Classical Networks and Their Fundamental Limits
Every data packet crossing today's internet is built from classical bits — binary signals representing either a zero or a one. Routers forward those packets using IP addresses: 32-bit integers in IPv4, 128-bit integers in IPv6. This system has carried global communications for decades, but it has two well-understood ceilings. First, any sufficiently powerful adversary can intercept a classical channel and copy its contents without the sender knowing. Second, the encryption algorithms protecting those channels — RSA, ECC, Diffie-Hellman — rely on mathematical problems that a large-scale quantum computer could solve in polynomial time using Shor's algorithm. Quantum networking addresses both problems at the physical layer rather than the software layer.
This is not science fiction. The first entanglement-based quantum key distribution experiments were conducted in the 1990s. China launched the world's first quantum communication satellite, Micius, in 2016 and demonstrated intercontinental QKD between Beijing and Vienna in 2017. The European Quantum Internet Alliance has been building test nodes since 2019. Understanding where this technology stands — and what it means for IP addressing — requires separating verified physics from speculation.
How Quantum Networking Actually Works
The term quantum networking covers several distinct technologies that are often conflated. The core mechanism is quantum entanglement: two particles, typically photons, can be prepared in a shared quantum state so that measuring one particle instantly determines the correlated state of the other, regardless of physical distance. This correlation cannot be used to transmit information faster than light — a common misconception addressed below — but it can be used to establish a shared secret key that is physically impossible to intercept without detection.
Quantum Key Distribution (QKD)
QKD is the most mature and commercially deployed application of quantum networking. Protocols such as BB84 (Bennett and Brassard, 1984) and E91 (Ekert, 1991) use the quantum properties of photons to distribute cryptographic keys. Any eavesdropping disturbs the quantum states, introducing detectable errors in the key exchange. Once a shared key is established via QKD, the actual data can be encrypted using classical symmetric algorithms like AES-256. The quantum channel secures the key; the classical channel carries the data. QKD systems from companies such as Toshiba and ID Quantique are already operating in metropolitan fiber networks in Tokyo, Geneva, and London.
Quantum Teleportation of States
Quantum teleportation transfers a quantum state — not classical data — from one particle to another using a pre-shared entangled pair and a classical side channel. This is used to relay quantum information through a network without physically moving the particle. It is the foundational operation of a quantum repeater, a device that extends the range of entanglement beyond the ~100 km limit imposed by photon loss in optical fiber. Building scalable quantum repeaters is currently the primary engineering challenge blocking a true global quantum internet.
Quantum Memory and Timing
A quantum network node must store entangled states long enough to synchronize operations across the network. Quantum memory — systems that hold a qubit state for milliseconds to seconds using techniques like atomic ensembles or nitrogen-vacancy centers in diamond — is an active research area. Current lab records extend to roughly one second of coherence time, which is sufficient for metropolitan distances but not yet for intercontinental links without relay stations every few hundred kilometers.
Network Architecture of a Quantum Internet
A quantum internet would not replace the classical internet — it would run alongside it. The architecture proposed by Wehner, Elkouss, and Hanson in their widely cited 2018 Science paper describes six stages of development from simple trusted-node QKD networks up to a full quantum internet capable of distributing arbitrary entangled states between any two nodes globally.
| Stage | Capability | Current Status | Key Technology Needed |
|---|---|---|---|
| Trusted Node | QKD with classical relay | Commercially deployed | Secure nodes, fiber or satellite |
| Prepare-and-Measure | QKD without trusted nodes | Lab demonstrations | Quantum receivers |
| Entanglement Distribution | Remote entangled pairs | Limited metropolitan trials | Quantum repeaters |
| Quantum Memory | Stored entanglement | Early lab stage | Long-lived quantum memory |
| Fault-Tolerant | Quantum error correction | Research only | Logical qubits |
| Quantum Computing | Distributed quantum processing | Theoretical | Full quantum processors at nodes |
The classical IP layer remains essential at every stage. QKD requires a classical authenticated channel to reconcile key bits and perform privacy amplification. Quantum teleportation requires a classical channel to transmit the measurement results that complete the state transfer. A quantum internet is therefore always a hybrid: quantum channels carry entanglement and quantum states; classical IP channels carry control signals, error correction data, and the encrypted payload itself.
Will IP Addresses Still Exist?
The most accurate answer is: yes, for a very long time, and possibly forever in recognizable form. Here is the engineering reality. Quantum channels today operate over dedicated point-to-point fiber links or line-of-sight free-space optical paths. They do not support the store-and-forward packet switching that makes the internet scalable. There is no quantum equivalent of BGP routing a packet across 15 autonomous systems. Every quantum-secured connection still requires classical addressing at the network layer to set up the session, authenticate the endpoints, and route the classical side-channel traffic.
What may change is the addressing for quantum-specific resources. A quantum network node is identified by the physical hardware at a location — a specific cryogenic cavity or photon source. Researchers at TU Delft's QuTech lab have proposed that future quantum nodes could be addressed using identifiers tied to their physical quantum hardware characteristics, but these would coexist with, not replace, IP addressing for classical traffic coordination.
Post-Quantum Cryptography: The Near-Term Priority
While a functional quantum internet remains years to decades away for most use cases, quantum computers that can break RSA-2048 are a much nearer threat. NIST finalized its first set of post-quantum cryptographic algorithm standards in 2024, including ML-KEM (formerly CRYSTALS-Kyber) for key encapsulation and ML-DSA (formerly CRYSTALS-Dilithium) for digital signatures. These are classical algorithms designed to resist quantum attacks and will run on existing IP infrastructure. For most organizations, migrating to post-quantum TLS certificates is a more actionable priority than planning for a quantum internet.
Real-World Use Cases Today and Near-Term
Quantum networking is not purely theoretical. Active deployments and serious research programs exist in the following areas:
- Financial networks: Toshiba and BT Group have operated a QKD-secured dark fiber link between data centers in London for live trading data since 2021.
- Government communications: China's Beijing-to-Shanghai quantum backbone stretches 2,000 km and uses 32 trusted relay nodes to carry government and banking traffic.
- Satellite QKD: The ESA is developing SAGA (Security And cryptoGrAphy) satellite program; Japan's NICT has demonstrated QKD from low-Earth orbit to a ground station.
- Healthcare data: Several European hospitals are piloting QKD links for transmitting patient records between campuses to meet GDPR sensitivity requirements.
- Military C2 networks: Multiple NATO member governments are evaluating QKD for command-and-control links where interception cannot be tolerated.
Common Misconceptions
Misconception 1: Quantum Entanglement Allows Faster-Than-Light Communication
This is false. Although measuring one entangled particle instantly determines the correlated state of its partner, this process cannot be used to transmit information. The measurement results on each end are random; only when you compare them over a classical channel do you see the correlation. The classical channel is limited by the speed of light. No information travels faster than c.
Misconception 2: Quantum Networks Will Replace the Classical Internet
Quantum and classical networks are complementary, not competing. Quantum channels handle key distribution and quantum state transfer. Classical IP networks handle routing, control traffic, error correction communication, and the bulk of encrypted data. The quantum internet sits on top of, not instead of, IPv4/IPv6 infrastructure.
Misconception 3: Quantum Computers Will Immediately Break All Encryption
A quantum computer capable of running Shor's algorithm against RSA-2048 at useful scale would require millions of error-corrected logical qubits. Current state-of-the-art machines have hundreds to a few thousand noisy physical qubits with high error rates. The transition window before cryptographically relevant quantum computers arrive is measured in years to over a decade, giving organizations time to migrate to post-quantum algorithms.
Misconception 4: QKD Makes a Network Perfectly Secure
QKD secures the key distribution channel against interception. It does not protect against side-channel attacks on the hardware, misconfigured classical network components, compromised endpoint devices, or vulnerabilities in the classical encryption algorithms used to protect the data itself. Security is always a system property, not a property of a single component.
Composition with classical IP control planes
Every QKD deployment still needs an authenticated classical channel for sifting, error correction, and privacy amplification; IPsec, TLS, or signed routing updates remain in scope. Quantum networking therefore extends key-management options rather than removing the need for routing protocols, clocking, syslog, or X.509 hierarchies on the classical side. For near-term production networks, post-quantum hybrid TLS (combining classical and ML-KEM key establishment) often addresses risk faster than waiting for metro-scale entanglement distribution.
Pro Tips for Engineers and Security Teams
- Prioritize post-quantum cryptography now: NIST's ML-KEM and ML-DSA are available in OpenSSL 3.x and BoringSSL forks. Begin testing hybrid TLS configurations (classical + post-quantum) before a migration deadline is forced on you.
- Audit your cryptographic inventory: Catalog every system using RSA, ECDSA, or Diffie-Hellman. These are the algorithms quantum computers will eventually threaten. Systems with long data-sensitivity windows (10+ years) are highest priority.
- Follow the ETSI QKD standards: ETSI has published QKD standards (ETSI GS QKD 014 for REST API interfaces, ETSI GS QKD 015 for control interfaces) if you are evaluating QKD hardware for a pilot deployment.
- Monitor the NIST PQC migration project: NIST is publishing migration guidance for specific protocol families. The TLS and SSH migration documents are the most immediately actionable for most network teams.
- Do not conflate QKD marketing with capability: Some vendors market QKD products that still rely on trusted relay nodes. In a trusted-node architecture, the relay node itself is a single point of compromise — evaluate threat models carefully before deployment.
- Study QuTech and MIT Lincoln Laboratory research: These two groups publish the most rigorous engineering papers on quantum repeaters and metropolitan quantum networks. Following their preprints gives you 12–18 months of lead time over commercial announcements.
Quantum networking is advancing from theoretical physics into early commercial deployment. The engineering challenges — particularly scalable quantum repeaters and long-lived quantum memory — are hard but tractable. For network engineers and security architects, the practical work is happening now at the cryptographic layer, not the routing layer. Check your current IP and network exposure here.