Journal of Cryptology

, Volume 5, Issue 1, pp 3–28

Experimental quantum cryptography


  • Charles H. Bennett
    • IBM Research, Yorktown Heights
  • François Bessette
    • Départment IROUniversité de Montréal
  • Gilles Brassard
    • Départment IROUniversité de Montréal
  • Louis Salvail
    • Départment IROUniversité de Montréal
  • John Smolin
    • Physics DepartmentUniversity of California at Los Angles

DOI: 10.1007/BF00191318

Cite this article as:
Bennett, C.H., Bessette, F., Brassard, G. et al. J. Cryptology (1992) 5: 3. doi:10.1007/BF00191318


We describe results from an apparatus and protocol designed to implement quantum key distribution, by which two users, who share no secret information initially: (1) exchange a random quantum transmission, consisting of very faint flashes of polarized light; (2) by subsequent public discussion of the sent and received versions of this transmission estimate the extent of eavesdropping that might have taken place on it, and finally (3) if this estimate is small enough, distill from the sent and received versions a smaller body of shared random information, which is certifiably secret in the sense that any third party's expected information on it is an exponentially small fraction of one bit. Because the system depends on the uncertainty principle of quantum physics, instead of the usual mathematical assumptions such as the difficulty of factoring, it remains secure against an adversary with unlimited computing power.

Key words

Key distributionPolarized lightPrivacy amplificationPublic discussionQuantum cryptographyReconciliation protocolsUncertainty principleUnconditional security

Copyright information

© International Association for Cryptologic Research 1992