Quantum is getting hot in 2019, and even Ciro Santilli got a bit excited: quantum computing could be the next big thing.
No useful algorithm has been economically accelerated by quantum yet as of 2019, only useless ones, but the bets are on, big time.
To get a feeling of this, just have a look at the insane number of startups that are already developing quantum algorithms for hardware that doesn't/barely exists! quantumcomputingreport.com/players/privatestartup (archive). Some feared we might be in a bubble: Are we in a quantum computing bubble?
To get a basic idea of what programming a quantum computer looks like start by reading: Section "Quantum computing is just matrix multiplication".
Some people have their doubts, and that is not unreasonable, it might truly not work out. We could be on the verge of an AI winter of quantum computing. But Ciro Santilli feels that it is genuinely impossible to tell as of 2020 if something will work out or not. We really just have to try it out and see. There must have been skeptics before every single next big thing.
Man-in-the-middle attack
quantumcomputing.stackexchange.com/questions/142/advantage-of-quantum-key-distribution-over-post-quantum-cryptography/25727#25727 Advantage of quantum key distribution over post-quantum cryptography has Ciro Santilli's comparison to classical encryption.
BB84 is a good first algorithm to look into.
Long story short:
- QKD allows you to generate shared keys without public-key cryptography. You can then use thses shared keys
- QKD requires authentication on a classical channel, exactly like a classical public-key cryptography forward secrecy would. The simplest way to do this is a with a pre-shared key, just like in classical public key cryptography. If that key is compromised at any point, your future messages can get man-in-the-middle'd, exactly like in classical cryptography.
QKD uses quantum mechanics stuff to allow sharing unsnoopable keys: you can detect any snooping and abort communication. Unsnoopability is guaranteed by the known laws of physics, up only to engineering imperfections.
Furthermore, it allows this key distribution without having to physically take a box by car somewhere: once the channel is established, e.g. optical fiber, you can just keep generating perfect keys from it. Otherwise it would be pointless, as you could just drive your one-time pad key every time.
However, the keys likely have a limited rate of generation, so you can't just one-time pad the entire message, except for small text messages. What you would then do is to use the shared key with symmetric encryption.
Therefore, this setup usually ultimately relies on the idea that we believe that symmetric encryption is safer than , even though there aren't mathematical safety proofs of either as of 2020.