Published: 01 December 2023

Contributors: Josh Schneider, Ian Smalley

Quantum cryptography (also known as quantum encryption) refers to various cybersecurity methods for encrypting and transmitting secure data based on the naturally occurring and immutable laws of quantum mechanics. While still in its early stages, quantum encryption has the potential to be far more secure than previous types of cryptographic algorithms and is even theoretically unhackable.

Unlike traditional cryptography, which is built on mathematics, quantum cryptography is built on the laws of physics. Specifically, quantum cryptography relies on the unique principles of quantum mechanics:

**Particles are inherently uncertain:**On a quantum level, particles can simultaneously exist in more than one place or more than one state of being at the same time, and it is impossible to predict their exact quantum state.**Photons can be measured randomly in binary positions:**Photons, the smallest particles of light, can be set to have specific polarities, or spins, which can serve as a binary counterpart for the ones and zeros of classical computational systems.**A quantum system cannot be measured without being altered:**According to the laws of quantum physics, the basic act of measuring or even observing a quantum system will always have a measurable effect on that system.**Particles can be partially, but not totally cloned:**While the properties of some particles can be cloned, a 100% clone is believed to be impossible.

The importance of quantum-safe cryptography in the digital economy—updated with the IBM Quantum Safe roadmap.

Subscribe to the IBM Newsletter

To date, traditional data encryption has generally been sufficient for maintaining secure communications in most cybersecurity settings. However, the rise of quantum computing poses an existential threat to even the most secure traditional cryptographic algorithms.

Like quantum cryptography, quantum computing is a rapidly emerging technology that also harnesses the laws of quantum mechanics. Compared to our fastest and most cutting-edge classical computers, quantum computers have the potential to solve complex problems orders of magnitude faster.

Mathematician Peter Shor first described the threat quantum computers pose to traditional security systems in 1994. Today’s cryptosystems can be divided into two main categories, symmetric systems, which use one secret key to both encrypt and decrypt data, and asymmetric systems, which use a public key that anyone can read and private keys that only authorized parties can access. Both types of cryptosystems create these keys by multiplying large prime numbers and rely on the massive computing power required for factoring large numbers to ensure that these encryption keys can’t be cracked by eavesdroppers or hackers.

Even the most powerful supercomputers on earth would require thousands of years to mathematically break modern encryption algorithms like the Advanced Encryption Standard (AES) or RSA. According to Shor’s Algorithm, factoring a large number on a classical computer would require so much computing power it would take a hacker many lifetimes before even coming close, but a fully functional quantum computer—should one be perfected—could potentially find the solution in only a matter of minutes.

For this reason, the use cases for quantum cryptography are as endless as there are use cases for any form of cryptography at all. In the event that anything from corporate information to state secrets must be kept secure, when quantum computing renders existing cryptographic algorithms obsolete, quantum cryptography may be our only recourse for securing private data. As computer scientists around the world work day and night to develop practical quantum technology, it’s critical that we also develop new forms of cryptography to prepare for the quantum age of computing. Although quantum computers were once considered only theoretical, experts estimate that we may be only 20 to 50 years away from fully entering the quantum age.

Originally theorized in 1984 by Charles H. Bennett (of IBM’s Thomas J. Watson Research Center) and Gilles Brassard, quantum key distribution (QKD) is the most common type of quantum cryptography. QKD systems are not typically used to encrypt secure data itself, but rather to make a secure key exchange between two parties by collaboratively building a shared private key which can in turn be used for traditional symmetric key encryption methods.

QKD systems work by sending individual photon light particles across a fiber optic cable. This stream of photons travels in a single direction and each one represents a single bit, or qubit, of data—either zero or one. Polarized filters on the sender’s side change the physical orientation of each single photon to a specific position, and the receiver uses two available beam splitters to read the position of each photon as they’re received. The sender and receiver compare the sent photon positions to the decoded positions, and the set that matches becomes the key.

To better understand QKD, imagine two people, Alice and Bob, who need to establish a secure connection. They can use QKD to create a secure cryptographic key by sending polarized photons over a fiber optic cable. The cable doesn’t need to be secured because each photon will have its own randomized quantum state. Should someone, let’s call her Eve, be eavesdropping, Alice and Bob will always be able to tell because it’s impossible to observe a quantum state without also affecting it. In this way, QKD systems are considered to be unhackable. If Bob and Alice detect a change in the quantum states of the photons, they’ll know Eve is eavesdropping. And if Eve is eavesdropping, Bob and Alice will always be able to detect it.

Although the benefits of QKD have been proven in both laboratory and field settings, there are many practical challenges preventing widespread adoption, most notably infrastructure requirements. Photons sent across fiber optic cables degrade over distances of about 248 to 310 miles. However recent advancements have extended the range of some QKD systems across continents through the use of secure nodes and photon repeaters.

Quantum coin-flipping is a type of cryptographic primitive (something of a building block for algorithms) that allows two parties who do not trust each other to agree on a set of parameters. Imagine if Bob and Alice are talking on the telephone and want to bet on a coin toss, but only Bob has access to the coin. If Alice bets heads, how can she be sure that Bob won’t lie and say the coin landed on tails, even if it lands on heads?

This type of 50:50 bet can accomplished by Bob sending Alice a series of photons polarized based on one of two orientations and making note of the specific spins of each photon as either a one or a zero, as well as the filters he uses to set their polarities. Alice can then guess which filter to use to read the polarization for each individual photon, and from this, she can compare her readings to Bob’s notations and guess if Bob chose one set of polarities or another. If either Bob or Alice suspects the other of cheating, they can compare the readings taken by the polarizing filters for authentication.

Researchers continue to explore additional types of quantum cryptology incorporating direct encryption, digital signatures, quantum entanglement and other forms of quantum communications. Other types of quantum encryption include the following:

- Position-based quantum cryptography
- Device-independent quantum cryptography
- Kek protocol
- Y-00 protocol

According to the National Institute of Standards and Technology (NIST) (link resides outside ibm.com), the goal of post-quantum cryptography (PQC, also called quantum-resistant or quantum-safe) is to “develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks.”

Not to be confused with quantum cryptography, which relies on the natural laws of physics to produce secure cryptosystems, post-quantum cryptographic algorithms use different types of cryptography to create quantum-proof security. These are the six primary areas of quantum-safe cryptography:

- Lattice-based cryptography
- Multivariate cryptography
- Hash-based cryptography
- Code-based cryptography
- Isogeny-based cryptography
- Symmetric key quantum resistance

When your organization’s sensitive data is accessed, stored and transmitted across hybrid and multicloud environments, it requires exceptional protection to keep it safe. IBM cryptography solutions combine technologies, consulting, systems integration and managed security services to help ensure crypto agility, quantum-safety and solid governance and risk policies.

IBM Quantum Safe technology is a comprehensive set of tools, capabilities, and approaches for securing your enterprise for the quantum future. Use IBM Quantum Safe technology to replace at-risk cryptography and maintain ongoing visibility and control over your entire cybersecurity posture.

Safeguard your data and modernize your cryptography for the quantum era.

Dr. Walid Rjaibi shares his perspective on quantum safety and gives us an in-depth view of the security risk it poses, how researchers are addressing that risk, and how policy can (or should) shift to make standardization a reality.

Practical introduction to quantum-safe cryptography is a free online course on the IBM Quantum Learning platform and serves as a primer on the foundational concepts in quantum-safe cryptography.

Cryptography is the practice of developing and using coded algorithms to protect and obscure transmitted information so that it may only be read by those with the permission and ability to decrypt it.

Data encryption is a way of translating data from plaintext (unencrypted) to ciphertext (encrypted). Users can access encrypted data with an encryption key and decrypted data with a decryption key.

Quantum-safe cryptography secures sensitive data, access, and communications for the era of quantum computing.