Cryptographic primitives such as Bit Commitment (BC) and Oblivious Transfer (OT) are foundational building blocks for two-party Secure Function Evaluations. While unconditional security for BC is impossible in the quantum setting, it can be realised under additional physical assumptions. In particular, the bounded- and noisy-storage models provide a framework where security is guaranteed against adversaries with limited quantum memory. Recent work by Ribeiro and Wehner [1] introduced the first Measurement-Device-Independent (MDI) protocols for BC and OT in the bounded storage model. For the BC protocols, they consider a variant of BC that is called Randomised String Commitment (RSC). They give two MDI-RSC protocols using polarisation-encoded photon sources: one with perfect single-photon emission and another with multi-photon emissions. They also give an MDI-OT protocol using sources with perfect single-photon emission. However, the MDI security for OT using sources with multi-photon emissions remains an open problem.
This thesis investigates the feasibility of MDI-RSC protocols using sources with multi-photon emissions, such as weak coherent pulses (WCP) and spontaneous parametric down-conversion (SPDC) sources. First, we correct a practical error in the existing MDI-RSC protocol by bounding the relevant parameters, ensuring the validity of the original security claims. Second, we analyse the achievable committed string rates while using WCP and SPDC sources. We further consider heralded SPDC sources, which in principle enable single-photon emission, and discuss the impact of imperfect local detectors on their performance and the consequences that has on the protocol implementation. Finally, motivated by techniques from Twin-Field Quantum Key Distribution (TF-QKD), we give a phase-encoded MDI-RSC protocol using coherent states and provide a sketch of the security proof in the bounded-storage model. We also investigate extending the approach to OT. However, this is still a challenge due to the basis-dependent information leakage inherent in phase-encoded coherent states.

Encryption is central to securing communication and information exchange in today’s digital society. The rapid progress of quantum computing poses a major threat to this. Once cryptographically relevant quantum computers become available, widely used cryptographic systems could be broken. Quantum cryptography, with protocols such as Quantum Key Distribution (QKD) and newer foundations of protocols such as Quantum Secure Function Evaluations, is being developed as a possible solution. Yet, an open question remains whether industry is ready and willing to adopt these technologies once they move beyond research. This adoption challenge is further complicated by the dynamics of technological hype. The excitement around quantum technologies has attracted investment and media attention and inspired national strategies. However, it also risks inflating expectations and shaping priorities in ways that may not align with practical realities, as has happened with technologies like blockchain.
Against this backdrop, it becomes essential to examine how experts in cybersecurity and quantum research perceive quantum cryptography, navigating between justified optimism and potentially misleading expectations.

Research aim and approach
This thesis explores the factors influencing the adoption of quantum cryptography in the Dutch cybersecurity industry and presents a communication tool for those who promote quantum cryptography, to help enhance future narratives surrounding adoption.

How can the opportunities and challenges of adopting quantum cryptography in the Dutch cybersecurity industry be understood through insights into stakeholder perceptions and adoption dynamics?
This is further broken down into four subquestions:
1. How is quantum cryptography perceived in the cybersecurity industry in the Netherlands?
2. Which theoretical perspectives can help explain the dynamics of innovation and technology adoptionrelevant to quantum cryptography?
3. What insights from adoption models of other security technologies can inform a tailored adoption model for quantum cryptography?
4. How do experts from cybersecurity and quantum cryptography assess the adoption of quantum cryptography in the cybersecurity industry, and which factors do they identify as most influential?
The findings to these research questions are applied in the design of a communication tool to conclude this research.

To answer these questions and apply them in a design, the research followed a triple diamond model (Discover–Define × 2 – Develop–Deliver). The first two diamonds focused on research and analysis, while the third translated findings into a communication design. The methodology combined:
1. A background study of perceptions of quantum cryptography in the cybersecurity industry;
2. The construction of a theoretical framework, drawing on adoption and innovation models;
3. A systematic literature review of adoption models for comparable disruptive security technologies (AI, blockchain, IoT);
4. Expert interviews with professionals in cybersecurity and quantum cryptography;
5. A design phase producing a communication tool to address narrative challenges.

Findings
Perceptions in the Dutch cybersecurity industry
The Dutch cybersecurity field is aware of the quantum threat but demonstrates little urgency or coordination in its response. Awareness is largely concentrated on QKD, with limited recognition of other quantum cryptographic protocols. Quantum cryptography is often viewed as a far future solution rather than an imminent opportunity.

Theoretical framework
Three dimensions help explain adoption dynamics:
• Why innovation is necessary: framed through the Red Queen hypothesis, cybersecurity is seen as a continuous race between attackers and defenders, with quantum computing as a disruptive shift.
• What drives or constrains adoption: Protection Motivation Theory highlights the role of perceived threats and coping abilities, while security economics reveals systemic disincentives for adoption.
• How adoption unfolds: models such as TAM, UTAUT, TOE, and DOI provide insights into processes of acceptance, diffusion, and integration. Together, these perspectives contextualise adoption of quantum cryptography as both a behavioural and systemic phenomenon.

Insights from adoption models of other technologies
Adoption studies of AI, blockchain, and IoT show that effective models are built by combining different theoretical frameworks and adding technology-specific factors. For quantum cryptography, a hypothetical adoption model is proposed that integrates TAM and TOE, supplemented by DOI innovation characteristics (e.g. relative advantage, complexity, compatibility). Additional factors such as perceived trust and perceived security are highlighted, given their critical importance in the context of data security
technologies.

Expert assessments and influential factors
Interviews revealed that adoption of quantum cryptography will depend most strongly on
• A convincing business case (marketing and relative advantage);
• Environmental drivers (standards, certifications, and government regulations);
• Social influence, including hype and lobbying.
Barriers are predominantly technological (complexity, immaturity, fragility of infrastructure, comparison with capabilities of classical cryptography) and organisational (knowledge gaps in both cybersecurity and quantum communities, cost considerations). Importantly, many factors interact: for example, complexity undermines perceived ease of use and trust, while immaturity diminishes relative advantage. To capture these interdependencies, an infographic synthesis was developed, mapping adoption factors, their relationships, and stakeholder perspectives. This visualisation serves both as an analytical synthesis and a decision-support tool, highlighting factors that have greater or more direct impacts on adoption intention and how their effects are viewed by stakeholders.

Design contribution
Building on the findings, a communication tool was designed to address the issue of fragmented narratives. Stakeholders often rely on a single narrative, such as the hype of absolute security. This oversimplifies the reality of quantum cryptography and risks undermining trust. The design introduces the ”Dice of Narratives of Quantum Cryptography”, a metaphorical cube with six narrative perspectives. Just as one cannot see all faces of a dice at once, stakeholders rarely perceive all narratives simultaneously. Rolling the dice becomes a way to encounter multiple perspectives, emphasising that only by combining narratives one can make a more balanced and trustworthy story. The tool is intended for use in policy workshops on conferences (e.g. Quantum Meets), engaging stakeholders such as policymakers, industry leaders, and advocates. By encouraging participants to combine and compare narratives, the tool promotes more nuanced discussions between stakeholder, so future users can make better informed decisions.

Future research directions
This exploratory study of quantum cryptography adoption in the Dutch cybersecurity industry suggests several avenues for further research. First, the proposed hypothetical adoption model could be validated through larger-scale surveys to assess the relative weight and interactions of factors across stakeholders. Longitudinal studies could track how perceptions evolve alongside technical developments and pilot projects. Comparative research across countries would reveal how adoption dynamics differ under varying levels of investment, regulation, and infrastructure readiness. The influence of hype, lobbying, and narratives needs deeper investigation, starting with systematic mapping of currently circulating narratives in industry, policy, and media. The role of standards and certifications on trust, investment decisions, and experimentation should also be explored. Finally, the adoption dynamics infographic that resulted from this research, provides additional paths for design-oriented studies, investigating how different lines of influence can be visualised, communicated, and tested in practice.

This report reviews two quantum key distribution (QKD) protocols: the BB84 protocol and the measurement device independent (MDI) QKD protocol. The goal of this report is to recreate the security proof of the BB84 protocol, to generate the secret key rate for a practical application of the BB84 protocol, both with and without decoy states, and to review the MDI-QKD protocol and look at the advantages it has for practical QKD. The proof security of the BB84 protocol is done by designing an equivalent theoretical protocol and proving its security by bounding the information of the eavesdropper to an exponentially small number. The best distance over which secret key rate can be generated with the practical model of the BB84 protocol that is presented in this report, is 165 km. This is achieved by employing decoy states and is more than three times as far as the model can achieve without decoy states, which gave a distance of 52 km at best. The zero distance key rate of the model with decoy states is R = 1.21 · 10^-2 bits per pulse (bpp), at best. This is an order of magnitude larger than R =1.02 · 10^-3 bpp, which is what the model without decoy states could produce. The decoy state method is therefore an improvement for practical QKD. By reviewing the MDI-QKD protocol it can be concluded that because it eliminates the measurement device side channels, it is very useful for practical QKD, since it makes security analysis simpler and more precise. It also necessarily employs decoy states, which improves the secret key rate. MDI-QKD therefore is a promising protocol to use for future quantum communications.