The narrative around quantum networking tends to oscillate between two failure modes. On one end, breathless announcements about "quantum internet" that imply near-term consumer applications. On the other, dismissal of QKD (quantum key distribution) as impractical — too expensive, too limited in range, irrelevant now that post-quantum cryptographic algorithms have been standardized by NIST. Both positions miss what's actually happening.
QKD has been deployed on operational dark fiber networks since 2022. China has the most extensive deployment — roughly 10,000 km of QKD-secured fiber, with metropolitan-area networks in Beijing, Shanghai, and several other cities connecting financial institutions, government agencies, and critical infrastructure. Europe has production deployments in Austria, Switzerland, and the UK, with the EuroQCI initiative pushing member states toward national quantum communication infrastructure. These aren't demos. They're production security infrastructure.
The US has been slower. NIST's post-quantum cryptography standardization process created an implicit argument that software-based solutions were sufficient — you didn't need hardware-level quantum security if you could deploy lattice-based algorithms. That argument is now under more scrutiny. Post-quantum algorithms protect against a quantum computer breaking existing encryption. QKD protects against "harvest now, decrypt later" attacks — adversaries collecting encrypted traffic today planning to decrypt it once they have a sufficiently powerful quantum computer. These are different threat models, and for data with a 15-30 year secrecy requirement, both matter.
How QKD Works and Where It Breaks Down
QKD uses individual photons to distribute cryptographic keys. Because measuring a quantum state disturbs it, any eavesdropping attempt introduces detectable errors. The key distribution is information-theoretically secure — its security doesn't depend on computational hardness assumptions. If an eavesdropper touches the channel, you know.
The range limitation is real and significant. Photons in optical fiber lose intensity with distance (roughly 0.2 dB/km for telecom-wavelength photons in standard single-mode fiber). After 100km or so, single-photon signals are too attenuated to detect reliably. Classical optical networks solve this with erbium-doped fiber amplifiers (EDFAs), but EDFAs measure and re-transmit the signal — which defeats the quantum security property. You need either trusted relay nodes (which introduce human trust as a security assumption) or quantum repeaters.
Quantum repeaters — devices that extend quantum network range without classical measurement — are the hard unsolved problem in this field. They require quantum memory with long coherence times and entanglement swapping operations. The theoretical framework is well developed; the hardware isn't ready for deployment. Several research groups have demonstrated individual components at low fidelity in lab settings. A deployable quantum repeater is probably 5-10 years away.
Until repeaters arrive, practical long-distance QKD uses trusted relay nodes. This means the security model is: you trust the relay node physically and operationally, and the quantum channel secures the links between nodes. For government-to-government or financial institution applications where the relay nodes are under your control, this is acceptable. For general commercial applications, it may not be.
Who's Buying and Why Now
The buyer categories that make sense today are narrow but real:
- Financial institutions with classified trading strategies or long-horizon risk calculations that must remain secret for decades
- Government agencies communicating intelligence that cannot be compromised even against adversaries with future quantum computing capability
- Critical infrastructure operators (power grids, water systems, defense communications) where the consequence of network compromise is severe
- Pharmaceutical and biotech companies protecting drug discovery data with multi-decade competitive relevance
The common thread is long secrecy horizon. If your data is sensitive for 5 years, post-quantum algorithms are probably sufficient. If your data is sensitive for 30 years, the harvest-now-decrypt-later threat is real and QKD is a reasonable investment.
The government market is moving faster than we expected. The NSA's Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) mandates post-quantum algorithms for national security systems by 2030. Some agencies are going further and exploring QKD for highly sensitive links where they want defense in depth. The classified government procurement conversations — which we can't quote specifically — suggest that QKD is being taken seriously as a complement to algorithmic approaches in certain high-value communication corridors.
The Investment Thesis at CrystalQNet
CrystalQNet, our Berkeley-based portfolio company, is building QKD systems specifically for critical infrastructure applications. Their approach focuses on metropolitan-area deployments where the distance limitations of QKD are least constraining — city-scale networks where the physical fiber distances are manageable without repeaters. Power utility communications, financial district interbank links, and government campus networks are all sub-100km in relevant network topology.
The interesting technical differentiation they've developed is in the photon source and detector layer. Most commercial QKD systems use weak coherent pulse (WCP) sources — essentially attenuated lasers — which are susceptible to photon number splitting attacks. CrystalQNet uses single-photon sources based on nitrogen-vacancy centers in diamond, which have better security proofs and higher raw key rates at equivalent channel losses. The manufacturing process for the NV-center sources is proprietary and took three years to develop. That's a genuine moat.
The Quantum Network Buildout Will Be Infrastructure-Driven
The long-term quantum networking vision — a global quantum internet with distributed quantum computing and fully quantum-secured communications — is probably 20-30 years away. The near-term commercial opportunity is much simpler: selling quantum security infrastructure to the narrow category of buyers for whom classical security guarantees are insufficient. That market is real, funded, and growing. It's not the quantum internet. But it's a legitimate business.
We think the companies that establish customer relationships and operational credibility in this window — before quantum repeaters make long-distance quantum networking practical and before larger infrastructure vendors absorb the space — will be well positioned for the larger market that follows.
Working on quantum networking, photon sources, or quantum memory systems? Reach the Coexin team.
