QKD comes up in board conversations because it sounds compelling — “physics-based security.” Most CISOs need to be able to engage with the marketing without committing to a deployment that will burn budget. This module is the analytical framing.
What QKD actually does
Two parties (Alice and Bob) want to share a secret key. They have a fibre-optic link. Alice sends single photons in randomly-chosen quantum states (e.g., polarisation H, V, +45°, -45°). Bob measures each photon in a randomly-chosen basis. Through a public channel, they reveal which basis they used (not the values), and discard photons where bases differed. The remaining photons constitute the shared key.
If an eavesdropper intercepts photons, by the laws of quantum mechanics (no-cloning theorem), measurement disturbs the state. Alice and Bob detect this disturbance via their statistical comparison and abort the key exchange.
The most-deployed protocol is BB84 (Bennett-Brassard 1984). E91 (Ekert 1991) uses entangled photon pairs; both have variants, both work in production.
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.