So, you want a quantum key distribution system?
A while ago, I explained how quantum key encryption worked. At the time, I said that this form of quantum encryption is in the early stages of commercial application. Well, along comes this article (just a preview--the whole thing isn't free) in Scientific American to prove my point. "Best Kept Secrets" by Gary Stix is in the January 2005 issue. Here's an excerpt:
So, what companies are producing these quantum key distribution systems? They would be id Quantique, a company in Geneva which has an optical fiber system which can operate over tens of kilometers, and MagiQ Technologies, located in New York, which can send keys up to 100 km. So how much will one of these systems run you? MagiQ is charging $70,000+ for a system, while I don't have a clue what id Quantique charges (incidentally, Quantique also produces a quantum random number generator, for those who like true randomness, at least according to the accepted theory of quantum mechanics). Of course, as I pointed out in my previous post, quantum key distribution is inefficient, and, as I didn't point out, it's also technologically hard to do, so these products don't have the highest bitrates in the world, somewhere around 10 kbps. Yes, that is slower than any current dial-up modem. You can re-use a 1000 bit key to encrypt 2000 bits of data, just by using it twice in a row, so you don't have to send the key as fast as your data, but this pretty much kills the key's usefulness. I mean, it's still a pretty good key, but it's no longer unbreakable, which was the whole point of spending all this money on a quantum key distribution system in the first place, wasn't it? If the same key is used twice, this gives your eavesdropper (Eve) an avenue of attack. Even if there are 2^1000 variations for Eve to try, when both halves of the data makes sense, then she knows she's found something. It may not be quite the correct key, as you can imagine that several keys will give you sensible messages, but she has more information than before, and the more times you re-use the same key, the closer Eve comes to finding exactly what that key is. Whereas, if the key is as long (or longer) than the message, then any key she comes up with is just a random guess. Sure, you can come up with all sorts of messages that make sense that are 100 letters long or less, but there's no way to tell which one is what was actually sent.
Today quantum cryptography has come a long way from the jury-rigged project assembled on a table in Bennett's office. The National Security Agency or one of the Federal Reserve banks can now buy a quantum-cryptographic system from two small companies--and more products are on the way. This new method of encryption represents the first major commercial implementation for what has become known as quantum information science, which blends quantum mechanics and information theory. The ultimate technology to emerge from the field may be a quantum computer so powerful that the only way to protect against its prodigious code-breaking capability may be to deploy quantum-cryptographic techniques.
So, what companies are producing these quantum key distribution systems? They would be id Quantique, a company in Geneva which has an optical fiber system which can operate over tens of kilometers, and MagiQ Technologies, located in New York, which can send keys up to 100 km. So how much will one of these systems run you? MagiQ is charging $70,000+ for a system, while I don't have a clue what id Quantique charges (incidentally, Quantique also produces a quantum random number generator, for those who like true randomness, at least according to the accepted theory of quantum mechanics). Of course, as I pointed out in my previous post, quantum key distribution is inefficient, and, as I didn't point out, it's also technologically hard to do, so these products don't have the highest bitrates in the world, somewhere around 10 kbps. Yes, that is slower than any current dial-up modem. You can re-use a 1000 bit key to encrypt 2000 bits of data, just by using it twice in a row, so you don't have to send the key as fast as your data, but this pretty much kills the key's usefulness. I mean, it's still a pretty good key, but it's no longer unbreakable, which was the whole point of spending all this money on a quantum key distribution system in the first place, wasn't it? If the same key is used twice, this gives your eavesdropper (Eve) an avenue of attack. Even if there are 2^1000 variations for Eve to try, when both halves of the data makes sense, then she knows she's found something. It may not be quite the correct key, as you can imagine that several keys will give you sensible messages, but she has more information than before, and the more times you re-use the same key, the closer Eve comes to finding exactly what that key is. Whereas, if the key is as long (or longer) than the message, then any key she comes up with is just a random guess. Sure, you can come up with all sorts of messages that make sense that are 100 letters long or less, but there's no way to tell which one is what was actually sent.
