Skip to main content

Experimental quantum cryptography


We describe results from an apparatus and protocol designed to implement quantum key distribution, by which two users, who share no secret information initially: (1) exchange a random quantum transmission, consisting of very faint flashes of polarized light; (2) by subsequent public discussion of the sent and received versions of this transmission estimate the extent of eavesdropping that might have taken place on it, and finally (3) if this estimate is small enough, distill from the sent and received versions a smaller body of shared random information, which is certifiably secret in the sense that any third party's expected information on it is an exponentially small fraction of one bit. Because the system depends on the uncertainty principle of quantum physics, instead of the usual mathematical assumptions such as the difficulty of factoring, it remains secure against an adversary with unlimited computing power.


  1. [1]

    Bengio, S., G. Brassard, Y. Desmedt, C. Goutier, and J.-J. Quisquater, Secure implementation of identification systems, Journal of Cryptology, Vol. 4, no. 3, 1991, pp. 175–183.

    Google Scholar 

  2. [2]

    Bennett, C. H. and G. Brassard, An update on quantum cryptography, Advances in Cryptology: Proceedings of Crypto '84, August 1984, Springer-Verlag, New York, pp. 475–480.

    Google Scholar 

  3. [3]

    Bennett, C. H. and G. Brassard, Quantum cryptography: Public key distribution and coin tossing, Proceedings of IEEE International Conference on Computers, Systems, and Signal Processing, Bangalore, India, December 1984, pp. 175–179.

  4. [4]

    Bennett, C. H. and G. Brassard, Quantum public key distribution system, IBM Technical Disclosure Bulletin, Vol. 28, 1985, pp. 3153–3163.

    Google Scholar 

  5. [5]

    Bennett, C. H. and G. Brassard, The dawn of a new era for quantum cryptography: The experimental prototype is working!, Sigact News, Vol. 20, no. 4, Fall 1989, pp. 78–82.

    Google Scholar 

  6. [6]

    Bennett, C. H., G. Brassard, and S. Breidbart, Quantum cryptography II: How to re-use a one-time pad safely even if P=N P, unpublished manuscript available from the authors, November 1982.

  7. [7]

    Bennett, C. H., G. Brassard, S. Breidbart, and S. Wiesner, Quantum cryptography, or unforgeable subway tokens, Advances in Cryptology: Proceedings of Crypto '82, August 1982, Plenum, New York, pp. 267–275.

    Google Scholar 

  8. [8]

    Bennett, C. H., G. Brassard, C. Crépeau, and M.-H. Skubiszewska, Practical quantum oblivious transfer, Advances in Cryptology—Crypto '91 Proceedings (to appear).

  9. [9]

    Bennett, C. H., G. Brassard, C. Crépeau, and U. M. Maurer, Privacy amplification against probabilistic information, in preparation.

  10. [10]

    Bennett, C. H., G. Brassard, and N. D. Mermin, Quantum cryptography without Bell's theorem and without Einstein-Podolsky-Rosen states, Physical Review Letters (to appear).

  11. [11]

    Bennett, C. H., G. Brassard, and J.-M. Robert, How to reduce your enemy's information, Advances in Crytology—Crypto '85 Proceedings, August 1985, Springer-Verlag, New York, pp. 468–476.

    Google Scholar 

  12. [12]

    Bennett, C. H., G. Brassard, and J.-M. Robert, Privacy amplification by public discussion, SIAM Journal on Computing, Vol. 17, no. 2, April 1988, pp. 210–229.

    Google Scholar 

  13. [13]

    Brassard, G., Modern Cryptology: A Tutorial, Lecture Notes in Computer Science, Vol. 325, Springer-Verlag, Heidelberg, 1988.

    Google Scholar 

  14. [14]

    Brassard, G. and C. Crépeau, Quantum bit commitment and coin tossing protocols, Advances in Cryptology—Crypto '90 Proceedings (to appear).

  15. [15]

    Brickell, E. F. and A. M. Odlyzko, Cryptanalysis: A survey of recent results, Proceedings of the IEEE, Vol. 76, no. 5, May 1988, pp. 578–593.

    Google Scholar 

  16. [16]

    Crépeau, C., Correct and private reductions among oblivious transfers, PhD Thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, February 1990.

  17. [17]

    Crépeau, C. and J. Kilian, Achieving oblivious transfer using weakened security assumptions, Proceedings of 29th IEEE Symposium on the Foundations of Computer Science, White Plains, New York, October 1988, pp. 42–52.

  18. [18]

    Deutsch, D., Quantum communication thwarts eavesdroppers, New Scientist, 9 December, 1989, pp. 25–26.

  19. [19]

    Ekert, A., Quantum cryptography based on Bell's theorem, Physical Review Letters, Vol. 67, no. 6, August 1991, pp. 661–663.

    Google Scholar 

  20. [20]

    Gottlieb, A., Conjugal secrets—The untappable quantum telephone, The Economist, Vol. 311, no. 7599, 22 April 1989, p. 81.

    Google Scholar 

  21. [21]

    Impagliazzo, R. and D. Zuckerman, How to Recycle Random Bits, Proceedings of 30th IEEE Symposium on the Foundations of Computer Science, Research Triangle Park, North Carolina, October 1989, pp. 248–253.

  22. [22]

    Léger, C., personal communication.

  23. [23]

    Peterson, I., Bits of uncertainty: Quantum security, Science News, Vol. 137, 2 June 1990, pp. 342–343.

    Google Scholar 

  24. [24]

    Robert, J.-M., Détection et correction d'erreurs en cryptographie, Masters Thesis, Département d'informatique et de recherche opérationnelle, Université de Montréal, Montréal (Québec), Canada, 1985.

    Google Scholar 

  25. [25]

    Wallich, P., Quantum cryptography, Scientific American, Vol. 260, no. 5, May 1989, pp. 28–30.

    Google Scholar 

  26. [26]

    Wegman, M. N. and J. L. Carter, New hash functions and their use in authentication and set equality, Journal of Computer and System Sciences, Vol. 22, 1981, pp. 265–279.

    Google Scholar 

  27. [27]

    Wiesner, S., Conjugate coding, manuscript written circa 1970, unpublished until it appeared in Sigact News, Vol. 15, no. 1, 1983, pp. 78–88.

Download references

Author information



Additional information

This paper was accepted prior to the present Editor-in-Chief taking responsibility. A preliminary version of this paper was presented at Eurocrypt '90, May 21–24, Århus, Denmark, and has appeared in the proceedings, pp. 253–265. François Bessette was supported in part by an NSERC Postgraduate Scholarship. Gilles Brassard was supported in part by Canada's NSERC. This work was performed while John Smolin was visiting IBM Research.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Bennett, C.H., Bessette, F., Brassard, G. et al. Experimental quantum cryptography. J. Cryptology 5, 3–28 (1992).

Download citation

Key words

  • Key distribution
  • Polarized light
  • Privacy amplification
  • Public discussion
  • Quantum cryptography
  • Reconciliation protocols
  • Uncertainty principle
  • Unconditional security