Some crystals do something remarkable when you shine a laser through them: occasionally, one photon of laser light splits into two photons, born at the same instant. This process is called , and the two photons it produces are in energy and time. They were born together — to within about a tenth of a trillionth of a second — but when the pair is born within any given stretch of time is completely random.
That randomness is not a bug. Shared randomness that two distant people both possess, and no one else does, is the raw material of : Alice keeps one photon, sends Bob the other, and they each write down their photon's arrival time. Because the photons were born together, their two notebooks match — a shared secret delivered by physics.
Now the question this whole field turns on: how many secret bits does each photon pair carry? Here is the striking answer. The pair's birth-moment is sharp to about 100 , while the window of uncertainty about when it occurs stretches over hundreds of nanoseconds — a million times longer. The number of distinguishable 'slots' the birth could land in is the ratio of those two times, roughly a million, which works out to 16–20 bits of potential secret key per photon pair . For comparison, most quantum cryptography systems extract less than one bit per detected photon.
In 2007, this author and colleagues built the first large-alphabet system on this idea and extracted 4 clean bits per pair . The best system since reached 6.9 bits . Both are far below the 16–20 bits the photons actually carry. The thief is not physics — it's the stopwatch.
Single-photon detectors have : their click smears the true arrival time. The photons are synchronized to 100 femtoseconds, but even a heroic detector blurs that to 3,000 femtoseconds — like photographing a hummingbird's wings with a shutter 30 times too slow. Every factor of two in blur costs one full bit of key. The blur costs us 5–10 bits per pair, every pair, forever. The best such detectors, called , get the blur down to 3 picoseconds — still 30× too slow for these photons.
For twenty years the field has tried to build a faster stopwatch. This paper asks instead: what if we slow down the hummingbird?
Here is the idea at the heart of this proposal. There is a deep mathematical symmetry in optics: the way a light pulse spreads out as it travels through is mathematically identical to the way a light beam spreads out by diffraction as it travels through space. And since a glass lens can undo spatial spreading and form a magnified image, the same trick works in time: a sandwiched between two dispersive elements stretches a waveform's time axis by a magnification M .
Put one in front of your detector, and events too fast for the detector get magnified until they're slow enough to see. The detector never improved — the moment got bigger. And this is not speculative: a single-photon time lens with magnification M = 158 and picosecond-scale resolution was demonstrated in 2022, by a group that built it explicitly to beat detector jitter . Time lenses have also already magnified the correlations of entangled photon pairs and compressed single-photon bandwidths .
What nobody had done — to our knowledge — is put this tool inside a cryptography protocol. That integration, with the math of how many bits it recovers and when it pays for itself, is the core contribution of this paper. The headline: with a demonstrated lens and an ordinary 30-picosecond detector, the recoverable key jumps to about 13 bits per pair — and the cheap-detector-plus-lens combination beats the most exotic cryogenic detector used alone. Room-temperature optics substituting for heroic cryogenics.
A key is only secret if you can prove nobody intercepted it. The quantum trick is to measure the photons in two — time for the key, energy for the alarm system. An eavesdropper ('Eve') who measures arrival times precisely enough to steal the key must, by the uncertainty principle itself, damage the energy correlations. Alice and Bob check those correlations on a sample of pairs; intact correlations mathematically bound how much Eve can know .
The 2007 experiment did this energy check with interferometers — but that classic method has a genuine, demonstrated security hole: it relies on , and in 2015 that hole was exploited in a live attack using nothing but classical light .
This paper instead uses the dispersive check, proposed at MIT in 2013 : Alice's photon passes through normal dispersion, Bob's through equal-and-opposite anomalous dispersion. Here physics does something genuinely strange, called : each photon alone becomes a featureless blur, but the pair's correlation stays sharp — if and only if the entanglement survived the journey intact. Eve's tampering shows up as broadening. No interferometers, no path postselection, no known loophole of that kind — and it's been demonstrated in a working QKD system .
The same anti-correlation that powers the security check permits something stranger. A time lens needs three parts: input dispersion, the lens, output dispersion. Because dispersion on Bob's photon acts — in the joint correlations — exactly like dispersion on Alice's, the three parts don't have to be on the same photon's path. The dispersion of Bob's own delivery fiber — normally an impairment to be compensated — can serve as the input element, with the lens and output dispersion sitting entirely on Alice's bench. No single photon passes through a complete imaging system. Bob's receiver holds nothing but a detector. Yet the joint correlation — the thing the key is made of — comes out magnified.
Where does this land against the world? The fastest quantum key system ever demonstrated runs at 115.8 megabits per second . This proposal projects a comparable order — about 10⁸ bits per second — so we claim parity with the overall record, not supremacy. The honest pitch is different: those record systems extract less than one bit per detected photon and win by clocking blindingly fast. This protocol extracts ~13–15 bits per detected pair. Wherever detected photons are the scarce resource — long fibers, satellites, saturated detectors, many users sharing a network — bits-per-photon is what sets the speed limit, and there this approach wins by an order of magnitude. Against its own family, entanglement-based time-energy systems, the projected gain is about a hundredfold .
And one receipt that matters more than any projection: during this paper's own pre-launch audit, the verification pipeline caught the results table overstating these numbers by about 2 bits. It was corrected in public before launch, and the catch is documented in the audit trail. The checks you can run on this page are the same ones that drew that blood.
Published with this paper, not hidden from it: seven open findings from the adversarial review. The two biggest, in plain terms. First, the lens has a limited time 'window', while the photons can arrive anywhere in a much longer frame — a real tension between the protocol's two key assumptions — sharpened hours after launch by the author's own reality check into a ~1/M per-channel acceptance penalty, logged as issue #1. Second, the 'turn up the source to pay for lens loss' argument needs one inequality pinned down about how hard you can pump before multi-pair noise bites. Both are stated in the manuscript as caveats, both are tickets anyone can claim. The full list, with severity rankings, lives in the audit trail — and the repository's issues page is the review venue. Disagreement is a contribution.
Don't trust this paper. Run it, expand it, attack it — it was built to survive that, in public.
Want to publish like this?
You just read a paper that explains itself. You can publish one too — Open Dossier is a free template, and an AI agent does the drafting, typesetting, citations, and verification. Idea to live publication in an afternoon.