Quantum key distribution (QKD) utilizes quantum effects to transmit information between two points.  In principle, the sender and receiver party can detect if a bit of information has been recorded by a third party in transit.  This is a type of information-theoretically secure system.

To quote the US NIST Advanced Network Technologies Division [210]:

Our nation's business and defense require secure transmission of information over communication links. There is a continuing need to develop advanced technologies to safeguard data transmission and communications.  QKD has been shown to be an effective cryptography key distribution mechanism when quantum computing becomes a reality, but it is still a developing technology.  In order to make QKD practical, we need to improve its performance in terms of key generation speed, transmission distance, and lowering error rates.  We need to develop measurement methodologies and metrics for the new system, and new protocols and standards for the new QKD infrastructure.

The limitations of QKD are expressed clearly here (our emphasis added):

Even if we ignored the heavy price tag of quantum cryptography (currently $100,000 for the hardware endpoints per fiber connection), the bigger problem with quantum cryptography is its limited application.  Because it can be deployed only in fixed point-to-point dedicated links with limited range, it doesn't meet the communication requirements of modern computing systems. We need point-to-many and many-to-many secure communication channels for fixed and mobile applications that traverse land, sea, and air over a wide range of physical transport layers.  Many of those transport layers, such as the Internet or wireless radio frequency communications, make it impossible to control the physical layer, so that we basically have to assume they're compromised by eavesdroppers to begin with.

The essential fact that remains that all security technologies founded on fundamentally new mathematical hardness problems or quantum physics must undergo many years of scrutiny prior to deployment.  A recent attack [226] published in June 2008 requires yet-another-adjustment to secure the QKD protocols.  See also the website and publications [301, 302] from the Quantum Hacking group at the Norwegian University of Science and Technology where they have demonstrated several practical attacks in 2008 against non-ideal properties found in the behavior of the hardware currently used to implement QKD systems.  We quote [220] (2004) in the section 6.9 subsection 4.3 on quantum key distribution:

It appears that this activity in security proofs for key distribution still has a long way to go. Very important fundamental and practical questions involving imperfect sources persist. Fundamental questions also remain open about the relation of security to the violation of Bell inequalities.  Also, because experiments are underway, there are a host of technical questions (e.g., involving the use of weak coherent sources) that deserve theoretical attention.

In summary QKD is an immature technology that is not suitable for securing general Internet communications.

For a cost effective alternative see Synaptic Labs' Group Key Exchange technology.

(We are in the process of putting the missing [references] online. Please This e-mail address is being protected from spambots. You need JavaScript enabled to view it if you need them in the interim.)