Camped on a volcanic mountaintop in the New Mexico desert, physicist Richard Hughes and his colleagues at the Los Alamos National Laboratory are playing a game of subatomic catch. A laser mounted on a beat-up trailer fires through a thick filter, lobbing one photon at a time. Several miles away, those photons are collected by a telescope and analyzed to measure their polarizations—the orientation of their waves. This game is a warm-up for the big event, pitching photons to a telecom satellite in Earth orbit. When that happens, sometime within the next five years, it will mark the beginning of the age of truly secure communications.
The Los Alamos team is one of at least a dozen groups worldwide that are harnessing quantum physics to develop perfect encryption: coded messages impervious to the efforts of hackers. IBM researchers built the first working prototype quantum cryptographic system in 1989. But now researchers are about to make unbreakable security available to businesses swapping sensitive economic data, military commanders discussing top-secret plans, or ordinary people who want to know they can speak freely without fear of eavesdroppers.
Theoretically, perfect encryption has been around for a long time. In 1918 American mathematician Gilbert Vernam invented the one-time cipher, which substitutes a random number or letter for each character in a message. As long as you don't reuse that random sequence for subsequent messages, nobody can break the code. But to employ the code, you must send the sequence—the key that unscrambles the encrypted message—to the intended receiver. The problem is keeping the key from prying eyes. You could encrypt the key too, but then how do you keep the key's key secret? It was the reuse of such keys-to-the-key that allowed the British to crack the German Enigma code during World War II.
That problem is what makes quantum cryptography exciting. It uses photons, the quanta of electromagnetic energy, to send the key undetectably. A single photon represents each bit of information. Horizontally polarized photons, whose electromagnetic fields oscillate from side to side, could represent the 1's of digital information, while vertically polarized photons might denote 0's. A string of these photons can carry a key to encrypt and decrypt secret messages. Transmitting the photons one at a time eliminates the possibility that an eavesdropper could tap into the message without the sender and receiver knowing.
If the outsider attempted to peek at a single photon, it would be absorbed by his detector, and he would have to send a replacement photon to the intended recipient. This is where quantum physics trips up the interloper. Photons can be polarized in four directions: vertical, horizontal, and two diagonals. But quantum rules allow you to measure only vertical and horizontal or the two diagonals—not all four. If you measure a photon vertically and horizontally, but it was polarized diagonally, you're out of luck; it is impossible to tell in which of the two diagonals it was polarized.
In quantum cryptography the sender keeps track of the polarizations of the string of photons being sent. The receiver randomly chooses one of the two orientations for measuring each photon and reports those choices to the sender. Finally, the sender tells the receiver which photons he measured correctly. These agreed-upon photons form a string of bits that the two can use as a key to encrypt their messages.
Because an eavesdropper can measure the polarizations only half the time, he would have to guess half the time when he sends out replacement photons to cover his tracks. On average, a quarter of the substitute bits would be wrong. The sender and intended receiver could easily detect that error rate, so there would be no way to tap into a quantum message without announcing your presence. "That's really the crucial thing the quantum physics buys for you," Hughes says.
Now the difficulty lies in building a communications network that can handle the delicate process of quantum encryption. Hughes and his colleagues are concentrating on a "free space" system that sends the photons through open air, with the ultimate goal of bouncing laser pulses off a satellite—a tough technical challenge—to transmit an encrypted message anywhere in the world. Air molecules can disrupt the photons, but in October of last year, the Los Alamos team cleanly transmitted digital bits more than six miles, a record.
Richard Hughes of the Los Alamos National Laboratory (far left) sends and receives quantum-encoded messages by means of a rooftop laser and a sensitive light-detecting telescope. The laser shoots encrypted photons to another station six miles away (above right, circled). Incoming photons look just like noise (right) to anyone who does not have the key. When decoded, this message shows a photograph of Hughes and his colleagues with their transmitter.Photographs courtesy of Los Alamos National Laboratory
Space-based quantum cryptography could allow perfect privacy for all satellite communications, even television broadcasts. It would also be possible to distribute encryption keys virtually anywhere in the world. Although such systems will be expensive, "For secure diplomatic and military communications, they could ultimately be the method of choice," says Donald Bethune, a quantum researcher at IBM's Almaden Research Center in San Jose, California.
Over short distances on the ground, quantum cryptography will be much simpler and cheaper. Wireless optical communication systems that span up to five miles are already in use as voice and data networks linking businesses, hospitals, and university campuses. It would be easy to add single-photon encryption to these systems, Hughes says. Quantum encryption could also soon be a common component of fiber-optic cable networks. Last October a research team headed by Nicolas Gisin at the University of Geneva launched id Quantique S.A. to sell prototypes of a fiber-based quantum key distribution system. In New York City, MagiQ Technologies is developing a quantum security system to safeguard data transmitted between businesses in the same region. "The cost is comparable to hiring one more security guard," says Hoi-Kwong Lo, MagiQ's chief scientist.
BBN Technologies, a subsidiary of Verizon, is building quantum cryptography into an Internet link between Harvard University, Boston University, and the company's headquarters in Cambridge, Massachusetts. In the next few years, BBN will add switches that can shuttle encrypted streams of photons, says Chip Elliott, a principal engineer at the company: "Basically you set up a bunch of mirrors and bounce your single photons from me to you. That way you can build a shared-key distribution network without running a wire directly from person A to person B."
For quantum cryptography to become commonplace, researchers must improve the efficiency of the photon emitters and detectors to allow more rapid data transmission. The fastest existing single-photon devices work only when cryogenically refrigerated. "Users don't want to be pouring liquid helium into their secure network system. They want something they can plug into the wall," Hughes says. The cryptographic systems will also need quantum boosters, the equivalent of repeaters in phone lines, before people can routinely transmit quantum keys across the country or around the globe. Hughes thinks it might take a decade to develop this technology.
Still, the lure of quantum cryptography is irresistible in a security-conscious world. "It's very simple and it works," says Paul Kwiat, a professor of physics at the University of Illinois at Urbana-Champaign. "If we have some sort of activity that shows terrorists would have been thwarted by quantum cryptography, then we'll instantly have quantum cryptography all over the place."
RSA Laboratories, a leading cryptography company, has a helpful encryption tutorial: www.rsasecurity.com/rsalabs/faq.
The Centre for Quantum Computation at the University of Oxford has a good introduction to the subject: www.qubit.org/intros/crypt.html.
Also see Gottesman, Daniel, and Hoi-Kwong Lo. "From Quantum Cheating to Quantum Security." Physics Today 53 (November 2000). See www.aip.org/pt/vol-53/iss-11/p22.html.