Quantum Key Distribution (QKD)

Delivering provably secure networking for the quantum computing age


Cyber security threats are increasing rapidly – particularly the threats posed by quantum computers

The public key cryptography used to protect our sensitive data today will be rendered insecure by the widescale availability of powerful quantum computers. It is critical that we keep our important confidential data quantum-safe – and doing so requires a new approach to security.

Quantum-Secure Networking is the solution – and Quantum Key Distribution enables it.

QKD is a method of distributing quantum-safe encryption keys between parties, and it’s the backbone of quantum-secure networks. Rather than mathematics, it uses the quantum properties of light to generate secure random keys for encrypting and decrypting data, ensuring QKD-protected transmissions can never be intercepted and decrypted by adversaries. This approach makes QKD provably secure, even against attacks that utilise quantum computers.

Benefits of Quantum Key Distribution (QKD)

Deployable today, providing quantum-safe security regardless of an adversary’s computing power
Capable of detecting and mitigating eavesdropping attacks
Provably secure and immune to future developments in mathematics and computing

Toshiba QKD Systems

Long Distance QKD System LD

  • Ensures quantum-secure networking over distances of 150 km+
  • Optimises CAPEX, with fewer systems required to meet your distance needs
  • Proprietary active stabilisation technology that adapts to the network environment

Multiplexed QKD System MU

  • Developed to deliver QKD in complex metro-scale environments, with the simplest integration
  • Provably secure protection provided by the most advanced QKD protocol
  • Proprietary active stabilisation technology that adapts to the network environment

Flexible QKD System LE

  • Developed to deliver QKD in complex metro-scale environments, with the simplest integration
  • Provably secure protection provided by the most advanced QKD protocol
  • Proprietary active stabilisation technology that adapts to the network environment
A technician adjusting a cable

Why Toshiba QKD

Two decades of research, and unparalleled expertise.

Toshiba has been at the cutting-edge of quantum cryptography since 1999. We’re responsible for a series of world firsts in QKD development and deployment, and we continue to push the boundaries of quantum communication technologies. Our unique and patented QKD systems provide superior performance and real operational and business benefits – helping you to de-risk your network deployment while providing business agility.

About Us
A photo of Andrew Shields

With a doctorate from Imperial College London and over 500 published papers in the field of quantum devices and systems, Dr Andrew Shields is a recognised world-leading expert with a highly respected, and growing, body of research.

Dr Andrew Shields, Head of Toshiba Quantum Technology Division


QKD in detail


Keeping data secure is more challenging than ever. Sensitive information is increasingly stored on remote servers, including the cloud. Any data transmitted and retrieved over public or private networks from these locations must be encrypted to stay secure. While cyber security attacks have boomed, public key cryptography – the encryption techniques that protect much of our internet activity today – has provided an effective barrier, keeping malicious actors at bay.

“A large-scale quantum computer will render conventional public key cryptography useless”

All this changes with the arrival of quantum computing. A cryptographically relevant quantum computer will reduce the time taken for an attacker to break public key encryption from thousands of years to a matter of minutes.

Quantum Key Distribution is the solution – and it’s available now.

What is QKD?

Quantum Key Distribution technology uses the laws of quantum physics to create and distribute secure keys which prevent the decryption of data. Data protected by QKD is resilient to attack by a quantum computer or any other powerful computing resource. It provides protection from current attack methods, and, crucially, also provides resistance against future developments in quantum computing and mathematics.

How does QKD work?

QKD is an optical technology that uses the quantum states of photons of light to transmit a secret key between two parties, enabling them to securely encrypt and decrypt data.

A key feature of the technology is its ability to detect and mitigate interception. A fundamental law of quantum physics – that observation itself disturbs the quantum state of a particle – means that if an eavesdropper tries to intercept the QKD signal, it will immediately change the signal’s state. This makes the interception detectable and ensures any intercepted information is immediately discarded.

How do you implement QKD?

By deploying a Toshiba QKD system on to an optical fibre network. There are two ways to do this:

  • By integrating a QKD signal onto an existing deployed fibre (which is carrying classical data channels) using wavelength division multiplexing (WDM), with one of our Multiplexed (MU) QKD systems.
  • By using dedicated fibre and deploying our Long-Distance (LD) or Flexible (LE) QKD systems.

Toshiba’s Multiplexed QKD systems include filters for simple integration into existing fibre networks and data services: all user traffic can be passed through the unit without requiring additional multiplexing hardware.

A diagram illustrating QKD network

The schematic shows an example use case, with an AES encryptor obtaining keys from a Multiplexed QKD system to secure high-bandwidth data streams.

What are the security implications of quantum computing?

While it would take a conventional computer thousands of years to crack the encryption methods securing much of the web today, a sufficiently powerful (or cryptographically relevant) quantum computer would be able to decrypt the data in minutes. That means all communications – including transfer of sensitive records, such as financial and medical information – will be at risk.

Public key cryptography is widely used for exchanging encryption keys or for signing and verifying documents and transactions. Its security relies on the difficulty of certain mathematical problems, such as factoring a large number into its primes or the discrete logarithm problem. These problems can take many years to solve on a conventional computer. However, a quantum computer running Shor’s algorithm can efficiently solve these problems, thereby breaking their security and rendering today’s public key cryptography useless.

Why is encrypted data vulnerable in transit?

“Harvest now and decrypt later” attacks have been in the public awareness for some time, but have presented more of an abstract threat than a tangible one. As the availability and reliability of quantum computers increases, these kinds of attacks will come to fruition. Attackers who previously recorded and stored encrypted data in transit will be able to crack conventional public key encryption.

QKD mitigates this threat by making interception of the secure key that decrypts the data impossible.

Why should you implement quantum-safe security?

Once quantum computers become readily available, the security methods we currently rely on to encrypt our data will no longer be effective.

Quantum-safe security is designed to ensure that even with a quantum-powered machine and endless amounts of time, malicious actors will not be able to decrypt communications. It uses the laws of quantum physics to counteract any attempt by a quantum computer to decrypt data transfers.

The security provided by QKD is not widely available on common fibre network infrastructures. It is only by implementing quantum-safe security that you can be certain of the integrity of your communications in a post-quantum world.

Where is QKD most applicable?

QKD creates and distributes secure encryption keys that are important for protecting highly sensitive data for many industries, as well as the critical infrastructure that underpins our society.

Robust levels of security are required in many sectors, including telecommunications networks, finance, defence, utilities and health sectors. In healthcare, the technology has been applied to ensure the secure transmission of medical data in Austria and genome data in Japan. Within the public sector, QKD is used to provide the government with secure communications; in the finance industry, to protect banking network infrastructure; and in aerospace and pharmaceuticals, to protect high-value long-life intellectual property.

What is Post-Quantum Cryptography (PQC)?

Post-Quantum [Computing] Cryptography (PQC) refers to new cryptographic algorithms that are not based on the integer factorisation or discrete logarithm problems and are believed to be secure against attack by Shor’s algorithm on a quantum computer. PQC uses complex mathematics to create encryption keys, and although its algorithms have been in development for some time, they have not yet been standardised, adopted and widely deployed.

As PQC has not been subject to the same level of scrutiny as the public key cryptography used over the past 40 years, we can expect some of these PQC algorithms will be broken in the coming years. This could be by a new algorithm on a quantum computer, or new methods in cryptanalysis using ordinary computers. Indeed, effective attacks have been demonstrated on several proposed PQC algorithms.

Unlike PQC, Quantum Cryptography is provably secure, and is available and deployable today. Its security relies on fundamental laws of nature, which makes it immune from advances in quantum computing, mathematics, or eavesdropping activities.

Can you implement QKD together with PQC?

Once PQC algorithms are fully standardised and widely available, it will be possible to deploy both QKD and PQC in conjunction. Indeed, there may be benefits in doing so. However, data needs to be protected and quantum safe today – organisations should not wait until PQC is ready and widely deployed.

For critical and sensitive data, key network routes and entities in the most ‘at risk’ sectors, deploying QKD now is the only way to secure networks from quantum-level attacks. It will be possible (and, as mentioned, potentially beneficial) to then add PQC in future, providing so-called ‘defence in depth’, with multiple layers of complex security keeping attackers at bay.

What are BB84 & T12?

The Bennett-Brassard 1984 protocol, known as BB84, is a proven-secure method of exchanging quantum keys based on the ‘uncertainty principle’, which states that quantum data cannot be intercepted, copied, or measured without disturbing it.

BB84 generates the secure quantum keys used to encrypt data in QKD systems. Since it’s necessary to exchange the secret keys over potentially unsecured channels, BB84 allows for the exchange of a key that, even in the event of eavesdropping, cannot be used by anyone except the intended recipient.

The BB84 protocol is the first and most rigorously studied way to exchange keys in quantum communications.

All Toshiba QKD products use an efficient implementation of the BB84 protocol called T12, which offers the highest possible secure key rates and operation over the longest fibres.

When should you implement QKD?

As soon as possible. Implementing a new, quantum-secure cryptography approach takes time, and advances in quantum computing and its impending availability mean that quantum-safe methods of data encryption are soon going to be vital. Anyone operating without one will be in danger of having their secure data compromised.

It’s understood that malicious actors are already engaging in so-called ‘harvest now, decrypt later’ attacks, whereby they’re gathering encrypted data from organisations, with the intention to access it once quantum computers are more readily available.

For this reason, organisations should secure their most vulnerable infrastructure first – updating high-priority data paths, DC interconnects, and other critical infrastructure which is more likely to come under attack should they be targeted.

The sooner an organisation or individual transitions to quantum-secure networking, the safer it or they will be.



Independent Security Evaluation of Toshiba Quantum Key Distribution Technology

The UK National Physical Laboratory (NPL) performed independent assessment of various critical parameters of Toshiba’s Quantum Key Distribution (QKD) technology. These measured quantities are integral to the product’s security and have been validated to match expected values.

Case study

London Quantum-Secured Metro Network (PDF, 480KB)

This paper covers a commercially-ready QKD metro network built in London, complete with customer access tails and an aggregated central metro node, able to support multiple customers. The solution includes a full Key Management System; encrypted classical Ethernet data on the same fibre and a Data Communications Network (DCN) for full remote monitoring at BT’s Network Operations Centre (NOC).


To access this document please complete the form below: