Source Count: 11 | Weighted Score: 33 | Source Confidence: [4/5] | Primary Tier: 1 | Last Updated: April 11, 2026
Keywords: quantum cryptography, QKD, BB84, quantum key distribution, entanglement, no-cloning theorem, quantum internet, photon, eavesdropping, information security
Category Tags: quantum-technology, cryptography, information-security, physics, communication
Cross-References: ZA_5_17 — Quantum Computing Architectures · ZA_5_16 — Squeezed States and Optomechanics · S_1_09 — Quantum Cryptography PQ Security · ZA_1_01 — Quantum Entanglement Nonlocality · ZA_5_15 — Quantum Internet Communications

QUICK SUMMARY

Quantum cryptography exploits fundamental principles of quantum mechanics — the no-cloning theorem, the observer effect, and quantum entanglement — to achieve provably secure communication. Unlike classical encryption (which relies on computational hardness assumptions like integer factoring), quantum key distribution (QKD) offers information-theoretic security: any eavesdropping attempt physically disturbs the quantum states being transmitted and is therefore detectable. The foundational protocol, BB84, was invented by Charles Bennett (IBM) and Gilles Brassard (Université de Montréal) in 1984 and experimentally demonstrated over 32 cm of free-space optics in 1989. Since then, QKD has been extended to fiber-optic distances exceeding 400 km, satellite-to-ground links (China's Micius satellite, launched 2016, achieved 1,200 km QKD in 2017), and metropolitan quantum networks in Tokyo, Vienna, Beijing, and Cambridge. In 2017, Jian-Wei Pan and colleagues demonstrated intercontinental quantum-secured video conferencing between Beijing and Vienna using Micius as a trusted relay. Despite these achievements, practical QKD systems face limitations in key generation rates, distance, cost, and vulnerability to implementation attacks (side-channel attacks on real hardware rather than the quantum protocol itself). The development of a full "quantum internet" — enabling distributed quantum computing, blind quantum computation, and device-independent QKD — remains a long-term research frontier.

1. VERIFIED CLAIMS (Tier 1 — Peer-Reviewed / Established)

1.1 BB84 Protocol

• Evidence: Charles Bennett and Gilles Brassard presented the BB84 protocol at the IEEE International Conference on Computers, Systems, and Signal Processing in Bangalore, India, in December 1984. The protocol works by encoding bits in the polarization states of single photons using two conjugate bases (rectilinear: horizontal/vertical; diagonal: +45°/−45°). Alice sends photons randomly prepared in one of four states; Bob randomly selects a measurement basis for each photon. They publicly compare bases (not outcomes) and keep only the results where they used the same basis (~50% of transmissions, forming the "sifted key"). The no-cloning theorem (proven by William Wootters and Wojciech Zurek, 1982, Nature 299: 802–803) guarantees that an eavesdropper (Eve) cannot copy the photon states without introducing detectable errors. If the error rate exceeds a threshold (~11% for BB84), they abort; otherwise, privacy amplification distills a shorter, perfectly secret key.
• Primary Source: Bennett and Brassard 1984, Proceedings of IEEE International Conference on Computers, Systems, and Signal Processing, 175–179; Wootters and Zurek 1982, Nature 299: 802–803. DOI: 10.1038/299802a0

1.2 First Experimental QKD Demonstration (1989)

• Evidence: Bennett, Brassard, and colleagues at IBM's T. J. Watson Research Center demonstrated the first working QKD system in 1989, transmitting polarized photons over 32.5 cm of free space in a darkened laboratory. The system used attenuated laser pulses (weak coherent states approximating single photons) rather than true single-photon sources. Results were published in Journal of Cryptology 5 (1992): 3–28. This proof-of-concept established that QKD was experimentally feasible, though the practical distance and rate were trivial by modern standards.
• Primary Source: Bennett et al. 1992, Journal of Cryptology 5: 3–28. DOI: 10.1007/BF00191318

1.3 Micius Satellite QKD (2016–2017)

• Evidence: China's Micius satellite (墨子号, Mòzǐ hào), launched on August 16, 2016, was the first satellite designed for quantum communication experiments. In 2017, Jian-Wei Pan et al. (University of Science and Technology of China, USTC) demonstrated: (1) satellite-to-ground QKD over 1,200 km with key rates of ~1 kilobit/s (Nature 549: 43–47); (2) satellite-mediated entanglement distribution over 1,200 km (Science 356: 1140–1144); and (3) ground-to-satellite quantum teleportation (Nature 549: 70–73). In September 2017, Pan's team used Micius as a trusted relay node to conduct the first intercontinental quantum-secured video conference between the Chinese Academy of Sciences in Beijing and the Austrian Academy of Sciences in Vienna (~7,600 km). KEY FINDING The Micius experiments demonstrated that satellite-based QKD can overcome the distance limitations of fiber-optic QKD (where photon loss increases exponentially with distance).
• Primary Source: Liao et al. 2017, Nature 549: 43–47. DOI: 10.1038/nature23655; Yin et al. 2017, Science 356: 1140–1144. DOI: 10.1126/science.aan3211

2. CREDIBLE CLAIMS (Tier 2 — Academic / Debated but Supported)

2.1 Ekert Protocol (E91) and Device-Independent QKD

• Evidence: In 1991, Artur Ekert proposed an entanglement-based QKD protocol (E91) in which Alice and Bob share entangled photon pairs and verify security by testing Bell's inequality (Physical Review Letters 67: 661–663). Any eavesdropping disturbs the entanglement, reducing the violation of Bell's inequality below the quantum limit and revealing Eve's presence. The E91 protocol led to the concept of device-independent QKD (DI-QKD), where security depends only on the observed Bell inequality violation and not on any assumptions about the internal workings of the quantum devices — protecting against both quantum and implementation attacks. KEY FINDING In 2022, three independent groups (Oxford, Munich, and ETH Zurich) demonstrated the first device-independent QKD experiments, though at extremely low key rates (~1 bit per minute) and short distances (<400 m).
• Counter-Argument: DI-QKD currently remains impractical for real-world deployment due to the extremely high detection efficiencies (>98%) and low-loss channels required for loophole-free Bell tests. Practical DI-QKD at useful distances and rates is likely a decade or more away.

2.2 Quantum Repeaters and the Quantum Internet

• Evidence: Classical optical signals can be amplified by repeaters without degradation, but the no-cloning theorem prevents amplifying quantum signals. Hans Briegel, Wolfgang Dür, J. Ignacio Cirac, and Peter Zoller (1998, Physical Review Letters 81: 5932–5935) proposed quantum repeaters based on entanglement swapping and quantum memories: stations along the fiber link create and store entangled pairs, then swap entanglement between adjacent pairs to extend the entangled distance without direct photon transmission. Several groups have demonstrated individual components (quantum memories using rare-earth-doped crystals, trapped atoms, and nitrogen-vacancy centers), but a complete multi-node quantum repeater network does not yet exist. The European Quantum Internet Alliance, China's Beijing-Shanghai quantum backbone (2,000 km of fiber QKD with trusted nodes, operational since 2017), and US DOE quantum network testbeds represent early infrastructure steps.
• Primary Source: Briegel et al. 1998, Physical Review Letters 81: 5932–5935. DOI: 10.1103/PhysRevLett.81.5932

3. SPECULATIVE CLAIMS (Tier 3 — Possible but Unverified)

3.1 Global Quantum Internet

• Evidence: Stephanie Wehner, David Elkouss, and Ronald Hanson (2018, Science 362: eaam9288) proposed a six-stage roadmap for a quantum internet, from trusted-node QKD networks (Stage 1, already deployed) to fully fault-tolerant quantum networks enabling distributed quantum computing and blind quantum computation (Stage 6, likely decades away). A quantum internet would enable applications impossible with classical networks: unconditionally secure communication, distributed quantum computing (linking quantum processors at different locations), coordinated telescope arrays via quantum-enhanced interferometry, and secure multiparty computation. However, the technological requirements for Stages 4–6 (error-corrected quantum memories with coherence times of seconds to hours, high-rate entanglement distribution over intercontinental distances) are far beyond current capabilities.

4. DUBIOUS CLAIMS (Tier 4 — No Credible Source / Contradicted by Evidence)

4.1 QKD as Inherently Unhackable

• Evidence: While the BB84 and E91 protocols are information-theoretically secure in principle, real-world QKD implementations have been repeatedly hacked through side-channel attacks — exploiting imperfections in the physical hardware rather than the mathematical protocol. Vadim Makarov et al. (2006, 2010) demonstrated "blinding attacks" on commercial QKD detectors: by shining a bright laser into Bob's single-photon detectors, Eve could force them into a classical regime where she could control their responses, obtaining the full key without introducing detectable errors. Hoi-Kwong Lo and colleagues have developed countermeasures including measurement-device-independent QKD (MDI-QKD, 2012), but the gap between theoretical security proofs and real hardware remains significant.
• DEBUNKED No real-world QKD system is "unhackable" — implementation security depends on closing all side channels, which is an ongoing engineering challenge.

Counter-Arguments & Criticisms

Bruce Schneier (2008, 2020) has argued that QKD solves the wrong problem: key distribution is not the weakest link in modern cryptographic systems — endpoints, software, and human factors are. Classical key distribution methods (Diffie-Hellman, RSA) already provide computational security sufficient for virtually all applications, and post-quantum cryptographic algorithms (lattice-based, code-based) will maintain that security even against quantum computers. Yuen (2009) and Bernstein (2017) criticized QKD's requirement for an authenticated classical channel (to prevent man-in-the-middle attacks during basis reconciliation), noting that this effectively reduces QKD to a key expansion protocol that still requires pre-shared classical secrets. Kenneth Paterson and Douglas Stebila (2012) argued that integrating QKD into real network security architectures introduces new attack surfaces and complexity without clear advantages over well-implemented classical alternatives. The practical limitations are also significant: QKD key rates over fiber are typically limited to ~1–10 Mbit/s at 50 km and drop to ~1 bit/s at 400 km (without quantum repeaters), compared to classical optical communication rates of ~100 Tbit/s over the same fiber. Cost per secure bit remains orders of magnitude higher than classical encryption.

IMAGES

No images assigned yet.

BIBLIOGRAPHY

1. Bennett, Charles; Gilles Brassard. : 175 179 | 1984 | "Quantum Cryptography: Public Key Distribution and Coin Tossing" | Proceedings of IEEE International Conference on Computers, Systems, and Signal Processing | ∅ | ∅ | ∅ | ∅ | ∅ | ∅ | ∅ | ∅
2. Bennett, Charles, et al | 1992 | "Experimental Quantum Cryptography" | Journal of Cryptology | ∅ | 5::3–28 | ∅ | ∅ | doi:10.1007/BF00191318 | ∅ | ∅ | ∅
3. Ekert, Artur | 1991 | "Quantum Cryptography Based on Bell's Theorem" | Physical Review Letters | ∅ | 67::661–663 | ∅ | ∅ | doi:10.1103/PhysRevLett.67.661 | ∅ | ∅ | ∅
4. Wootters, William; Wojciech Zurek | 1982 | "A Single Quantum Cannot Be Cloned" | Nature | ∅ | 299::802–803 | ∅ | ∅ | doi:10.1038/299802a0 | ∅ | ∅ | ∅
5. Liao, Sheng-Kai, et al | 2017 | "Satellite-to-Ground Quantum Key Distribution" | Nature | ∅ | 549::43–47 | ∅ | ∅ | doi:10.1038/nature23655 | ∅ | ∅ | ∅
6. Yin, Juan, et al | 2017 | "Satellite-Based Entanglement Distribution over 1200 Kilometers" | Science | ∅ | 356::1140–1144 | ∅ | ∅ | doi:10.1126/science.aan3211 | ∅ | ∅ | ∅
7. Briegel, Hans-J., et al | 1998 | "Quantum Repeaters: The Role of Imperfect Local Operations in Quantum Communication" | Physical Review Letters | ∅ | 81::5932–5935 | ∅ | ∅ | doi:10.1103/PhysRevLett.81.5932 | ∅ | ∅ | ∅
8. Wehner, Stephanie, David Elkouss; Ronald Hanson. eaam9288 | 2018 | "Quantum Internet: A Vision for the Road Ahead" | Science | ∅ | 362:: | ∅ | ∅ | doi:10.1126/science.aam9288 | ∅ | ∅ | ∅
9. Gisin, Nicolas, et al | 2002 | "Quantum Cryptography" | Reviews of Modern Physics | ∅ | 74::145–195 | ∅ | ∅ | doi:10.1103/RevModPhys.74.145 | ∅ | ∅ | ∅
10. Lo, Hoi-Kwong, Marcos Curty; Bing Qi | 2012 | "Measurement-Device-Independent Quantum Key Distribution" | Physical Review Letters | ∅ | 108::130503 | ∅ | ∅ | doi:10.1103/PhysRevLett.108.130503 | ∅ | ∅ | ∅
11. Scarani, Valerio, et al | 2009 | "The Security of Practical Quantum Key Distribution" | Reviews of Modern Physics | ∅ | 81::1301–1350 | ∅ | ∅ | doi:10.1103/RevModPhys.81.1301 | ∅ | ∅ | ∅

CROSS-REFERENCE INDEX

Generated from V4 expansion plan. Last Updated: April 11, 2026