Quantum Key Distribution (QKD) is a way to generate and share secret cryptographic keys with the guarantee that any eavesdropping attempt will be detected.
Let’s see it in action, not with abstract theory, but with a simplified, conceptual flow. Imagine two parties, Alice and Bob, wanting to share a secret key.
Alice has a source that can emit single photons, each polarized in one of four ways: horizontal (0 degrees), vertical (90 degrees), diagonal (45 degrees), or anti-diagonal (135 degrees). She uses a protocol like BB84.
Alice sends photons:
Photon 1: Polarized at 0 degrees (representing a '0' bit)
Photon 2: Polarized at 45 degrees (representing a '1' bit)
Photon 3: Polarized at 90 degrees (representing a '1' bit)
Photon 4: Polarized at 135 degrees (representing a '0' bit)
... and so on
Bob has a detector that can measure photon polarization in one of two bases: the rectilinear basis (measuring horizontal/vertical) or the diagonal basis (measuring 45/135 degrees). He doesn’t know which basis Alice used for each photon before he measures it.
Bob's actions for each photon received:
Photon 1: Bob randomly chooses to measure in the rectilinear basis. He detects it as horizontal.
Photon 2: Bob randomly chooses to measure in the diagonal basis. He detects it as 45 degrees.
Photon 3: Bob randomly chooses to measure in the rectilinear basis. He detects it as vertical.
Photon 4: Bob randomly chooses to measure in the diagonal basis. He detects it as 45 degrees.
After receiving a stream of photons, Alice and Bob communicate over a classical channel (like a regular internet connection) and do two things:
- They reveal the basis they used for each photon. Alice says, "For photon 1, I used rectilinear. For photon 2, I used diagonal…" Bob says, "I measured photon 1 in rectilinear. I measured photon 2 in diagonal…"
- They discard bits where their bases didn’t match. If Alice sent in rectilinear and Bob measured in diagonal, they throw away that result. If they both used the same basis, they keep the bit.
Alice's basis choices: [Rectilinear, Diagonal, Rectilinear, Diagonal]
Bob's basis choices: [Rectilinear, Diagonal, Rectilinear, Diagonal]
Matching bases: Photon 1 (Rectilinear), Photon 2 (Diagonal), Photon 3 (Rectilinear), Photon 4 (Diagonal)
The resulting sequence of bits they both kept is their raw secret key.
Alice's bits sent: [0, 1, 1, 0] (based on her polarization choices)
Bob's measured bits: [0, 1, 1, 1] (based on his measurements and basis choices)
After discarding mismatches, their shared raw key is: [0, 1, 1, 0]
Now, what about eavesdropping? If an eavesdropper, Eve, tries to intercept and measure a photon, she has to guess which basis to use. If she guesses wrong, she collapses the photon’s state into a random polarization, and even if Alice and Bob later use the correct basis, Bob’s measurement will be wrong.
Eve intercepts Photon 2 (sent by Alice at 45 degrees, representing '1').
Eve randomly chooses to measure in the rectilinear basis. She gets a 50/50 chance of measuring horizontal or vertical. Let's say she measures horizontal.
Eve then re-emits a photon with that polarization (horizontal).
Alice sent: 45 degrees ('1')
Eve measured: Horizontal (mistake, she used wrong basis)
Bob measured (using Diagonal basis): Detects a vertical photon (because Eve's re-emitted photon is now horizontal, which is vertical in the diagonal basis if you think about it – the point is, Bob gets the wrong bit).
Alice's bit: 1
Bob's measured bit: 0 (due to Eve's interference)
Alice and Bob detect this discrepancy by publicly comparing a subset of their raw key bits. If the error rate is above a certain threshold (e.g., >15%), they know an eavesdropper was present and discard the entire key. If the error rate is low, they can use error correction and privacy amplification techniques to distill a truly secret key.
The core problem QKD solves is key distribution in a way that’s fundamentally secured by the laws of physics, not just mathematical complexity. Unlike traditional public-key cryptography, which relies on the computational difficulty of certain math problems (like factoring large numbers), QKD’s security is based on quantum mechanics. Specifically, the act of measuring a quantum system inevitably disturbs it. Any attempt by an eavesdropper to "listen in" on the quantum channel will introduce detectable errors.
The "levers" you control in QKD are primarily related to the physical implementation: the type of photon source (e.g., attenuated laser, single-photon source), the detectors (e.g., SPADs, SNSPDs), the transmission medium (e.g., optical fiber, free-space), and the specific QKD protocol (BB84, E91, etc.). The choice of these impacts distance, key generation rate, and security against specific types of side-channel attacks.
What most people don’t realize is that QKD doesn’t replace all cryptography. It’s specifically for generating and distributing symmetric keys. You still need public-key cryptography for initial authentication (to ensure Alice is talking to Bob and not Eve pretending to be Bob) or for tasks like establishing an initial secure channel for QKD itself. The quantum channel is for key distribution, not for sending encrypted messages.
The next hurdle you’ll encounter is understanding how to implement robust error correction and privacy amplification algorithms to distill a truly secure key from the raw, potentially error-prone, shared bits.