Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Researchers at Toshiba, in Cambridge, U.K., have found a way to plug a security hole that currently limits how far and how fast encryption keys can be distributed using existing quantum-cryptographic systems. The developments could broaden the commercial appeal of “unconditionally secure” quantum key distribution, says Andrew Shields, head of Quantum Information Group at Toshiba Research Europe, who led the research.

Quantum cryptography is currently only used for sending encryption keys between buildings by some banks and government departments. But systems can only guarantee security over relatively short distances. The challenge is to extend the range and increase the speed at which the keys can be sent so that they can be used more widely, says Shields.

Current commercial quantum-cryptography systems are designed to enable two parties to exchange secret encryption keys without running the risk of them being intercepted. This is done by encoding the digital key information in bursts of light sent over standard optical fibers.

The 1s and 0s of these digital keys are encoded in time delays between pulses of individual photons. In theory, what makes this so secure is that any attempt by an eavesdropper to intercept the signal will necessarily involve removing individual photons from the signal–an act that can be detected.

In practice, however, this sort of unconditional security can only really be guaranteed if one’s light source emits nothing but single photons. Since this is not the case in current quantum encryption, eavesdropping attacks are possible. In one strategy, an eavesdropper siphons off individual photons; this attack relies on the fact that some pulses will consist of more than one photon, meaning they won’t be missed.

To get around this, existing commercial quantum-encryption systems use tricks to reduce the probability that pulses will contain multiple photons. For example, the systems might limit the intensity of each pulse and reduce the bit rate at which they are sent. However, the trade-off is that the weaker a pulse is, the less distance it can travel, while a slower bit rate will limit the speed at which keys can be distributed, says Shields.

Toshiba’s solution is to include within the signal what Shields calls “decoy pulses.” These pulses are randomly interspersed within the signal and are weaker than the rest of the signal. This means they rarely consist of more than one photon. If an eavesdropper tries blocking single photons while siphoning off multiple photons from the rest of the pulses, more of these decoy pulses will be blocked on average than will the rest of the signal. So by monitoring the proportion of signals to decoy pulses that make it through, it is possible to detect an attack.

4 comments. Share your thoughts »

Credit: Toshiba Research Europe Ltd.

Tagged: Computing, security, LED, fiber optics, quantum information

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me