Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.

Quantum Key Distribution for a Post-Quantum World

New versions of QKD use separate wavelengths on the same fiber, improving cost and efficiency, but distance is still a challenge.

5 Min Read
Illustration of a lock in a purple swirly quantum cloud, representing quantum key cryptography
Source: sakkmesterke via Adobe Stock

The emergence of quantum computing and its ability to solve computations with incredible speed by harnessing the fundamental properties of quantum mechanics could revolutionize our world. But what does this quantum future mean for data security?

As quantum computing evolves from the test lab to the real world, this unprecedented new form of computing power has massive implications for current forms of encryption and public-key cryptography (PKC), such as Rivest–Shamir–Aleman (RSA) and elliptic curve cryptography (ECC). Against the processing capabilities of quantum computing, which can analyze vast sets of data orders of magnitude faster than current digital computers, these forms of encryption will essentially become vulnerable to bad actors.

In the coming post-quantum future, cryptography solutions built on the rules of quantum physics are essential to ensure that sensitive digital information is distributed safely and securely across the forthcoming quantum Internet. One of the pillars of this more secure quantum computing future is called quantum key distribution (QKD), which uses basic properties of physics to derive encryption keys for secure encryption between two locations simultaneously.

Tapping the Power of Photons

At the physical level, the data bits sent during key exchanges for today's common encryption techniques, such as RSA and ECC, are encoded using large pulses of photons or changes in voltages. With QKD, everything is encoded on a single photon, relying on quantum mechanical properties that allow detection and prevent successful eavesdropping. Quantum objects exist in a state of superposition where the value for a property of the object can be described as a set of probabilities for different values.

The transmission of the encoded photons occurs over what's known as the quantum channel. A separate channel, referred to as the classical channel, established between the two endpoints handles clock synchronization, key sifting, or other data exchange; this channel could be any conventional data communication channel.

Multiple Varieties of QKD

A number of implementations and protocols for QKD are emerging as the technology evolves. For example, discrete variable QKD (DV-QKD) is used in many commercial QKD systems today. A DV-QKD system consists of two endpoints: a sender and a receiver. The quantum connection between these endpoints could be free space or dark fiber. In this case, the sender encodes a bit value, 0 or 1, on a single photon by controlling the phase or polarization of the photon. A separate data connection between the two endpoints is used to communicate information about the quantum measurements and timing.

While initial QKD implementations consisted of separate dedicated fibers for the quantum and data channels, new versions can use separate wavelengths for each channel on the same fiber, leading to more cost-effective deployments and efficiencies.

Other implementations include continuous variable QKD (CV-QKD) and entanglement. With CV-QKD, the sender applies a random source of data to modulate the position and momentum quantum states of the transmission. Entanglement QKD, meanwhile, leverages quantum phenomena where two quantum particles are generated in a way in which they share quantum properties; no matter how far apart they may later separate, a measurement of a property on each will result in the same values.

Challenges Ahead for QKD

Distance remains a constraint on implementing QKD over fiber because the individual photons being transmitted will be absorbed over distance. The laser strength is attenuated to create the individual photons, and standard telecom equipment cannot be used to repeat or strengthen the signal. In general, between 60 miles and 90 miles is the practical limit.

Methods to extend the distance include trusted exchange, twin field QKD, and quantum repeaters.

  • Trusted exchanges act as a repeater — receiving the optical signals, converting them to digital, and then converting them back to optical. Trusted exchanges must be secured to prevent an intruder from reading the transmission while it is in digital form.

  • Twin field QKD adds a midpoint node that receives signals from both endpoint nodes, increasing the distance between endpoints to potentially hundreds of miles.

  • Quantum repeaters could eventually break the distance barriers of QKD over fiber, providing a function similar to repeaters in telecommunications today: to amplify or regenerate data signals so they can be transferred from one terminal to another.

Advancements in single photon sources and low-noise detectors will further improve the viable distances for QKD.

What's Next for QKD

QKD has significant value in a quantum world due to its ability to enable symmetric key sharing between endpoints and identify when eavesdropping on the quantum channel is occurring. Before it can be broadly implemented by carriers, however, QKD must be supportable in a carrier environment, providing the availability and reliability their customers expect.

For example, disruption of the quantum channel can result in the loss of real-time key material; however, having a secure key storage associated with QKD allows key material to continue to be distributed while investigation of quantum channel outage is occurring. This also means that approaches and capabilities to troubleshoot and manage QKD equipment and services must be developed.

Since QKD relies on quantum mechanics, the observing state will impact the quantum system, and this in itself poses challenges to troubleshooting and management. As the technology continues to evolve and improve, QKD implementations on smaller mobile devices such as drones may eventually become possible. No matter how QKD evolves, it looks to be a promising solution for securing communications on the quantum Internet.

About the Author(s)

Lee Sattler

Distinguished Engineer in Product Strategy and Operations, Verizon

Lee Sattler, Distinguished Engineer in Product Strategy and Operations at Verizon, works in Verizon's Platform and Emerging Technology team, evaluating upcoming technologies and delivering early product prototypes in emerging areas such as precision location, cellular vehicle-to-everything, confidential computing, and quantum computing & cryptography. At the end of 2019, Lee was a co-author of Verizon's First Principles for Securing 5G, a white paper discussing Verizon's holistic approach to 5G security. Over the past 24 years with Verizon, Lee has had responsibilities for the testing, design, and architecture of Verizon's IP, MPLS, and FiOS networks and related services.

Venkata Josyula

Director, Technology and Product Development, Verizon

Venkata Josyula is a Director in Verizon's Technology and Product Development team, driving emerging technologies to enable new products and services. He has 20+ years of experience working in various leadership and engineering roles and has led teams on large-scale platform and application development, cloud infrastructure, computer vision platform services, location services, IP/MPLS network architectures, traffic engineering, routing protocols, and SDNs. His current areas of focus include quantum communications, blockchain, cybersecurity, and AI/ML applications.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights