BB84

Quantum Key Distribution · Bennett–Brassard 1984

Watch Alice send polarized photons in random bases, Bob measure and sift a shared key, and Eve's interception spike the QBER to ~25% and expose her.

SIMULATED — This demo simulates the BB84 protocol classically. No actual photons or quantum states are produced. Security claims assume a perfect implementation.

Press Run Without Eve or Run With Eve to send photons down the channel.

Line angle = basis + bit: 90° · ⊕ bit 1 0° · ⊕ bit 0 45° · ⊗ bit 0 135° · ⊗ bit 1
ALICE BOB

Click a photon as it lands to read what Alice encoded on it.

Photons sent: 0 Sifted: 0 (0%) Errors: 0 (0%) Key bits: 0
Key bit — bases matched Error — noise or Eve Discarded — bases differ Eve intercept ⊕ rectilinear · ⊗ diagonal

Sifting — keep the photon only when the bases match

Showing a sample of photons. Bob picks his basis independently and at random, with no knowledge of Alice's — so bases agree about half the time.

For each sampled photon: Alice's bit, Alice's basis, Bob's basis, and whether the photon is kept or discarded.
#
Alice bit
Alice basis
Bob basis
Sift

Run the protocol to build the per-photon sifting table.

All photons at a glance kept discarded error (sacrificed)

BB84 PROTOCOL

SECURITY ANALYSIS

0% 50%
How a large quantum computer affects common cryptographic schemes compared with BB84.
Security TypeBasisQuantum computer breaks it?
RSA-2048FactoringYES — Shor's algorithm
ECDSA P-256Discrete logYES — Shor's algorithm
AES-256Brute forceREDUCED — Grover (128-bit eff.)
ML-KEM (Kyber)LatticeBELIEVED NO — unproven
BB84 QKDPhysicsNO — information-theoretic
The no-cloning theorem (Wootters & Zurek, 1982) states that an unknown quantum state cannot be perfectly copied without disturbing the original. Eve's only option: measure the photon and resend a new one. But she does not know Alice's basis. If she guesses wrong: • She collapses the photon to her basis • She resends in her measured state • Bob, using Alice's correct basis, gets a random result 50% of the time • This produces a ~25% QBER when Eve intercepts all photons Even with a quantum computer, Eve cannot do better. The security is guaranteed by physics, not by computation.

REAL-WORLD LIMITATIONS

✗ Distance: ~100km max in fiber without quantum repeaters ✗ Infrastructure: requires single-photon sources and detectors ✗ Key distribution only: does not provide authentication or signatures ✗ Trusted nodes: long-distance networks require trusted relay points which reintroduce classical vulnerabilities ✗ Side channels: timing, power, or implementation flaws can leak information not protected by quantum mechanics This simulation assumes a perfect implementation — the no-cloning theorem protects the quantum channel, not the hardware around it. QKD and post-quantum cryptography are complementary: PQC for most infrastructure, QKD for highest-value point-to-point links.

DEPLOYED QKD NETWORKS (2026)

China: 2,000km Beijing–Shanghai ground network + Micius satellite Europe: EuroQCI linking EU member states (in deployment) Asia: Metropolitan networks in South Korea, Japan, Singapore