The

encryption system generically called

quantum cryptography is really the

quantum transmission of a

one-time pad. In this system, two end points are connected by a

physical medium (

copper wire,

fiber optics) over which the transmission of

particles with quantum state is possible.

Let's call these two end points Alice and Bob. Alice wants to communicate with Bob, and has a message of N bits to send. Alice is, however, afraid that Lucy will get her hands on this message, so needs to encrypt it. It needs to be a one-time pad, because Alice really wants forward secrecy, and wouldn't get that if she used PGP. Fortunately, Alice and Bob have a copper wire between them, and the ability to set spin on electrons.

Alice generates about 6*N bits of random data (not pseudorandom), and splits it into two streams. The first stream will be the one time pad; the second stream is her encoding stream. Alice will now encode her one time pad into electron spins, using four spins, effectively:

- Vertical: | : one-time pad value of 1, encoder value of 0
- Horizontal: - : one-time pad value of 0, encoder value of 0
- Right diagonal: / : one-time pad value of 1, encoder value of 1
- Left diagonal: \ : one-time pad value of 0, encoder value of 1

Alice now sends the stream of encode bits to Bob.

Bob now *randomly* guesses, for each bit, whether the encoding bit was 0, or 1. If he thinks it was zero, he uses a "+" filter. If he thinks it was one, he'll use an "x" filter. Here is the neat part: If he guess wrong, the spin will rotate - with 50% probability in each direction - to be able to pass through the filter. He then tries to pass the bit through another filter (an appropriate | or / filter will do); if it passes through, the value is 1. If it didn't, it is zero (the spin will not rotate 90 degrees).

Bob now has a stream of bits, about half of which, because he guessed wrong, are useless. To determine which half, he sends to Alice - in the clear, on an authenticated channel, the list of guesses he mades. On the same channel, Alice tells him which ones were right. Bob discards the rest of the bits. For added safety, he verifies the parity of every *m* bits, *discarding the m*^{th} bit.

Because the act of reading the stream alters it, Lucy cannot read the stream and forward it to Bob. Because Bob is guessing randomly, and doesn't reveal his guesses until *after* he has read (and destroyed) the datastream, the probability of Lucy correctly guessing the same bits that Bob would correctly guess is 2^{1.5*N} -- highly improbable.