The Quantum Threat to Cybersecurity

Quantum computing poses significant cybersecurity risks as it has the potential to render current encryption algorithms obsolete within the next decade, threatening the security and privacy of individuals, organizations, and nations.

The National Institute of Standards and Technology (NIST) has released post-quantum cryptography algorithm standards designed to withstand the encryption-breaking capabilities of quantum computers and secure various electronic information formats.

Experts anticipate that advancements in quantum computing will compromise most conventional asymmetric cryptography by 2029, necessitating urgent adaptations in security practices to mitigate potential threats.

While quantum technology continues to develop, it also offers new opportunities for improving security through advancements in quantum networking and secure communication methods like quantum key distribution (QKD) and quantum random number generation (QRNG).

Organizations must adopt proactive measures, including transitioning to post-quantum cryptography and monitoring standardization efforts by organizations like NIST, to align their cybersecurity strategies with the emerging quantum threat landscape.

Understanding Quantum Computing

Quantum computers utilize qubits, which can exist in a state of superposition, allowing them to represent both 0 and 1 simultaneously, a capability that classical computers lack. The development of quantum computers poses a potential risk to current encryption algorithms, such as RSA and Elliptic Curve Cryptography (ECC), which rely on mathematical problems that quantum computers could solve much more efficiently.

Shors Algorithm exemplifies the disruptive potential of quantum computing, as it can rapidly solve factoring problems that are foundational to the security of modern cryptosystems.

The transition to post-quantum cryptography is essential due to the anticipated advancements in quantum computing, which call for a reassessment of the security of current cryptographic methods. Quantum computers process information through quantum principles like superposition and entanglement, enabling them to perform calculations exponentially faster than classical computers in certain scenarios.

Difference Between Classical and Quantum Computing

Quantum computers utilize qubits that leverage quantum principles such as superposition and entanglement, enabling them to process information in ways that classical computers cannot. In contrast to classical computers, quantum computers can solve specific problems exponentially faster, fundamentally threatening traditional encryption methods like RSA and ECC.

Classical algorithms, such as those used in post-quantum cryptography (PQC), are designed to be secure against adversaries utilizing both classical and quantum computing hardware.

The rapid evolution of quantum computing necessitates a reassessment of existing cryptographic security, particularly with regards to algorithms vulnerable to quantum attacks. The shortcomings of classical computing in addressing certain mathematical problems highlight the need for quantum-safe cryptographic solutions to maintain cybersecurity in the face of advancing quantum technology.

Quantum Computing Capabilities and Risks

Quantum computing presents an increasing risk to widely used encryption methods, potentially compromising data security as it advances over the next decade. Identification and inventory of vulnerable critical infrastructure systems, as outlined in the Post-Quantum Cryptography Roadmap developed by DHS and NIST, is crucial for preparing against quantum threats.

The RAND Corporation assessed that risks from quantum computing affect all of the 55 National Critical Functions, highlighting the pervasive impact of this technology.

The transition to post-quantum cryptography, marked by NISTs selection of public-key encryption and digital signature schemes, represents one of the most complex transitions in the history of the Internet. While post-quantum cryptography aims to address many cybersecurity concerns in a quantum technology-dominated landscape, it does not resolve all existing cybersecurity problems.

ㅤ

Vulnerabilities Introduced by Quantum Computing

Quantum computing poses a significant threat to current encryption systems such as RSA and ECC, which are widely used to secure critical data across various industries like finance and government. As quantum computers advance, they will be capable of solving complex mathematical problems like factorizing large prime number products and addressing the discrete logarithm problem, which are foundational to traditional cryptographic algorithms.

The impending shift to post-quantum cryptography (PQC) is necessary as quantum computers threaten to undermine existing cryptographic protocols, prompting a need for new cryptographic solutions. Current asymmetric cryptography will become vulnerable to decryption using quantum computing techniques, highlighting the urgency for organizations to adopt PQC. The transition to PQC is being facilitated by comprehensive public-private collaborations, led by bodies like NIST, to operationalize new cryptographic algorithms before large-scale quantum computers become a reality.

Impact on Public Key Infrastructure

Public Key Infrastructures (PKIs) rely on authentication algorithms to create, store, verify, and revoke digital certificates essential for secure communications. The complexity of integrating post-quantum (PQ) technologies into existing PKIs necessitates either a dual PKI system or a migration to a fully post-quantum PKI, complicating the transition process. The potential deployment of Controlled Regions of Quantum Computation (CRQC) implies that traditional public-key cryptography algorithms would no longer be effective against quantum attacks.

The shift to post-quantum cryptography is essential due to the vulnerabilities of current public-key encryption schemes, such as RSA and Diffie-Hellman, to quantum attacks using algorithms like Shors. NIST is actively working towards establishing a new post-quantum cryptographic standard to replace existing public-key cryptography that is susceptible to quantum-based attacks.

Risks to Hardware Security Modules

Hardware security modules (HSMs) are crucial for performing sensitive cryptographic computations and are often designed with special-purpose features to enhance security against hardware-related vulnerabilities. Imperfections in cryptographic implementations can arise from human errors, such as software bugs or discrepancies, necessitating rigorous testing and formal verification methods to ensure the reliability of HSMs.

Physical properties of hardware, including side-channel vulnerabilities, can significantly impact the security of cryptographic algorithms executed within HSMs, highlighting the need for secure design practices. The transition to post-quantum cryptography will require HSMs to support new quantum-resistant algorithms, which may involve accommodating larger key sizes and complex adaptations in certificate lifecycle management systems. Ensuring that HSMs have crypto agility is essential for maintaining security, allowing organizations to adopt new cryptographic algorithms rapidly to counter the emerging risks posed by quantum computing.

Threats to Data Encryption Techniques

Quantum computings ability to perform multiple calculations simultaneously poses a significant threat to current cryptographic algorithms, potentially compromising the security of sensitive data whether in transit, in use, or stored. The harvest now, decrypt later threat emphasizes that encrypted sensitive data could be collected now and decrypted in the future as quantum computing technology advances.

Sensitive data in sectors such as finance, healthcare, and government is particularly vulnerable, as these industries rely heavily on encryption for securing transactions and protecting confidential information. The financial industry faces a risk of quantum attacks disrupting secure communications between banks and compromising payment systems, which could expose sensitive financial records.

Governments utilize encryption to secure classified information and national security assets, meaning a breach caused by quantum computing could lead to severe consequences, including espionage and data leaks.

NIST's Role in Standardizing Post-Quantum Cryptography

The National Institute of Standards and Technology (NIST) initiated a process in 2016 to solicit, evaluate, and standardize new cryptographic algorithms capable of withstanding the power of quantum computers. NIST has finalized a principal set of post-quantum encryption algorithms aimed at protecting various forms of electronic information, including confidential communications and e-commerce transactions. The new standards developed by NIST are designed to replace current public-key cryptography, which is vulnerable to attacks from quantum computers.

NISTs efforts include creating technical standards for post-quantum encryption that encompass varied approaches and multiple algorithms to enhance security across different applications. NIST is encouraging organizations to begin transitioning to the newly standardized post-quantum cryptographic algorithms to address emerging threats from quantum computing as soon as possible.

Overview of NIST's PQC Project

Since 2016, NIST has been actively standardizing post-quantum cryptography (PQC) algorithms in collaboration with the international cryptography community to ensure robust cryptographic solutions against quantum computing threats.

In August 2024, NIST published a standard for key establishment (ML-KEM or CRYSTALS-Kyber) and two standards for digital signatures (ML-DSA or CRYSTALS-Dilithium and SLH-DSA or SPHINCS+), marking a significant milestone in the migration to PQC. The process of evaluating PQC candidates involved widespread participation from leading cryptographers, which underscored NISTs commitment to transparency and public involvement in developing effective cryptographic standards.

NIST has emphasized the importance of creating trusted implementations of selected algorithms that can be integrated into protocols and systems for practical application in securing communications. Organizations are encouraged to engage with NIST and other standards-defining organizations to stay informed about the latest developments in PQC and prepare for future transitions in their cryptographic systems.

Key Features of Proposed Quantum-Resistant Algorithms

Proposed quantum-resistant algorithms are being standardized by NIST, following the assessment of 82 algorithms from 25 countries to counter threats from quantum computers. These quantum-resistant algorithms include a variety of cryptosystems based on hard computational problems such as high-dimensional lattices, multivariate quadratic equations, and error-correcting codes. Unlike current public-key encryption schemes like RSA and ECC, which are vulnerable to quantum attacks, the new algorithms are designed to resist both classical and quantum computational methods.

Many post-quantum algorithms exhibit a requirement for larger key sizes compared to traditional cryptosystems, reflecting the trade-off between key size, computational efficiency, and security. The implementation of quantum-resistant algorithms is critical for organizations cybersecurity strategies, particularly in the context of the harvest now, decrypt later vulnerability associated with sensitive data.

Transitioning to Post-Quantum Cryptography

Transitioning from traditional cryptography to post-quantum cryptography requires organizations to ensure that their existing infrastructure can support new algorithms and establish a clear inventory of cryptographic assets. The transition to post-quantum cryptography is anticipated to address many cybersecurity concerns posed by the widespread use of quantum technologies, although it will not resolve all cybersecurity issues.

A comprehensive strategy involving a phased approach is essential due to the significant impact upgrading cryptographic systems will have on various applications, infrastructure, and processes. Organizations must take proactive measures now, including assessing the value of their data through the lens of quantum computing, to ensure a smooth migration to new post-quantum cryptographic standards adopted by NIST. Preparing for post-quantum cryptography entails identifying and prioritizing the most sensitive datasets that need long-term protection, as these may be at risk from potential future quantum computer capabilities.

Challenges in Adopting New Standards

The adoption of post-quantum cryptography (PQC) standards necessitates careful planning, significant investment, and operational adjustments, particularly for large enterprises with complex systems. Upgrading cryptographic systems to align with new standards is a substantial undertaking that affects numerous applications, infrastructure, and processes within organizations.

Ensuring compatibility between existing legacy systems and new quantum-resistant algorithms poses a considerable challenge that requires thoughtful consideration. Historically, the transition from the standardization of a new cryptographic algorithm to its full integration into information systems can take 10 to 20 years, complicating timely adoption. Organizations must conduct risk assessments to identify vulnerabilities and prioritize critical systems as part of a phased approach to adopting post-quantum cryptography.

Importance of Hybrid Cryptographic Schemes

The transition to hybrid cryptographic schemes (PQ/T) is recommended as an interim measure, providing organizations a flexible framework to migrate smoothly to post-quantum cryptography (PQC) in the future. A PQ/T hybrid scheme (as defined in this IETF Draft) is one that combines one (or more) PQC algorithms with one (or more) traditional PKC algorithms where all component algorithms are of the same type. For example, a PQC signature algorithm combined with a traditional PKC signature algorithm to give a PQ/T hybrid signature. Implementing hybrid authentication within a Public Key Infrastructure (PKI) adds complexity and may require either dual PKIs or a PKI capable of generating both traditional and post-quantum digital signatures.

Hybrid schemes allow organizations to layer protection during the transition, blending classical encryption with post-quantum methods to enhance data security against evolving threats. Adopting a hybrid encryption strategy enables organizations to respond to the increasing urgency posed by quantum advancements while still maintaining some reliance on traditional cryptographic methods. The need for crypto agility is heightened in hybrid approaches, requiring organizations to adapt to evolving cryptographic standards and enhance their governance and deployment strategies.

ㅤ

Preparing for the Post-Quantum Era

Organizations must create a comprehensive inventory of their current cryptographic hardware and software implementations to prepare for the transition to post-quantum cryptography. The establishment of a Cryptographic Bill of Materials (CBOM) is essential for organizations to identify vulnerabilities and plan for necessary upgrades to quantum-resistant solutions.

Proactive measures, including the adoption of NIST-approved quantum-resistant algorithms, are crucial to mitigate the risks posed by future quantum computing technologies to maintain the confidentiality and integrity of sensitive data. The transition to post-quantum cryptography is not only a technological upgrade but also requires increased budget allocation and staff training to effectively implement quantum-resistant solutions.

Collaborative efforts across sectors, along with robust education and adoption strategies, are necessary to ensure the successful implementation of post-quantum cryptographic standards being established by organizations like NIST.

Assessing Organizational Cybersecurity Readiness

A comprehensive Quantum Readiness Assessment helps establish a baseline of an organization’s cryptographic posture and identify vulnerabilities to quantum attacks. Conducting an inventory of all cryptographic assets, including encryption algorithms and key management systems, is crucial for understanding current exposure and future needs.

Risk assessments should evaluate the potential impact of quantum attacks on critical assets and data, considering elements such as business operations and reputational risk. Identifying gaps in the current cryptographic infrastructure relative to post-quantum requirements is essential for informing future transition strategies. A coherent long-term strategy and roadmap are necessary for organizations to transition to quantum-secure practices effectively and mitigate risks associated with emerging threats.

Implementing Risk Management Strategies

Organizations are required to develop multi-layered, adaptable cryptographic approaches to quickly respond to evolving technological risks posed by quantum threats.

The transition to post-quantum cryptography (PQC) necessitates a comprehensive inventory of cryptographic systems and understanding of associated vulnerabilities across enterprises. Effective risk management in the wake of quantum computing advancements involves robust policies, global collaboration, and a commitment to developing a skilled workforce. As cloud and SaaS dependencies increase, it has become critical for organizational leadership to understand and mitigate quantum risks as part of their cybersecurity strategies.

The collaboration between NIST and DHS aims to provide organizations with concrete steps to prepare for the transition to post-quantum cryptography, thereby addressing future risk scenarios.

Long-Term Data Protection in a Quantum World

The development of post-quantum cryptography (PQC) is crucial as quantum computers are expected to break current encryption systems within the next decade, threatening the security and privacy of individuals, organizations, and nations. Organizations should focus on migrating to quantum-safe strategies today, including the implementation of quantum-resistant algorithms and practices such as quantum key distribution (QKD) to ensure long-term data protection.

To prepare for the threats posed by quantum computing, a comprehensive review of sensitive data and transition plans for quantum-resistant encryption methods are recommended. Investing in training and awareness for IT and security personnel on quantum threats and PQC is essential for mitigating risks associated with quantum cybersecurity challenges.

Continuous advancements in quantum computing technology, including error correction and qubit scaling, will play a significant role in shaping effective long-term strategies for data protection in a quantum world.

Strategies for Securing Sensitive Data

Organizations should transition to NIST-approved quantum-resistant algorithms, such as CRYSTALS-Kyber, to enhance the security of their sensitive data against future quantum threats. Exploring alternative encryption methods, including code-based cryptography and multivariate cryptography, can provide additional layers of protection for sensitive information. Implementing a hybrid strategy that combines classical and post-quantum encryption can offer layered security as organizations transition to new systems.

Prioritizing high-value data to be protected with the strongest possible encryption methods is crucial for maintaining the confidentiality and integrity of sensitive information. Proactive planning and migration to quantum-safe authentication methods in Identity and Access Management systems are imperative to secure user access and protect sensitive data from potential quantum attacks.

Importance of Data Retention Policies

Organizations need to reassess the value of their data through the lens of quantum computing to enhance their data retention policies in light of the anticipated capabilities of quantum computers.

A clear inventory of cryptographic assets is essential for organizations during the transition to post-quantum cryptography to ensure all data is effectively managed and protected. Data retention policies should be updated to reflect the increased risks associated with quantum computing and the need for significant updates in the cryptographic infrastructure.

Maintaining an updated information classification scheme is critical to managing sensitive data effectively amid the impending challenges posed by quantum computing. Considering the potential for quantum computers to compromise existing cryptographic algorithms, organizations must strengthen their data retention strategies to safeguard sensitive information.

The Role of Quantum Key Distribution (QKD)

Quantum Key Distribution (QKD) operates based on the principles of quantum mechanics, utilizing the unique physical properties of light particles to secure communication channels and distribute encryption keys. QKD is believed to be immune to brute-force attacks, ensuring that any unauthorized attempt to intercept the keys introduces detectable errors in the communication.

Although QKD offers information-theoretic security, it faces challenges such as distance limitations, requiring the establishment of additional infrastructure like trusted repeater stations for effective implementation. The integration of QKD into existing systems necessitates significant financial investment in specialized hardware and has potential vulnerabilities to side-channel attacks.

While QKD cannot replace traditional public-key cryptography, it can be beneficial in specific scenarios as a complementary method to enhance secure key distribution.

Basics of Quantum Key Distribution

Quantum key distribution (QKD) employs the principles of quantum mechanics to secure communication channels, ensuring a high level of security against eavesdropping attempts.

While QKD can generate keying material for encryption algorithms, it does not inherently provide a means to authenticate the source of the QKD transmission, necessitating additional security measures. The engineering required for implementing QKD has a low tolerance for error, highlighting that the security of QKD is highly dependent on its implementation rather than being solely guaranteed by the laws of physics.

As quantum technology evolves, QKD presents a promising solution to address potential vulnerabilities in the transmission of cryptographic keys in a post-quantum environment. Despite its potential, QKD may currently be cost-prohibitive for many organizations, which could hinder widespread adoption and integration into existing systems.

Real-World Applications of QKD

Quantum Key Distribution (QKD) employs the principles of quantum mechanics to create secure communication channels that detect eavesdropping attempts, ensuring high security during key exchanges.

Implementing QKD requires specialized hardware and cannot be easily integrated into existing network systems, leading to increased infrastructure costs and challenges in upgrading or applying security patches.

QKD is believed to be immune to brute-force attacks, making it a robust option for secure key distribution even in a post-quantum world. The technology necessitates dedicated fiber connections or free-space transmitters for its operation, complicating its deployment within complex global networks. While QKD offers significant security benefits, its current cost and limitations may make it prohibitive for some organizations to adopt in their existing systems.

Proactive Measures for Establishing Quantum-Safe Cybersecurity

Organizations need to begin implementing post-quantum cryptography (PQC) strategies immediately to mitigate risks posed by future quantum computers that could break current encryption systems like RSA and ECC.

Educating IT teams and security personnel about quantum threats and the importance of PQC is essential to ensure the effective implementation of quantum-resistant cryptographic systems.

Partnering with cybersecurity experts can help organizations develop and assess their quantum readiness, leading to a comprehensive PQC strategy and successful integration of quantum-resistant solutions.

The transition to PQC should involve not only adopting new technical innovations but also coordinating policy development and international collaboration to address the broader cybersecurity challenges posed by quantum computing.

Conducting a risk- and needs-based assessment is vital for identifying critical functions and vulnerabilities in organizations, assisting in prioritizing systems for the upcoming transition to post-quantum cryptography.

Developing a Comprehensive Cybersecurity Framework

The U.S. government, through various memoranda, has directed a comprehensive approach to modernizing cybersecurity, emphasizing the migration to post-quantum cryptography (PQC) to protect national security, defense, and intelligence systems from emerging quantum threats.

CISAs Post-Quantum Cryptography Initiative aims to unify efforts among interagency and industry partners to address the risks posed by quantum computing and facilitate a coordinated transition to new cryptographic standards set to be published by NIST in 2024.

Organizations are encouraged to align their migration strategies with NIST standards and systematically implement robust PQC algorithms, highlighting the necessity for a proactive approach to cybersecurity in anticipation of cryptographically relevant quantum computers.

IBM has engaged with many large organizations over the past 18 months. These leaders have established, or are establishing, quantum-safe transformational initiatives as a strategic imperative, approaching it with a people, processes and technology perspective. Reaching “ quantum safety ” requires increasing crypto maturity, and transforming their cryptography program in the process. The objective is a strong cryptographic posture, including resilience against quantum-powered risks.

To prepare for the transition to post-quantum encryption, organizations should conduct comprehensive inventories of their encryption-dependent systems to identify vulnerable areas and prioritize updates based on asset significance and organizational needs. It is recommended that organizations increase engagement with standards-developing organizations to stay updated on necessary algorithm and protocol changes required for effective post-quantum cybersecurity frameworks.

Training and Awareness for Cybersecurity Professionals

Training cybersecurity professionals in post-quantum cryptography (PQC) technologies is essential for effective deployment of these new systems as they emerge. A skilled cybersecurity workforce will be critical in addressing the complexities associated with quantum threats and ensuring robust defenses against potential attacks.

Continuous investment in workforce development will help equip professionals with the necessary skills to adapt to evolving quantum security standards. Ongoing research into quantum security will also require trained personnel who can bridge the gap between classical systems and emerging quantum-resistant algorithms. Collaboration among technology managers, cybersecurity professionals, and vendors is crucial to prepare for upcoming changes in cryptographic practices related to quantum computing advancements.

Conclusion: The Future of Cybersecurity in the Quantum Age

The transition to post-quantum cryptography (PQC) is necessary due to the potential of quantum computers to break encryption systems like RSA and ECC that secure communications and protect data. A multi-layered strategic approach, involving policy development, international collaboration, and ongoing research into quantum security standards, is essential for effectively transitioning to quantum-safe encryption.

Quantum computing operates with qubits, utilizing principles like superposition and entanglement, enabling it to solve complex problems significantly faster than classical computing methods. The urgent need to reassess the security of current cryptographic standards arises from quantum computers capabilities to run algorithms, such as Shors, which can efficiently solve problems that would take classical computers an impractical amount of time.

The U.S. governments Post-Quantum Cryptography (PQC) Initiative emphasizes the importance of preparing for the transition to new cryptographic standards to defend against future quantum threats to national security and critical infrastructure.

FAQs

What is post-quantum cryptography?

Post-quantum cryptography refers to cryptographic algorithms that are designed to be secure against the potential threat of quantum computers. Quantum computers have the potential to break many of the cryptographic systems that are currently in use, so post-quantum cryptography aims to develop new algorithms that can resist attacks from quantum computers.

Why is quantum computing a threat to current cryptographic systems?

Quantum computers have the potential to solve certain mathematical problems, such as factoring large numbers and solving discrete logarithms, much more efficiently than classical computers. Many of the cryptographic systems currently in use rely on the difficulty of these mathematical problems for their security, so the development of quantum computers poses a threat to the security of these systems.

What are the vulnerabilities of current cryptographic systems in the face of quantum computing?

The vulnerabilities of current cryptographic systems in the face of quantum computing stem from the reliance on mathematical problems that quantum computers can solve efficiently. For example, the security of RSA and ECC encryption, which are widely used in today's systems, is based on the difficulty of factoring large numbers and solving discrete logarithms, respectively. Quantum computers have the potential to break these systems, compromising the security of encrypted data.

What are the best practices for implementing post-quantum cryptography in an organization?

When implementing post-quantum cryptography in an organization, it is important to stay informed about the latest developments in post-quantum algorithms and standards. Organizations should also assess their current cryptographic systems and identify areas where post-quantum cryptography can be integrated. Additionally, it is important to consider the potential impact on performance and compatibility when transitioning to post-quantum cryptography.

What are the challenges in transitioning to post-quantum cryptography?

One of the challenges in transitioning to post-quantum cryptography is the need to ensure interoperability with existing systems and standards. Additionally, there may be performance considerations to take into account, as post-quantum algorithms may require more computational resources than current cryptographic systems. Another challenge is the need to educate and train personnel on the new post-quantum cryptographic techniques and best practices.

What is the future of data security in the context of post-quantum cryptography?

The future of data security in the context of post-quantum cryptography holds promise for stronger and more resilient cryptographic systems. As post-quantum algorithms continue to be developed and standardized, organizations will have the opportunity to enhance the security of their data against the potential threat of quantum computing. Additionally, the field of post-quantum cryptography may pave the way for new cryptographic techniques that offer enhanced security and privacy protections.

Resources

[1].Alagic G, Apon D, Cooper D, Dang Q, Dang T, Kelsey J, Lichtinger J, Miller C, Moody D, Peralta R, Perlner R, Robinson A, Smith-Tone D, and Liu Y-K, Status report on the third round of the NIST post-quantum cryptography standardization process, NISTIR 8413, National Institute of Standards and Technology, 2022. 10.6028/NIST.IR.8413-upd1. [DOI] [Google Scholar]

[17].Turan MS, Barker E, Kelsey J, McKay K, Baish M, and Boyle M, Recommendation for the entropy sources used for random bit generation, SP 800–90B, National Institute of Standards and Technology (2018). 10.6028/NIST.SP.800-90B. [DOI] [Google Scholar]

[19].Broadbent A and Schaffner C, Quantum cryptography beyond quantum key distribution, Designs, Codes and Cryptography 78, 351 (2016). [DOI] [PMC free article] [PubMed] [Google Scholar]

[43].Roehsner M-C, Kettlewell JA, Batalhão TB, Fitzsimons JF, and Walther P, Quantum advantage for probabilistic one-time programs, Nat. Commun 9, 1 (2018). [DOI] [PMC free article] [PubMed] [Google Scholar]

[57].Acín A and Masanes L, Certified randomness in quantum physics, Nature 540, 213 (2016). [DOI] [PubMed] [Google Scholar]

[68].Giustina M, Mech A, Ramelow S, Wittmann B, Kofler J, Beyer J, Lita A, Calkins B, Gerrits T, Nam SW, Rupert Ursin, and Anton Zeilinger, Bell violation using entangled photons without the fair-sampling assumption, Nature 497, 227 (2013). [DOI] [PubMed] [Google Scholar]