A lot of real world implementations of quantum crypto have been with respect to satellite communications, which makes sense. The satellite is usually built by the same actors who set up the communication links from the ground the satellite and quantum particles can be transmitted by laser. But as the article points out, it probably won't see widespread use for a while. There was a paper that came out recently called "How (not) to Build Quantum PKE in Minicrypt" (https://arxiv.org/abs/2405.20295) and from my limited understanding of it, a quantum PKE system will likely have very little components from classical crypto incorporated into it. Not to mention that specially built devices have to be installed at ISPs, data centers, etc. for this to work.
Work in this space is valuable as a hedge against a world where all conventional crypto is broken. It also helps advance work in quantum mechanics more generally and other fields in physics and it's generally very interesting :)
edit: grammar corrections
Apart from the big question marks around quantum computers, the argument is dishonest. Post quantum algorithms are primarily about assymetric encryption, QKD is not a solution for the same problem at all. QKD is simply a way of ensuring that your optical channel is secure, so you can distribute onetime pads. The encryption is the onetime pad. And nobody is thinking about having QKD links between individual desktop PCs (that seems completely unfeasible atm).
Essentially QKD is the same thing as sending a guard with a suitcase full of harddrives between your end points to distribute your keys (and in fact sending a guard is typically several orders of magnitude faster considering the current distances and data rates).
In addition to the dishonest argument about the need there is the issue when they mentioning rates and distances. Often when talking about best key distribution rates proponents mention the MB/s that you can achieve with continuous variable QKD, but in the same argument they talk about the ultimate security achievable with discrete variable QKD. But data rates for discrete variable QKD are much lower, while the security of continuous variable QKD relies on statistics and more susceptible to attacks. So the arguments make QKD much better then the reality.
Post-quantum crypto and quantum key distribution have nothing to do with each other, beyond the word “quantum” in their names.
The article asserts post-quantum crypto algorithms might be vulnerable to quantum computing, merely based on the fact that you can’t prove they won’t be. But it doesn’t mention the fact that the actual threat to traditional public-key crypto from quantum computing is still decades away from being practical if it ever becomes so, and we know how that math would work.
But quantum computers do actually exist. Sure, they can only factor numbers smaller than 25 and get exponentially more error-prone with every added qubit. But they exist. As for quantum key distribution, it’s entirely theoretical. It depends on inventing a technology for distributing entangled photons securely ahead of time. If it can be developed at all (and the crypto shill they quote claims “5 to 10 years” which is code for “we have no clue how to build this”), it amounts to a very very expensive one-time pad.
OTPs are already “perfect” crypto, that can’t be broken by any computer... unless you attack the communication outside the bounds of the OTP. Steal the code book, or read the decrypted message, or just beat it out of the agent. QKD is no different, but it’s actually worse. Because the equipment would be unique and hyper-expensive, and because since the plaintext would be in a computer, it can then just as easily be surveilled, copied, or stored after decryption like any other plaintext.
The discussion of the supposed combination of the two technologies is complete and utter nonsense. Sure, you could do that, but there are so many other, better, simpler, cheaper ways to be far more secure. This is all a great way to bilk governments out of their money, very little more.