantum computers were once considered only theoretical, experts estimate that we may be only 20 to 50 years away from fully entering the quantum age.

Mixture of Experts | episode 45

When can we expect quantum to reach consumer devices? 

In episode 45 of MoE, host Tim Hwang is joined by special guest, Blake Johnson, to debrief the quantum noise in the news. Blake helps us understand the intersection between quantum and AI and how far we are from this technology. Then, veteran experts Chris Hay and Volkmar Uhlig hash out some other news in AI this week.

Types of quantum cryptography

Quantum key distribution (QKD)

Originally theorized in 1984 by Charles H. Bennett (of IBM’s Thomas J. Watson Research Center) and Gilles Brassard, quantum key distribution (QKD) is the most common type of quantum cryptography. QKD systems are not typically used to encrypt secure data itself, but rather to make a secure key exchange between two parties by collaboratively building a shared private key, which can in turn be used for traditional symmetric key encryption methods.

QKD systems work by sending individual photon light particles across a fiber optic cable. This stream of photons travels in a single direction and each one represents a single bit, or qubit, of data—either zero or one. Polarized filters on the sender’s side change the physical orientation of each single photon to a specific position. And the receiver uses two available beam splitters to read the position of each photon as they’re received. The sender and receiver compare the sent photon positions to the decoded positions, and the set that matches becomes the key.

To better understand QKD, imagine two people, Alice and Bob, who need to establish a secure connection. They can use QKD to create a secure cryptographic key by sending polarized photons over a fiber optic cable. The cable doesn’t need to be secured because each photon will have its own randomized quantum state. Should someone, let’s call her Eve, be eavesdropping, Alice, and Bob will always be able to tell because it’s impossible to observe a quantum state without also affecting it. In this way, QKD systems are considered to be unhackable. If Bob and Alice detect a change in the quantum states of the photons, they’ll know that Eve is eavesdropping. And if Eve is eavesdropping, Bob and Alice will always be able to detect it.

Although the benefits of QKD have been proven in both laboratory and field settings, there are many practical challenges preventing widespread adoption, most notably infrastructure requirements. Photons sent across fiber optic cables degrade over distances of about 248 to 310 miles. However, recent advancements have extended the range of some QKD systems across continents by using secure nodes and photon repeaters.

Quantum coin-flipping

Quantum coin-flipping is a type of cryptographic primitive (something of a building block for algorithms) that allows two parties who do not trust each other to agree on a set of parameters. Imagine if Bob and Alice are talking on the telephone and want to bet on a coin toss, but only Bob has access to the coin. If Alice bets heads, how can she be sure that Bob won’t lie and say that the coin landed on tails, even if it lands on heads?

This type of 50:50 bet can accomplished by Bob sending Alice a series of photons polarized based on one of two orientations. And making note of the specific spins of each photon as either a one or a zero, as well as the filters he uses to set their polarities. Alice can then guess which filter to use to read the polarization for each individual photon. And from this, she can compare her readings to Bob’s notations and guess if Bob chose one set of polarities or another. If either Bob or Alice suspects the other of cheating, they can compare the readings that are taken by the polarizing filters for authentication.

Additional types of quantum cryptography

Researchers continue to explore other types of quantum cryptology incorporating direct encryption, digital signatures, quantum entanglement and other forms of quantum communications. Other types of quantum encryption include the following:

  • Position-based quantum cryptography
  • Device-independent quantum cryptography
  • Kek protocol
  • Y-00 protocol

Post-quantum cryptography

According to the National Institute of Standards and Technology (NIST), the goal of post-quantum cryptography (PQC, also called quantum-resistant or quantum-safe) is to “develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks.”

Not to be confused with quantum cryptography, which relies on the natural laws of physics to produce secure cryptosystems, post-quantum cryptographic algorithms use different types of cryptography to create quantum-proof security. These are the six primary areas of quantum-safe cryptography:

  • Lattice-based cryptography
  • Multivariate cryptography
  • Hash-based cryptography
  • Code-based cryptography
  • Isogeny-based cryptography
  • Symmetric key quantum resistance
Related solutions

Related solutions

Quantum Technology - IBM Quantum

IBM provides quantum computing technologies including Qiskit SDK and Qiskit Runtime for scalable and performance-oriented quantum computing.

Explore IBM Quantum System One
IBM Quantum Computing Solutions

Bringing useful quantum computing to the world through Qiskit Runtime and IBM Quantum Safe.

Explore quantum computing solutions
IBM Quantum Safe Services

Safeguard your enterprise against post-quantum cryptography risks with IBM Quantum Safe Transformation Services.

Quantum cryptography services
Take the next step

Unlock the power of quantum computing with IBM's high-performance, scalable quantum systems. Explore the capabilities that will shape the future of computing and security.

Explore quantum computing solutions Discover IBM Quantum technology