A “quantum secret sharing” scheme that allows 10 parties to share information securely – the highest number so far – has been developed and demonstrated by researchers in South Africa. The protocol involves each party performing quantum operations on the photon without measuring its state and the team says it could help increase both the rate at which data is shared on secure quantum networks and how many parties can be involved in the sharing.
In the original quantum key distribution (QKD) protocol, two parties, known as Alice and Bob, communicate by exchanging photons polarized in one of two possible bases over an untrusted link, each varying the polarization basis of his or her transmitter or receiver randomly. At the end of the transmission, Alice and Bob reveal to each other which basis they used to measure the photons sent and received, but not the result of the measurements. Alice and Bob then announce their results for a sample of the photons in which they measured in the same polarization basis, to check that the emitted polarization always agrees with the received one. If it does, they can use the remaining photons that they measured in the same basis to form a secure cryptography key that allows them to communicate securely using conventional telecoms technology. A third party that intercepts the photons inevitably disturbs their state, so some of Alice and Bob’s measurements disagree and they know the line is bugged.
While commercial QKD systems are available, the protocol has its shortcomings. One is that photon polarization has only two orthogonal states. These are traditionally used to represent 1 and 0, as in a conventional bitstream. Given the technical difficulty of sending and detecting isolated single photons, however, it is highly desirable to pack more information into each photon. In the new research, therefore, Andrew Forbes and colleagues at the University of Witwatersrand in Johannesburg encoded the data not in the polarization of the photon, but in its orbital angular momentum (OAM) –which can, in principle, be infinitely large. “Polarization has only two possibilities, just like a coin which can only be heads or tails,” explains Forbes, “OAM is like an infinite-sided dice.”
A second problem is that the traditional protocol allows only pairwise communication. “As soon as the receiver makes the measurement, the photon is destroyed,” explains Forbes. “There is fundamentally no way that you could extend that network from beyond just two people. Of course, the person who received it could repeat the whole exercise, but that’s not how normal networks work. You would like to be able to send your information to multiple people…and you’d like them only to be able to decrypt it if you trust them.”
To address this shortcoming, Forbes and colleagues have created a “pass-the-parcel” scheme by which photons in a superposition of 11 possible OAM states could be sent sequentially between 10 parties, eventually arriving back at the original sender. Each party performs one or more of a set of possible predefined operations on the OAM of the photon, but none of them measures its state. Only after the photon has completed its circuit does the party that originally emitted the photon (“the distributor”) measure its final state and compare it to the state of the photon originally transmitted.
If the parties trust one another, they can use this information to share a secret message without having to exchange any information of use to a third party. The actual states of the photon are only ever known to the distributor. Better still, says Forbes, it does not theoretically require that all the parties be trusted: “In our experiment we had 10 parties and we set it that all of them had to trust one another, but actually you can have anything less than 10,” says Forbes. “So, I could set it so that the information is spread across 10 people, but as long as two, three or four people trust one another, then those parties could collaborate to extract the key. That’s the power of the protocol: sharing and distributing a secret in a secure way, which QKD doesn’t allow you to do.”