upgrade
upgrade

🔐Quantum Cryptography

Key Quantum Cryptography Algorithms

Study smarter with Fiveable

Get study guides, practice questions, and cheatsheets for all your subjects. Join 500,000+ students with a 96% pass rate.

Get Started

Why This Matters

Quantum cryptography represents one of the most revolutionary applications of quantum mechanics, and you're being tested on understanding why these protocols work, not just what they do. The security of quantum cryptographic systems stems from fundamental physical principles—the no-cloning theorem, measurement disturbance, and quantum entanglement—that make eavesdropping mathematically detectable. These concepts connect directly to broader themes in quantum information theory, including superposition, basis states, and Bell inequalities.

When you encounter these algorithms on an exam, you need to recognize which quantum principle each protocol exploits and how they compare in terms of efficiency, security guarantees, and practical implementation. Don't just memorize protocol names and dates—know what physical mechanism protects each one and when you'd choose one approach over another.

Foundational Key Distribution Protocols

These protocols form the backbone of quantum cryptography, each using different quantum properties to distribute encryption keys securely. The core insight is that quantum states cannot be copied or measured without disturbance, making interception detectable.

BB84 Protocol

  • First QKD protocol ever proposed—developed by Charles Bennett and Gilles Brassard in 1984, establishing the entire field of quantum cryptography
  • Encodes bits using photon polarization in two conjugate bases (rectilinear and diagonal), requiring basis reconciliation between sender and receiver
  • Security derives from measurement disturbance—any eavesdropper attempting to intercept photons introduces detectable errors due to the no-cloning theorem

B92 Protocol

  • Simplified BB84 variant—introduced by Bennett in 1992, using only two non-orthogonal quantum states instead of four
  • Reduced complexity trades off with efficiency—fewer states mean simpler implementation but lower key generation rates
  • Security relies on non-orthogonality—measuring one state inevitably disturbs the other, making eavesdropping detectable through increased error rates

Six-State Protocol

  • BB84 extension using three conjugate bases—adds a third measurement basis (circular polarization) for six total states
  • Higher information density per photon—transmits more key bits but requires more sophisticated detection equipment
  • Enhanced security against certain attacks—the larger state space makes it harder for eavesdroppers to gain information without detection

Compare: BB84 vs. B92—both use photon polarization and measurement disturbance for security, but BB84 uses four states in two bases while B92 uses only two non-orthogonal states. If asked about the tradeoff between implementation simplicity and efficiency, B92 is your go-to example.

Entanglement-Based Protocols

These protocols leverage quantum entanglement—the "spooky action at a distance" that Einstein famously questioned. Security here comes from the correlations between entangled particles, which cannot be replicated by any classical system.

E91 Protocol

  • First entanglement-based QKD—proposed by Artur Ekert in 1991, fundamentally different from prepare-and-measure schemes like BB84
  • Uses Bell's theorem for security verification—violations of Bell inequalities prove the quantum nature of correlations and absence of eavesdroppers
  • Entangled photon pairs distributed to both parties—measurements on each particle are correlated regardless of distance, enabling key generation

Three-Stage Protocol

  • Hybrid approach combining entanglement and classical communication—uses multiple rounds of quantum and classical exchanges
  • Balances security with practical efficiency—designed to work with realistic, imperfect quantum channels
  • Robust against channel noise—the staged approach allows error correction without compromising security guarantees

Compare: E91 vs. BB84—E91 uses pre-shared entanglement while BB84 uses single-photon transmission. E91's Bell test provides device-independent security verification, making it theoretically stronger but harder to implement. For FRQs on entanglement applications, E91 is the canonical example.

Attack-Resistant Protocol Variants

As quantum cryptography matured, researchers developed protocols specifically designed to counter known attack strategies. These represent the ongoing arms race between cryptographers and potential adversaries.

SARG04 Protocol

  • Designed to defeat photon number splitting (PNS) attacks—developed by Scarani, Acin, Ribordy, and Gisin in 2004
  • Uses same four states as BB84 but different encoding—the classical post-processing differs, making multi-photon pulses less exploitable
  • Critical for practical implementations—real laser sources occasionally emit multiple photons, which PNS attacks exploit; SARG04 mitigates this vulnerability

Compare: SARG04 vs. BB84—identical quantum states but different classical processing. SARG04 sacrifices some efficiency for robustness against realistic attacks on imperfect photon sources. This distinction tests whether you understand that security depends on both quantum and classical protocol components.

Beyond Key Distribution

Quantum cryptography extends beyond just distributing keys. These protocols apply quantum principles to other cryptographic tasks, each exploiting different aspects of quantum mechanics.

Quantum Key Distribution (QKD)

  • Umbrella term for all quantum key exchange methods—encompasses BB84, E91, and all variants as specific implementations
  • Guarantees detection of eavesdropping—any interception attempt disturbs quantum states, increasing measurable error rates above security thresholds
  • Foundation enabling all other quantum cryptographic applications—secure keys generated via QKD can then protect classical encrypted communications

Quantum Digital Signatures

  • Quantum analog of classical digital signatures—verifies message authenticity and sender identity using quantum states
  • Unforgeable due to no-cloning theorem—quantum signature states cannot be copied, preventing signature duplication attacks
  • Enables non-repudiation in quantum networks—senders cannot deny having signed a message, critical for quantum commerce applications

Quantum Secret Sharing

  • Distributes secrets among multiple parties—divides quantum information so that only authorized subsets can reconstruct the original
  • Threshold schemes require kk of nn participants—any fewer than the threshold reveals zero information about the secret
  • Applications in distributed quantum computing—enables secure multi-party computation where no single party holds complete information

Compare: Quantum Digital Signatures vs. Quantum Secret Sharing—both go beyond key distribution, but signatures verify identity (authentication) while secret sharing distributes trust (access control). Understanding this functional distinction helps on questions about quantum cryptography applications.

Quantum Secure Direct Communication (QSDC)

  • Transmits messages directly without pre-shared keys—combines key generation and message transmission into a single protocol
  • No separate key distribution phase required—quantum states carry the actual message content, not just key bits
  • Higher efficiency but stricter channel requirements—eliminates key management overhead but demands lower-noise quantum channels

Compare: QSDC vs. traditional QKD—QKD distributes keys that then encrypt classical messages, while QSDC sends quantum-encoded messages directly. QSDC is more efficient but less flexible; QKD keys can encrypt multiple messages while QSDC requires quantum transmission for each communication.

Quick Reference Table

ConceptBest Examples
Measurement disturbance securityBB84, B92, Six-State Protocol
Entanglement-based securityE91, Three-Stage Protocol
Attack-resistant variantsSARG04 (PNS attacks), Six-State (general attacks)
Non-orthogonal state encodingB92, SARG04
Beyond key distributionQuantum Digital Signatures, Quantum Secret Sharing, QSDC
Practical implementation focusSARG04, Three-Stage Protocol
Foundational/historical importanceBB84, E91, QKD (general framework)

Self-Check Questions

  1. Which two protocols both use photon polarization but differ in the number of states employed? Explain why reducing the number of states affects both implementation complexity and key generation efficiency.

  2. Compare and contrast BB84 and E91: What quantum principle does each exploit for security, and what practical advantages might each offer?

  3. If an adversary has access to a photon source that occasionally emits multiple photons, which protocol variant specifically addresses this vulnerability? Explain the attack it prevents.

  4. Identify which protocols would be classified as "prepare-and-measure" versus "entanglement-based." What fundamental difference in quantum resources does this distinction reflect?

  5. An FRQ asks you to design a secure communication system where multiple branch offices must collaborate to access sensitive data, but no single office should have complete access. Which quantum cryptographic primitive would you recommend, and why does it offer advantages over classical approaches?