The basics of quantum key distribution are pretty easy to understand. First of all, what’s “key distribution”? If you want to communicate securely with somebody over a channel which is itself insecure, this is usually done by encrypting the message using an algorithm which is believed to be secure, such as the Advanced Encryption Standard (AES), which is widely used around the world and even implemented in hardware in recent Intel and AMD microprocessors and by encryption accelerators for a variety of machines. AES is believed to be secure against all known forms of attack and to remain so for an extended period of time. Along with the AES algorithm, which is public, a key, usually 256 bits in length, is used to encrypt the data. Such a key is sufficiently long that it is effectively impossible to guess or discover by exhaustive search.

AES is a symmetric-key algorithm, which means the same key is used to encrypt and decrypt data, and hence both parties to the communication must have identical copies of the key. This, then, raises the question of how they get those copies. Well, if they physically met, they could each take away a sheet of paper with randomly generated keys and use them. But what if they want to establish secure communications without having ever met as you do, for example, when logging onto an online banking service with a `https:`

URL? Both parties need to have a copy of the key, but if they have to send the key over the insecure channel, that defeats the whole point of the encryption, since Boris Badenov can snoop on the key then use it to decrypt the messages.

The most widely used solution to this problem today is public key cryptography, where a mathematical procedure called “trap door function” is used to set up an initial secure channel over which the encryption key can be exchanged. As long as the communicating parties keep their private keys secure and the trap door function does not contain a flaw which allows it to be easily computed or brute-forced, the system is secure. But the security of the system is no better than the trap door function, and the development of faster computers, better computational techniques such as quantum computing, or discovery of a mathematical short-cut that speeds up its computation, can render the system insecure, compromising not only new messages but all of the messages previously sent using it.

Quantum key distribution provides a way to securely distribute keys where security comes not from human cleverness but the fundamental laws of physics. There is a principle of quantum mechanics called the “no cloning theorem” which says that it is impossible, even in principle, to make a copy of a quantum state without scrambling the initial state without hope of recovery. Exploiting this theorem allows sending a key over a quantum channel in such a way that any attempt to eavesdrop on its transmission will be detectable. If the quantum-encoded signal is received properly, the sender and receiver are guaranteed it has not been intercepted or altered.

Doing this requires a channel that preserves the quantum state information of the signal it sends and this is, in practice, difficult. Over the years, this has progressed from tabletop experiments in laboratories to fibre optic links across Lake Geneva to satellite links developed by Chinese researchers.

Key distribution for secure communication is a pretty esoteric item, and it’s far from clear that “leading the world by at least ten years” in this area is worth all that much in the real world.