Can Qubits Be Cloned? How Encryption Refines, but Does Not Break, the No-Cloning Theorem
IBM hardware cloned a qubit into 77 encrypted copies using 154 qubits, yet only one is ever readable. The no-cloning theorem is refined, not broken.
Encrypted Cloning of Qubits and the Refinement of the No-Cloning Theorem: An Assessment
1. Summary
The central finding is narrow, real, and easily misread: a qubit in an unknown state can be copied into an unlimited number of perfect clones, but only if all clones are simultaneously encrypted, and the single decryption key can be used exactly once, so only one readable copy is ever recoverable [1][2]. This does not break the no-cloning theorem, and it does not weaken quantum key distribution (QKD); it refines the practical statement of the prohibition. The operative constraint moves from "you cannot make copies" to "you cannot make more than one usable copy, because the decryption mechanism is single-use" [2].
Two pieces of evidence anchor the assessment. The originating theory, "Encrypted Qubits Can Be Cloned," is peer-reviewed and published in Physical Review Letters 136, 010801 (6 January 2026) [1]. The experimental follow-up, arXiv:2602.10695, submitted 11 February 2026, reports stable encrypted cloning on IBM Heron-R2 superconducting processors using up to 154 qubits, including modular composition in parallel, series, and interleaved configurations while preserving pre-existing entanglement [2]. The experimental paper is a preprint and, as of this writing, is not yet peer-reviewed; its measured hardware results should be treated accordingly wherever they are relied upon.
The strategic reading is threefold. First, the primitive is scientifically significant and now hardware-validated at proof-of-principle scale, but its proposed commercial applications, principally encrypted quantum multicloud storage and redundant distributed quantum computing, remain modeled or aspirational, not demonstrated at deployment scale [1][2][6]. Second, the most consequential near-term risk is misinterpretation: press framing that the no-cloning theorem or QKD has been "broken" is incorrect and could distort security procurement decisions [2][6]. Third, the primitive sits inside, not adjacent to, the broader quantum computing and quantum networking build-out, so value capture accrues to incumbents that hold hardware, cloud distribution, and standards influence, with IBM (NYSE:IBM) uniquely positioned as both hardware host and co-author [2].
2. Scientific and Contextual Background
2.1 The no-cloning theorem and its origin
The no-cloning theorem states that no physical process can produce an identical, independent copy of an arbitrary unknown quantum state. It was established independently in 1982 by Wootters and Zurek in Nature and by Dieks in Physics Letters A [3][4]. The result follows directly from the linearity and unitarity of quantum evolution: a single universal unitary cannot map an arbitrary state and a blank register onto two copies of that state for all inputs. It is tightly bound to the no-signaling principle, because a working cloning device would permit superluminal communication and would allow an observer to defeat the uncertainty principle by measuring incompatible observables on separate copies [1][6]. The theorem is a load-bearing assumption of quantum information science. It underwrites the eavesdropping-detection security of QKD protocols such as BB84, introduced by Bennett and Brassard in 1984, because an interceptor cannot copy transmitted states without disturbing them detectably [24][25]. It is also the reason quantum error correction cannot proceed by simple duplication and instead spreads information across entangled registers.
Prior work established that the prohibition is not absolute for imperfect copies. Approximate cloning machines, beginning with Bužek and Hillery in 1996, produce two copies of an arbitrary qubit at a maximum fidelity of 5/6, a bound proven optimal; probabilistic and state-dependent schemes trade success probability or generality for fidelity [2]. The common limitation of all such prior schemes is that they yield either limited fidelity, limited success probability, or copies of only a restricted set of states, and the copies degrade as their number grows [2].
2.2 The encrypted-cloning protocol
The Yamaguchi-Kempf construction takes a different route. It prepares n signal qubits and n noise qubits, with each signal-noise pair initialized in a maximally entangled (Bell) state. The unknown input qubit A is entangled, through a unitary transformation, with the signal qubits, spreading its information across all of them. The noise qubits are then set aside; through their entanglement with the signal qubits, they function as a single-use decryption key [1][6]. Any number of encrypted clones can be created by a unitary transformation, and any chosen clone can be decrypted by a unitary transformation to recover the original state with fidelity up to unity. Crucially, decryption is a measurement of the noise qubits that consumes them: once one clone is decrypted, the key is destroyed and no other clone can be recovered [1][6]. This is what preserves consistency with both the no-cloning theorem and no-signaling: many perfect encrypted copies exist, but only one can ever be read.
The precise claim must be stated carefully. The protocol produces arbitrarily many perfect encrypted copies. It does not produce two or more usable, independent copies of the plaintext state; that remains forbidden [1]. In Kempf's own framing, "there only ever can be one clear copy of the quantum information," which he describes as mandated by a law of nature [6]. Individually, each signal qubit carries no information about the input state; recovery requires an authorized subset of the register, and reading one such subset expends the key [6][9].
2.3 State of the field and its skeptics
The result has drawn substantive and mostly favorable expert attention, alongside a precise semantic caution. Barry Sanders of the University of Calgary told Physics World:
"It's not a flash in the pan... If I'm doing something that is related to no-cloning, I would look back and say 'Gee, how do I interpret what I'm doing in this context?': It's a paper I won't forget,"
Noting its relevance even to questions as distant as black-hole information [6]. Seth Lloyd of MIT called it
"a very cool and unexpected result, [...] it turns out that there's still low-hanging fruit out there in the theory of quantum information, which hasn't been around long"
While cautioning that the practical implications are unclear; the same coverage records that both Lloyd and Sanders agree that quantum cloud storage remains hypothetical [6]. Mark Hillery of the City University of New York, a quantum-information specialist, questioned whether the approach truly counts as "cloning," since only one qubit ever ends up in the original state and no additional usable copies are produced, though he separately praised it as "a very nice result" that adds novel elements to teleportation, requiring no classical communication or correction operations [6]. This reservation is a matter of definition rather than of correctness, and it maps directly onto the misinterpretation risk in Section 9.
The construction connects to two established primitives: absolutely maximally entangled (AME) states, which are maximally entangled across every bipartition, and quantum secret sharing (QSS), formalized by Cleve, Gottesman, and Lo in 1999 and shown equivalent to certain AME states by Helwig and colleagues in 2012 [11][12][13]. Follow-on work has made this explicit: Lim and Lo prove that an encrypted qudit system of two signal-noise pairs is equivalent to a five-party AME state in any dimension and formalize the correspondence to a threshold QSS scheme [8]. Generalizations to higher-dimensional systems (qudits) have appeared: Ceară constructs unitary encryption operators for arbitrary finite dimension with overhead scaling linearly in dimension [7], and independent constructions using Weyl-Heisenberg displacement operators reach the same conclusion [8]. These are extensions of, not substitutes for, the qubit result and are themselves recent preprints.
A distinct and important technical caveat has emerged from a group led by Gianini and colleagues: because encryption in this protocol was introduced to enable redundancy rather than to guarantee confidentiality, its secrecy is not automatic and must be analyzed explicitly. They show that certain non-authorized subsets of the storage register are not completely uninformative and can retain partial, parity-dependent information about the input state, specifically leakage confined to the y-component of the Bloch vector in the qubit case [9][10]. Related work extends this leakage classification to qudits [11]. This does not invalidate the encrypted-cloning functionality, but it means the scheme should not be assumed to be a perfect confidentiality primitive without additional design [9][26].
3. The Experimental Demonstration and What It Establishes
The open question the experiment addresses is whether spreading quantum information across many encrypted clones dilutes it below the hardware noise floor, causing catastrophic fidelity decay. The authors argue this could not be settled by theory or classical simulation because realistic hardware noise breaks the stabilizer picture and precludes efficient simulation at scale [2]. They therefore ran the protocol on IBM Heron-R2 superconducting processors, which carry 156 qubits in a heavy-hexagonal lattice with tunable couplers, using up to 154 of them [2][14]. Per IBM's own reporting, Heron's quality as measured by the two-qubit error rate, across a 100-qubit layered circuit, is 3 x 10^-3, with the best two-qubit error being 1 x 10^-3, which IBM states is ten times better than the previous-generation 127-qubit Eagle [15]
Four experiments were performed, all measured on hardware. In Experiment 1, an input qubit A was Bell-entangled with an ancilla, encrypted-cloned into n clones, and one clone decrypted; entanglement fidelity with the ancilla was measured. Across n = 2 to 15, fidelity decreased gradually rather than collapsing: an entanglement witness (F_e > 1/2) held up to 7 encrypted clones, and the signal stayed above the maximally mixed noise floor (F_e > 1/4) up to approximately 13 clones, with degradation dominated by the number of two-qubit gate layers rather than by clone count [2]. Experiment 2 tested interleaving; a Clauser–Horne–Shimony–Holt (CHSH) violation (|S| > 2), ruling out local hidden-variable models, was observed for up to 3 encrypted clones, and the decryption could be time-separated from and interleaved with measurement of the ancilla [2]. Experiment 3 tested iterated (series) operation: using the maximal 154 qubits to generate 77 encrypted clones, recoverability above the noise floor persisted, with an entanglement witness retained for up to 27 encrypted clones [2]. Experiment 4 tested parallel operation on Greenberger-Horne-Zeilinger states for up to 15 qubits, with genuine multipartite entanglement witnessed for the recovered state up to 4 qubits [2].
The central measured result is that fidelity is essentially insensitive to the number of encrypted clones and is instead governed by circuit depth, the unavoidable minimum degradation on non-error-corrected hardware [2]. Because iterated cloning grows the number of clones exponentially with depth while the key grows only linearly, iterated cloning is in practice preferable to large-n one-shot cloning [2]. This establishes encrypted cloning as a viable candidate quantum primitive on present hardware, meaning a module usable in series, parallel, or interleaved while respecting pre-existing entanglement.
Three boundaries should be stated plainly. First, this is a preprint and not yet peer-reviewed [2]. Second, the demonstration is on one hardware modality (superconducting), so transfer to trapped-ion, photonic, or neutral-atom platforms is inferred, not shown. Third, the witnessed-entanglement thresholds (single digits to low tens of clones) are proof-of-principle, far from the scale a production storage or computing service would require, and the authors' applications framing is explicitly aspirational.
4. Key Players and Stakeholders
The authorship distributes the result across four countries and three sectors. Koji Yamaguchi is at Kyushu University (Japan); Leon Rullkotter and Christian Tutschku are at the Fraunhofer Institute for Industrial Engineering IAO (Germany); Ibrahim Shehzad is at IBM Quantum and Sean J. Wagner at IBM (United States and Canada respectively); and Achim Kempf holds appointments at the University of Waterloo, the Institute for Quantum Computing, and the Perimeter Institute for Theoretical Physics (Canada) [2].
IBM is the pivotal commercial stakeholder: it co-authored the experimental paper, owns the Heron-R2 hardware on which the result was demonstrated, and operates the cloud distribution channel through which any encrypted-storage or multicloud service would plausibly be delivered [2][15]. Fraunhofer IAO co-coordinates the Competence Center Quantum Computing Baden-Wurttemberg (KQCBW) with Fraunhofer IAF, operates within the IBM Quantum Network, and hosted the first IBM quantum computer in Germany, giving it applied-research and technology-transfer positioning in Europe [16][17]. The University of Waterloo, IQC, and Perimeter Institute anchor the theoretical IP and Canada's academic quantum standing [1][2]. Follow-on IP is diffusing quickly to other groups: Ceară at the Advanced Technologies Institute (Bucharest), Lim and Lo, and the Gianini group across Italy, France, and the UAE [7][8][9]. No commercial encrypted-cloning product, patent grant, or standard was identified in the available sources.
5. Technical and Operational Considerations: Candidate Applications and Maturity
The applications proposed for encrypted cloning should be graded by maturity. The following assessment separates what is demonstrated from what is modeled and what is asserted.
Encrypted quantum multicloud storage and redundancy is the flagship application, asserted by the authors: a provider hosts encrypted clones on separate servers, and as long as one survives the client recovers the data perfectly [1][2]. Maturity is asserted-to-modeled; the enabling primitive is demonstrated at proof-of-principle, but no storage service exists, quantum memory lifetimes remain a binding external constraint, and both Lloyd and Sanders characterize quantum cloud storage as hypothetical [6]. Redundancy, parallelism, and scalability as a general primitive is the best-supported claim, since modular composition was measured on hardware [2]. Distributed and networked quantum computing and parallel computation across untrusted clouds is modeled-to-asserted; it is proposed as a natural extension, including a path toward blind quantum computation via parallel homomorphic computation, but is not benchmarked [1][8]. Quantum memory and delegated or blind quantum computation is asserted, resting on the observation that computation can proceed on encrypted data the provider cannot read, which Kempf concedes carries significant overhead [6]. Secret sharing and threshold cryptography is the most rigorously grounded adjacent use, because the formal equivalence to AME states and QSS access structures has been proven in follow-on theory, though the confidentiality-leakage caveat means the mapping to perfect threshold QSS is not exact [8][9][26].
The engineering distance to deployment is large and gated by the same obstacle as the rest of quantum computing: the absence of fault tolerance. Encrypted cloning inherits, rather than removes, the requirement for error-corrected hardware and long-lived quantum memory. Its favorable property is that it does not add a new failure mode that scales with clone count, which is a meaningful and measured result [2].

6. Economic and Market Dynamics
Encrypted cloning is a primitive, not a product, so its value is embedded in the markets it would serve rather than a market of its own. Three adjacent markets frame the opportunity, and each figure below is a modeled third-party forecast, not a measured value.
The global quantum computing market is modeled by MarketsandMarkets at USD 3.52 billion in 2025, projected to USD 20.20 billion by 2030 at a 41.8 percent CAGR [18]. Other firms model materially different numbers over comparable horizons, for example Grand View Research at USD 1.6 billion in 2025, illustrating the wide dispersion typical of an immature market and the caution warranted for any single figure [19]. The quantum networking market, the most relevant adjacency for distributed storage and computation, is modeled by Mordor Intelligence at USD 2.3 billion in 2025 rising to USD 6 billion by 2030 at a 20.5 percent CAGR [17]. The post-quantum cryptography market is modeled by MarketsandMarkets at USD 0.42 billion in 2025 rising to USD 2.84 billion by 2030 at a 46.2 percent CAGR [20]. Public and private capital is flowing heavily: quantum computer companies raised over USD 1.25 billion in venture funding in Q1 2025 alone, more than double the USD 550 million of Q1 2024, and cumulative government investment reached roughly USD 10 billion globally by April 2025, driven by announcements including a reported USD 7.4 billion Japanese commitment [21].
Value capture, if the primitive matures, favors integrated incumbents. The entity that owns the hardware, the cloud distribution layer, and a seat at the standards table is best positioned, which describes IBM precisely, given its dual role as hardware host and co-author [2][15]. The realistic time horizon is long. Because deployment depends on fault-tolerant hardware and quantum memory that do not yet exist at scale, any encrypted-storage or multicloud computing service is a next-decade rather than near-term prospect, and forward-looking revenue attributions to this specific primitive would be speculative.
7. Regulatory Landscape
The regulatory dimension is thin and is largely subsumed by general quantum-technology precedent; it warrants brief treatment. In September 2024, the US Department of Commerce Bureau of Industry and Security issued an interim final rule creating new export controls on quantum computers and related components, harmonized with allied states and mapped to Wassenaar Arrangement categories, with quantum-item controls carrying a delayed compliance date of 5 November 2024 for shipments to specified allied countries [22]. The European Union updated its dual-use control list in 2025 to add quantum computers, cryogenic components, and related equipment [23]. Multiple states, including the US, UK, Canada, Japan, Germany, Australia, and the Netherlands, announced aligned quantum export controls through 2024, with the OECD noting that at least sixteen countries plus the EU had done so [22][27]. These controls key on performance metrics such as qubit count and error rate, and would apply to encrypted cloning only indirectly, through the underlying hardware, rather than to the protocol itself. No encrypted-cloning-specific standard, control, or regulatory action was identified. Given the protocol's dual-use potential for secure storage and distributed computation, it would fall under the general dual-use umbrella if it were ever embodied in exportable hardware or software.

8. Geopolitical and Strategic Dimensions
The result's most striking strategic feature is the breadth of its coalition: Japan, Germany, the United States, and Canada, spanning academia, a major applied-research institute, and a hardware incumbent [2]. This is largely a story of allied collaboration rather than competition, and to that extent it is subsumed by the general dynamics of quantum-technology cooperation among Wassenaar-aligned states. Each contributing nation has an active national program: Canada's National Quantum Strategy, launched in January 2023, commits CAD 360 million over seven years starting in 2021 (allocated roughly CAD 141 million to research, CAD 45 million to talent, and CAD 169 million to commercialization), and Kempf's work is supported by Canadian federal grants [2][28]; Japan announced a quantum investment of up to USD 7.4 billion in 2025, one of the largest governmental quantum commitments outside North America [21][27]; and Germany anchors applied quantum work through Fraunhofer and the KQCBW, backed by state and federal funding [16][17]. The strategic significance for national programs is indirect: encrypted cloning strengthens the case that redundancy and distributed architectures, long assumed impossible under no-cloning, are achievable, which is relevant to any nation building sovereign quantum-cloud or quantum-internet infrastructure. It does not, on the current evidence, alter the strategic balance in quantum computing, and claims to that effect would overstate a proof-of-principle result.
9. Risk Matrix
The following risks are drawn from the genuine profile of the result.
Misinterpretation that no-cloning or QKD is broken. Likelihood: high. Impact: high. The framing that a cornerstone of quantum mechanics has been defeated is already present in secondary coverage and is incorrect; the theorem is refined, not broken, and QKD security, which rests on the impossibility of an eavesdropper obtaining a usable copy without disturbance, is untouched because only one usable copy is ever recoverable [1][2][25]. Mitigation: consistent communication that the single-use key preserves the one-usable-copy limit
Preprint status of the experimental result. Likelihood: certain (current state). Impact: medium. The hardware demonstration is not yet peer-reviewed [2]. Mitigation: rely on the peer-reviewed PRL theory for the existence claim [1]; treat the specific fidelity thresholds and 154-qubit figures as provisional pending review and independent replication.
Fidelity decay as the primitive scales beyond demonstrated qubit counts. Likelihood: medium. Impact: high. Witnessed entanglement was shown only to single-digit-to-low-tens of clones on non-error-corrected hardware, and the authors themselves note that if noise vulnerability grew fast enough the primitive could be unstable even on future error-corrected machines [2]. The measured result is reassuring (degradation tracks depth, not clone count) but bounded. Mitigation: independent replication at larger scale and on error-corrected hardware before any deployment assumption.
Hardware specificity. Likelihood: medium. Impact: medium. Demonstrated only on superconducting Heron-R2; transfer to other modalities is unproven [2]. Mitigation: cross-platform replication.
Concentration of vulnerability in single-use key management. Likelihood: medium. Impact: high. The entire security and consistency of the scheme rests on the decryption mechanism being genuinely single-use and on protecting the noise-qubit key; the Gianini group has separately shown that non-authorized subsets can leak partial information, so confidentiality is not automatic [9][10][26]. Mitigation: treat key handling and subset-exposure control as the primary security-engineering problem; do not assume confidentiality by default.
Overstated commercial readiness. Likelihood: high. Impact: medium. Multicloud storage and distributed computation are modeled, not built, and independent experts call quantum cloud storage hypothetical [6]. Mitigation: stage investment against fault-tolerance and quantum-memory milestones rather than against the primitive alone.
10. Strategic Recommendations
For quantum hardware and cloud-platform builders. Treat encrypted cloning as a validated candidate primitive to prototype. The near-term action is to attempt independent replication on your own hardware, especially non-superconducting modalities, since cross-platform transfer is the largest open technical question [2]. Fold the primitive into fault-tolerance and quantum-memory roadmaps rather than marketing it standalone, because it inherits those dependencies. The benchmark that would justify escalating investment is a peer-reviewed, independently replicated demonstration that witnessed-entanglement thresholds hold at substantially larger clone counts on error-corrected hardware; absent that, keep it in research. IBM's dual position as host and co-author is a first-mover advantage competitors should answer with their own replication.
For enterprise security and cryptography strategists. Take no defensive action and change no roadmap on the basis of this result. It does not weaken QKD or classical or post-quantum cryptography. [2][25]. Continue post-quantum-cryptography migration on its existing schedule driven by NIST standards and regulatory deadlines, which are unrelated to this primitive [20]. Log encrypted cloning as a watch-item for future quantum-cloud data-availability architectures, and revisit only if and when a peer-reviewed storage or blind-computation demonstration with explicit confidentiality guarantees appears, given the demonstrated partial-leakage caveat [9].
For investors. There is no product, no patent, and no market of its own on the current evidence. The primitive is a reason to prefer integrated players that own hardware, cloud distribution, and standards influence over point-solution startups, because value capture will be embedded. Weight quantum-market forecasts as modeled and widely dispersed, not measured [18][19]. The milestone that would change the thesis is peer review plus independent large-scale replication plus a credible fault-tolerance timeline from the hosting platform.
For standards and policy bodies. The immediate contribution is definitional clarity: publish or endorse precise language distinguishing encrypted copies (permitted, arbitrarily many) from usable plaintext copies (still limited to one), to preempt the misinterpretation risk in security procurement [2]. No new export control is warranted for the protocol itself, which is adequately covered by existing hardware-keyed quantum controls [22][23]. Monitor the confidentiality-leakage literature before any standardization of encrypted-cloning-based secret sharing [9][26].



References
[1] Yamaguchi, Koji, and Achim Kempf. 2026. "Encrypted Qubits Can Be Cloned." Physical Review Letters 136 (1): 010801.
[2] Yamaguchi, Koji, Leon Rullkotter, Ibrahim Shehzad, Sean J. Wagner, Christian Tutschku, and Achim Kempf. 2026. "Experimental Demonstration That Qubits Can Be Cloned at Will, If Encrypted with a Single-Use Decryption Key." arXiv:2602.10695 (preprint, not peer-reviewed).
[3] Wootters, William K., and Wojciech H. Zurek. 1982. "A Single Quantum Cannot Be Cloned." Nature 299 (5886): 802-803.
[4] Dieks, Dennis. 1982. "Communication by EPR Devices." Physics Letters A 92 (6): 271-272.
[6] Wogan, Tim. 2026. "Encrypted Qubits Can Be Cloned and Stored in Multiple Locations." Physics World, January 24.
[7] Ceară, Filip-Ioan. 2026. "Cloning Encrypted Quantum States in Arbitrary Dimensions." arXiv:2604.04888 (preprint).
[8] Lim, Zheng Liang, and Hoi-Kwong Lo. 2026. "Encrypted Cloning, Absolute Maximal Entanglement and Quantum Secret Sharing." arXiv:2605.26866 (preprint).
[9] Gianini, Gabriele, Omar Hasan, Corrado Mio, Stelvio Cimato, and Ernesto Damiani. 2026. "Encrypted Clones Can Leak: Classification of Informative Subsets in Quantum Encrypted Cloning." arXiv:2604.10155 (preprint).
[10] Gianini, Gabriele, Stelvio Cimato, Jianyi Lin, Omar Hasan, and Ernesto Damiani. 2026. "Full Characterization of Informative Subsets in Quantum Encrypted Cloning." arXiv:2605.27421 (preprint).
[11] Bai, Chen-Ming, Xu Zhou, and Yongming Luo. 2026. "Classification of Informative Subsets in Quantum Encrypted Cloning on Qudits." arXiv:2605.11642 (preprint).
[12] Helwig, Wolfram, Wei Cui, Jose Ignacio Latorre, Arnau Riera, and Hoi-Kwong Lo. 2012. "Absolute Maximal Entanglement and Quantum Secret Sharing." Physical Review A 86 (5): 052335.
[13] Cleve, Richard, Daniel Gottesman, and Hoi-Kwong Lo. 1999. "How to Share a Quantum Secret." Physical Review Letters 83 (3): 648-651.
[14] IBM Quantum. 2025. "Processor Types." IBM Quantum Documentation.
[15] The Quantum Insider. 2025. "IBM and RIKEN Unveil First IBM Quantum System Two Outside of the U.S." June 24.
[16] Fraunhofer IAF. n.d. "Competence Center Quantum Computing Baden-Wurttemberg."
[17] Mordor Intelligence. 2025. "Quantum Networking Market Size, Share and 2030 Trends Report."
[18] MarketsandMarkets. 2025. "Quantum Computing Market: Global Forecast to 2030."
[19] Grand View Research. 2026. "Quantum Computing Market Size and Share Report, 2026-2033."
[20] MarketsandMarkets. 2025. "Post-Quantum Cryptography (PQC) Market: Global Forecast to 2030."
[21] SpinQ. 2025. "Quantum Computing Funding: Explosive Growth and Strategic Investment in 2025."
[22] Covington and Burling LLP. 2024. "U.S. Implements Plurilateral Export Controls Framework and Additional Controls on Semiconductor, Quantum, and Additive Manufacturing Items." September.
[23] European Commission. 2025. "2025 Update of the EU Control List of Dual-Use Items." September 8.
[24] Bennett, Charles H., and Gilles Brassard. 1984. "Quantum Cryptography: Public Key Distribution and Coin Tossing." Proceedings of the IEEE International Conference on Computers, Systems and Signal Processing.
[25] Scarani, Valerio, Sofyan Iblisdir, Nicolas Gisin, and Antonio Acín. 2005. "Quantum Cloning." Reviews of Modern Physics 77 (4): 1225-1256.
[26] Gianini, Gabriele, et al. 2026. "Beyond the Canonical Protocol: Quantum Encrypted Cloning from Secret-Sharing Access Structures." arXiv:2606.06552 (preprint).
[27] OECD. 2025. "An Overview of National Strategies and Policies for Quantum Technologies."
[28] Innovation, Science and Economic Development Canada. 2023. "Canada's National Quantum Strategy."



