As commerce rushes online, the ability to send private messages over public communications networks has become vitally important. The most secure means of encryption is for both the sender and the recipient of a message to use the same long string of random digits-known as a key-as the basis for encoding and decoding. But such a key must be exchanged, and whether the hand-off takes place via telephone, armored guard or carrier pigeon, there is always a risk of interception.

Well, almost always. Years ago, physicists came up with an approach called “quantum cryptography” that relies upon the bizarre laws of quantum mechanics to definitively shut out snoops and transmit key data in absolute security. IBM physicist Charles Bennett and his colleagues built the first working laboratory prototype in 1989. Now, researchers at IBM Almaden Research Center in San Jose, Calif., have built a device out of off-the-shelf telecommunications components that they say will soon move quantum cryptography out of the physics lab and into the real world.

Dubbed the “quantum cryptolink,” the IBM device encodes bits of key information into individual photons of light by polarizing them in one of two directions. Users can exchange the data-bearing photons across a fiber-optic cable over short distances. Security is guaranteed by Heisenberg’s uncertainty principle, which says it’s impossible for an eavesdropper to observe the photons without disturbing them. If the sender and legitimate recipient see signs of spying, they can throw out all or part of the key and try again.

To build the cryptolink, a team led by Nabir Amer, manager of IBM’s quantum information group, had to solve a number of practical problems. For instance, they implemented a signal-processing scheme to cancel out the errors that real-world fiber-optic networks introduce and which can leave a foothold for eavesdroppers to pilfer photons undetected. The biggest remaining challenge, according to IBM team member Bill Risk, is the ultra-sensitive photon detectors that must be chilled with liquid nitrogen to -173 C. Risk says new detectors cooled thermoelectrically should solve the problem.

By year’s end, Amer estimates, his lab will engineer “a prototype of a card you can plug into a network.” Although IBM doesn’t yet have specific plans for commercializing the cryptolink, Amer says it might be used to provide secure islands on corporate or government computer networks, or to protect citywide networks of automated teller machines.

But Tom Parenty, director of data and communications security at Emeryville, Calif., software firm Sybase, says that “even though quantum cryptography may offer 100 percent secure communication, my feeling is that it’s overkill for 99 percent of applications.” Standard cipher systems, some of which don’t require secure key exchange, can already ward off all but concerted attacks backed by massive computing power.

Amer believes that such ciphers could be rendered useless by another device in the works at IBM-the quantum computer. “If we ever have a quantum computer,” says Amer, it would compute fast enough to crack today’s codes “in a jiffy,” and only its cryptographic equal could ensure safe communication.