### Quantum Key Distribution

As an ever-growing fraction of our daily activities depends on electronic communication, the security of the exchange of sensitive information has rapidly become an issue of utmost importance. This problem is solved by encrypting the information before transmission (i.e. combining it with a key using a certain mathematical algorithm), and decrypting it after reception. If intercepted during transmission, a good cryptosystem ensures that the information is incomprehensible to an eavesdropper.

The security of today’s widely-used ‘public-key’ cryptosystems lies in the difficulty of performing certain mathematical operations, e.g. factorization of a large number into its primes in the case of ‘RSA’. The difficulty of these operations determines the time it takes an eavesdropper to decrypt the encrypted message. Clearly, reliable encryption should require hundreds of years to break. However, there is no proof that factorizing, or any other algorithm used in current cryptosystems, is indeed difficult, i.e. time consuming. Threats include faster computers or larger computer clusters that can solve these problems in less time, and the sudden discovery of an efficient algorithm or the emergence of a quantum computer that make these operations immediately simple. In contrast, encryption based on quantum key distribution (QKD) has been proven to remain secure regardless the advances in computer technological or algorithms; not even a quantum computer can break it. Combining a secure ‘quantum-distributed’ key with an equally-long message bit by bit then yields an encrypted text that cannot be decrypted without knowing the key, regardless the available resources in terms of time and technology.

In its simplest form, QKD requires a sender and a receiver who prepare and measure photons, respectively. However, despite the high maturity of so-called ‘prepare & measure‘ QKD systems, they have serious drawbacks. In particular, their security can be broken by exploiting vulnerabilities of single-photon detectors.

In our lab, we focus on the implementation of the so-called measurement-device independent (MDI) QKD protocol, in which Alice and Bob both prepare attenuated laser pulses in suitable quantum states, and then send them to Charlie – situated ideally at the mid-point between Alice and Bob – who projects their joint state onto a maximally entangled state. This ensures that controlling detectors does not help an eavesdropper gain information about the distributed key.

Our work on MDI-QKD started in Calgary with the first proof-of-principle demonstration, including the first demonstration of MDI-QKD over deployed fibre. Current tasks include further improvements of the performance and the technological readiness level of our system, as well as its extension to hybrid links comprising both a fibre and a free-space transmission channel. This anticipates the future development of a large-scale quantum network in which both types of channels will be required – the free-space (e.g. satellite-based) channel to cover long distances, and the fibre channel to connect conveniently to various users.