La Cryptographie Quantique — [Le protocole BB84]

This video discusses quantum cryptography, a field recently recognized with the Turing Award given to Charles Bennett and Gilles Brassard for their pioneering work. The Turing Award is considered the Nobel Prize of computer science. The video aims to explain the cryptographic methods Bennett and Brassard developed to secure communications using unique quantum properties like superposition and entanglement. To understand quantum cryptography, it's essential to first grasp the basics of traditional cryptography. When sending a message over a potentially insecure channel, such as the internet, sensitive information is encrypted—transformed into incomprehensible gibberish—before transmission. The recipient then decrypts it using a shared encryption key. This key is typically a long string of numbers or characters that acts as a parameter for both encryption and decryption operations. If only the sender and receiver know the key and it's sufficiently complex, their communication remains secure. The main challenge in traditional cryptography is the "key distribution problem": how do two parties agree on a secure encryption key if they haven't met physically to exchange it? Sending the key in plain text over an insecure network would defeat its purpose. Current solutions often rely on arithmetic problems, particularly those involving prime numbers. However, these methods are theoretically vulnerable to an attacker with a "monstrously powerful" computer, which could eventually break the encryption key. While such computers don't exist yet, there's a concern that sensitive data encrypted today could be decrypted in the future as computing power advances. This makes current cryptographic methods not "future proof." Quantum cryptography, specifically the BB84 algorithm developed by Bennett and Brassard in 1984, addresses this vulnerability. BB84 is a quantum key distribution algorithm that allows two distant individuals to securely agree on an encryption key. The security isn't about preventing interception, but rather guaranteeing that if interception occurs, the parties will immediately detect it. This is likened to sealing a message with wax and a personal stamp; if the seal is broken upon arrival, the recipient knows the message has been compromised. Similarly, BB84 uses a "quantum seal" that, if broken, reveals the presence of an eavesdropper. The BB84 algorithm uses photons as quantum systems. Photons have a property called polarization, which is their preferred direction in the plane perpendicular to their propagation. For instance, a photon can be horizontally or vertically polarized. These polarizations can be used to encode binary information (0s and 1s). Alice, the sender, can use a polarizer to send photons with specific polarizations, and Bob, the receiver, can use a detector to measure these polarizations and decode the message. The quantum aspect becomes apparent when Alice uses different "bases" for polarization. Besides the "rectilinear base" (horizontal/vertical), she can use a "diagonal base" (two diagonal polarizations). If Alice sends a diagonally polarized photon and Bob's detector is set to the rectilinear base, his measurement will be random, activating either the horizontal or vertical detector with a 50/550 chance. This is because, quantum mechanically, diagonal polarization can be seen as a superposition of horizontal and vertical polarizations. The crucial point is that it's impossible to know in advance which base a photon was prepared in; one must choose a setting and hope it's correct. If the wrong base is chosen, the information is lost or randomized, and there's no way to know if the chosen base was correct or incorrect. This is a fundamental quantum phenomenon, unlike measuring a straight line on paper, where its direction can be precisely determined. This principle forms the basis of the quantum "broken seal." To establish a shared key, Alice first generates a random sequence of 0s and 1s. For each bit, she randomly chooses either the rectilinear (+) or diagonal (x) base to polarize a photon and sends it to Bob. Bob, not knowing Alice's chosen base for each photon, randomly chooses a base for his detector for each incoming photon. When Bob's chosen base matches Alice's (which happens about half the time), he correctly reads the bit. When his base doesn't match, his measurement is random. After all photons are transmitted, Alice and Bob communicate over a classical channel (like the internet) to reveal only the *bases* they used, not the actual bit values. They discard all bits where their chosen bases didn't match. For the remaining bits, where their bases aligned, they are theoretically certain to have the same sequence of 0s and 1s, which forms their shared encryption key. Now, consider an eavesdropper, traditionally named Eve. If Eve intercepts the photons, she faces the same problem as Bob: she doesn't know which base Alice used. So, Eve must also randomly choose a base to measure each photon. If she guesses correctly (50% of the time), she can measure the photon's true polarization and re-send an identical photon to Bob. However, if she guesses incorrectly, her measurement will be random. More importantly, to re-send a photon to Bob, she must create a new one based on her measurement. If her measurement was random due to choosing the wrong base, the photon she re-sends will be different from Alice's original. Therefore, if Eve is present, she will introduce errors into the communication between Alice and Bob. After Alice and Bob have discarded bits where their bases didn't match, they can sacrifice a small portion of their remaining shared bits, revealing their values to each other over the classical channel. If these sample bits don't match perfectly, it indicates that Eve has been tampering with the photons, introducing errors. This is the quantum equivalent of the "broken seal." If too many discrepancies are found, Alice and Bob can discard the compromised key and try again or use a different channel. While the described scenario is idealized, practical implementations involve probability calculations. Alice and Bob achieve a guaranteed level of security based on the noise in the line and the number of bits sacrificed for error detection. If the probability of their key being compromised exceeds a certain threshold, they can restart the process. The fundamental reason for this security lies in quantum mechanics: it's impossible to measure the polarization of an unknown photon with certainty. Any measurement potentially disturbs the system unpredictably. This is also linked to the "no-cloning theorem," which states that it's impossible to create an identical copy of an unknown quantum state. Eve cannot simply "photocopy" the photons and then measure the copies without being detected, because cloning an unknown quantum state is impossible. Beyond BB84, other quantum cryptographic protocols exist, often based on quantum entanglement. Examples include BBM92 (by Bennett, Brassard, and Mermin) and E91 (by Arthur Eckert). BBM92 is similar to BB84 but uses pairs of entangled photons whose polarizations are always opposite. If Eve intercepts one photon from an entangled pair, her measurement will introduce discrepancies that Alice and Bob can detect. E91 is more complex, relying on the violation of Bell's inequalities, an experimental signature of quantum entanglement, famously demonstrated by Alain Aspect (who won a Nobel Prize in 2022). In E91, Alice and Bob sacrifice some photons to verify that the quantum correlations indeed violate Bell's inequalities as expected. If Eve is listening, these quantum correlations will be disrupted, revealing her presence. E91 is considered more robust against certain types of attacks, such as manipulative signals sent to detectors, compared to BB protocols. Practical challenges in quantum cryptography include ensuring truly random number generation and secure authentication over classical channels. For example, in a "man-in-the-middle" attack, Eve could impersonate Alice to Bob and vice-versa. However, classical cryptographic methods like digital signatures can address authentication issues. BB84 is already commercially deployed, while E91 and its variants are still in development, with notable demonstrations from projects like China's Micius satellite. Quantum cryptography is seen as a potential successor to classical cryptography, especially as the development of quantum computers threatens to break current arithmetic-based encryption methods. It's ironic that quantum mechanics presents both the problem (quantum computers breaking classical crypto) and the solution (quantum cryptography).