The possibility of using quantum physics for secret communication has been noticed more than 20 years ago. "Quantum cryptography" has since been implemented, first in physics laboratories (including NUS), then in the first commercial devices. In parallel, theoretical tools have been developed to assess the security of these systems in a rigorous way. These, however, are generally only applicable under the assumption that the cryptographic system runs for an infinite time, thereby exchanging an infinite amount of communication. This assumption is obviously unrealistic.
A proof of the security of quantum cryptography with finite resources has now been provided by Valerio Scarani in a joint work with Renato Renner (ETH Zurich). In particular, they have proved that a significant amount of bits (approximately 1 million) must be exchanged before any security at all can be guaranteed. Had this value been much larger, quantum cryptography would have been impossible in practice; had it been much smaller, the concern for finite communication would have been proved pointless in practice. As things stand, quantum cryptography can be made secure in practice, but only provided a finite-communication bound is used instead of the usual asymptotic bounds.
This formalism is presently being used to assess the secure of the quantum cryptography experiments realized in the CQT quantum optics group.