In the realm of security research, there are always three protagonists: Alice always wants to get connected with Bob. Eve, the jealous bystander, wants to get in their way. Hence, Alice and Bob have to communicate in code.

Currently, standard encryption techniques work very well, but Alice lives in fear of Eve developing a usable quantum computer. To counter this, Alice and Bob have been sold a new quantum key distribution (QKD) system. These systems guarantee, based on the very laws of physics, that their codes will be unbreakable. Unfortunately, Eve has turned out to be as clever as the physicists who developed QKD, meaning there's a new security battleground rather than the promised security nirvana. But a new development, based on something called entanglement swapping, closes off the loopholes that allowed Eve in.

Is the key alive or dead?

QKD relies on the fundamental principles of quantum mechanics to generate a common secret key between two parties. The basic idea is that Alice generates photons with polarizationstates chosen at random from a fixed set. Bob then makes a polarization measurement on that photon. But a quantum measurement is really a question of the "are you X polarization?" sort, and he can only ask once. So, Bob chooses a polarization at random from the same set as Alice and asks his question.

To generate the key, Alice and Bob share (through a classical communications channel) a record of their instrument settings. From the record, they choose those instances where they happened, by chance, to choose the same polarization settings. We then have two random number generators coming together to produce a common sequence of bits that form a shared secret key.

Eve cannot determine the key from the classical communications between the Alice and Bob. The quantum signal consists of single photons—if she intercepts them, no key will be generated. Indeed, even if she intercepts the quantum signal and then re-sends a new signal, this will, in principle, be detected by Alice and Bob, because Eve modifies the statistics of the key generation process.

Was that a principle I heard shattering against reality?

That phrase, "in principle," should be banned. What it really means is "we would love it to be so, but it really isn't." In this case, the principle fails because quantum measurements are always converted to a classical signal. This process is vulnerable to manipulation, and a number of attacks have been shown to work against QKD through this weakness.

The problem is that Alice and/or Bob have to expose one of their detectors to Eve, so she has the potential to intercept the single photons and then fake the detectors into thinking they are measuring a quantum state when, in fact, they are just spitting out the numbers that Eve wants them to get.

Quantum entanglement Quantum entanglement is one of the most misused concepts around. Entanglement is delicate, rare, and short-lived. At its heart, quantum entanglement is nothing more or less than a correlation between two apparently separate quantum objects. Having discovered that, you might ask "so what is all the fuss about?" The answer lies deep in quantum mechanics. Read more…

Letting Eve do the work for you

A pair of researchers from the UK have proposed a new scheme that keeps the detectors from being exposed to Eve and, even better, uses Eve to inadvertently generate the key for you. The physics behind this scheme is called entanglement swapping. How does swapping entanglement help? Well, Alice and Bob both generate a pair of entangled photons. They each keep one photon and send the other out into the wide world to seek fame, fortune, and another like-minded photon. At this point, Alice and Bob do not share any common quantum states with which to generate a key, though.

Somewhere in the middle of their journey, the photons enter the realm of an untrusted third party—who, in the worst case, is Eve. Eve takes the two photons and, according to the paper, does something quantum to them. In fact, the specific quantum operation doesn't matter as long as it mixes the two photons to create a new entangled state. A simple example is that Eve passes them simultaneously through a beamsplitter (a partially reflective mirror, for instance). Each photon can either reflect off the mirror or be transmitted by the mirror, and we don't know which did what. In any case, after passing through the beamsplitter, the two independent photons now have a single entangled state.

Eve then takes a measurement of her photons. She controls what quantum operation she does and she controls what measurement she makes. She does have to report the results of her measurements to Alice and Bob, but she doesn't have to be honest about it—she can do so in a way that would let her manipulate a standard QKD system.

So, how do Alice and Bob get a shared key from this?

Well, the simple fact of reporting the measurements tells Alice and Bob that they have a shared entangled source. The act of Eve's measurements limit the potential results from Alice and Bob's measurements. Once enough measurements are made, they figure out what the range of potential correlated results are.

Remember, the secret key is generated from the correlations between Alice and Bob's photons. The key is generated, as before, by sharing the details of how they made their measurements.

So, what if Eve lies about the results of her measurements? The more outrageously Eve lies, the smaller the correlations between Alice and Bob. Since Alice and Bob know their own systems, they know what the optimum correlations are and will know that Eve is playing them. If Eve tries to be subtle, and only modifies her results a small amount, she only extends the time it takes for Alice and Bob to generate a shared key. Indeed, the best that Eve can do is prevent the generation of a key.

The big improvement over standard QKD schemes is that neither Alice nor Bob need to expose any of their classical detectors to the outside world, so Eve cannot fake them out. The downside is that the photons from Alice and Bob have to be synchronously manipulated by Eve. That could be troublesome to implement outside the laboratory.

Physical Review Letters, 2012, DOI: 10.1103/PhysRevLett.108.130502