Does Quantum Key Distribution (aka: QKD) qualify as "Cryptography"?

Question

This may be a polemic question, but since I did read the rules of the site and "terms and definitions" appear to be legitimate subjects, I want to raise this because I find this interesting, and I want to find out if someone can give me a new perspective on the matter.

Historically, Cryptography was not concerned with the communication channel. The whole point of most Cryptographic devices, protocols, algorithms, etc. was to transform information in a way that no matter how it is carried, where it is stored, etc. remains incomprehensible to an adversary. Classical Cryptography assumes that the channel is completely accessible and open to any attacker and has no innate special properties.

Now, it is obvious that in QKD the situation is quite the opposite: the whole basis of QKD protocols is the reliance on a Quantum Channel. Without allowing for the quantum phenomenon of superposition, entanglement, etc. which are enabled by such a channel, these protocols simply cannot work as intended - they are built around the assumption that the channel allows for such phenomena, and hence QKD protocols exploit them in very ingenious ways.

However, it may be argued, that even if we say that QKD protocols are security protocols, as opposed to cryptographic protocols, it is still clear that their application is directly related to Cryptography: establishing a mutual secret key, which later can be used to carry out secret communication via any channel (be it classical or a quantum channel. or even a raven :)).

I do think it's important to use language consistently. In fact, my trigger for writing this question was a disagreement about this with someone in the comment section in another Q. By no means do I write this just to "see who is right" however, I think disagreements can be a productive source for refining our ideas and in this case, our language :) So, I'll be glad to hear your thoughts on the matter, whatever they may be.

Answer 1

The whole point of most Cryptographic devices, protocols, algorithms, etc. was to transform information in a way that no matter how it is carried, where it is stored, etc. remains incomprehensible to an adversary.

I believe the point of cryptography is to achieve the security goals (for example, privacy); the means to that end, for most cryptography, may be to transform that data to be incomprehensible, true, however that's not necessarily the only way.

Classical Cryptography assumes that the channel is completely accessible and open to any attacker

QKD also does not assume a trusted channel, that is, one that cannot be monitored (privacy, of course, would be trivial with such a channel). Instead, QKD relies on being able to detect when that channel is monitored (which would allow the end points to take appropriate action).

So, if the question is about definitions, yes, in my opinion, QKD does fall within the definition of 'cryptography'.

BTW: QKD is not synonymous with Quantum Cryptography; certainly, QKD is one example of Quantum Cryptography (and certainly the most well-known one), however other cryptographic uses of Quantum Mechanics have been proposed.

Answer 2

QKD is a method for key establishment. I guess that is part of cryptography by definition. If you have a fast QKD system you could even use the key stream as an OTP, and in that case you could even encrypt messages directly, only using XOR as an addition (and of course some method of advancing through the plaintext / ciphertext, but yeah).

As everybody will probably accept that key establishment is part of cryptography then QKD should be considered part of cryptography.

---

The rest of your question is about how QKD may not be part of cryptography because of the way it operates. That's in my opinion besides the point; if it is part of a numerical system that can be used to achieve message confidentiality then it is part of cryptography. I'd also indicate that modern cryptography contains algorithms such as CSPRNG's and many other notions that are not directly about message confidentiality in a channel.

If Caesar or Vigenere would like to disagree on the definition they only have to say. They might however indicate that we should be talking about cryptology instead of cryptography in this scenario. Languages and definitions change; applying terms from classical cryptography to QKD is - in my opinion - an act of futility.