Chinese researchers have put forward a new quantum cryptography standard that could, if confirmed, substantially increase the speed of encrypted messages. The proposed new standard has been simulated on computers although not yet tested in the lab.

Quantum cryptography, the next-generation of secret messages whose secrecy is guaranteed by the laws of quantum mechanics, has been in the news recently. Last fall a group from the Chinese Academy of Sciences transmitted quantum cryptographically encoded communications (via satellite) to a ground station in Vienna, Austria.

The communications included quantum-encoded images and a 75-minute quantum-cryptographically secured videoconference, consisting of more than 2 gigabytes of data. *IEEE Spectrum *reported on the event at the time. And now, as of last month, the entire project has been detailed in the journal *Physical Review Letters.*

Media coverage of the event stressed its significance in moving toward a so-called “quantum Internet.” Yet the quantum internet would still be a distant dream when quantum cryptography can only mediate one or, at most, a few quantum-secured communications channels. To scale up to anything worthy of the name quantum Internet, quantum cryptography would need to generate not only thousands of cryptographic keys per second. Rather, a scalable quantum crypto system should aspire to key-generation rates closer to billions per second or greater—in the gigahertz (GHz) range and up, not kilohertz (kHz).

“Theoretically we can get gigahertz levels of quantum key distribution,” says Pei Zhang, professor of applied physics at Xi’an Jiaotong University in Xi’an, China.

Zhang and five other researchers from his university and Tsinghua University in Beijing have built a quantum crypto protocol on a different and potentially more capacious standard than what last fall’s video teleconference used. (To be fair, other GHz-speed quantum crypto protocols have recently been proposed as well.)

The teleconference, mediated by a dedicated quantum communications satellite China launched in August 2016, was secured by a kilohertz-speed quantum encoder that generated perfectly random but also perfectly synchronized secret crypto keys called a “one-time pad.”

Cryptography via one-time pad is technically uncrackable. However, three caveats behind that claim make one-time pads (a.k.a. secret-key cryptography) extremely difficult to achieve in the real world. The first caveat is that the size of the secret key needs to be at least as long as the data it’s encoding. The second is that, as the name suggests, the one-time pad can only be used once. Then, thirdly and crucially, the one-time pad must be known by only the encoder and the decoder and nobody else.

In conventional cryptography, the third requirement can never be guaranteed. A one-time pad that’s shared between Alice, in Anaheim, and Bob, in Beijing, could be leaked or compromised or intercepted, and neither Alice nor Bob would know the difference. Quantum cryptography, by contrast, uses the very fragile nature of quantum states as nature’s own guarantee of security.

Since the 1930s, physicists have known about (and Albert Einstein famously puzzled over) a peculiar property of, say, photons that originate from an atomic decay or certain kinds of non-linear crystals. These so-called entangled photons are so interconnected that an observation of certain properties in the first photon instantaneously activates related properties in the other photon, no matter how far apart those two photons are separated.

Last fall’s video conference used a quantum cryptographic protocol based on photon polarization. Pairs of entangled photons were shared between the China and Austria ground stations. Then each station measured polarization of the entangled photons such that, after comparing how they observed without revealing what they observed, the Chinese and Austrian stations could then distill secret and shared strings of 0s and 1s from the measurements.

Those 0s and 1s came out of the quantum crypto system in the thousands of digits per second. And that string of numbers was the one-time pad that one side encoded the message with, while the other decoded the message with the same secret key.

These are all exciting developments, Zhang says. But using this crypto standard, ultimately each individual photon can only convey at most one bit of a quantum cryptographic key.

However, there is another quantum state within a photon that has the potential to encode more than one quantum crypto bit per photon. As such, a quantum multiplexed secret key could be important to practicable and scalable quantum cryptography.

The way Zhang’s team proposes to achieve the speedup involves measuring not a photon’s polarization but rather a kind of slant-wise angular momentum that a photon also carries. Think of a photon’s so-called orbital angular momentum as the wobbling and sideways bump it might impart to a particle that was just off center from the beam.

Because OAM, as it’s called, is a more subtle property than polarization, it’s harder to measure. Therefore, it’s also more challenging to use as a quantum cryptographic standard. The first-generation OAM-based quantum key distribution (QKD) would encode two bits of secret key per photon.

However, higher-order photon OAM states could also be exploited in later-generation standards that could ramp up the new QKD proposal to greater and greater throughputs.

Zhang says his group’s paper, posted online in January, has been submitted to a prominent journal for peer review. But a proof-of-principle prototype of the group’s quantum crypto system is already underway.

Robert Boyd, professor of optics and physics at the University of Rochester in New York, has begun working with Zhang’s group to realize the OAM quantum cryptography protocol in the lab.

“My opinion is that in OAM-QKD one needs to work very hard to extract modest (factor-of-two) improvements in data rates,” Boyd said in an email interview. “However, no one ever said that engineering is supposed to be easy. Also, a factor-of-two improvement in data rates is a significant improvement in a real data link.”

## Comments