BB84 showed that quantum mechanics can distribute a secret key securely by making eavesdropping detectable. BB84 isn't the only quantum key distribution protocol though.
In 1991, Artur Ekert proposed a different approach, now called Ekert91 or E91. Instead of sending randomly prepared qubits between Alice and Bob, E91 starts with pairs of entangled particles.
The setup
A central source creates an entangled pair, sends one particle to Alice and the other to Bob. Looked at individually, each measurement outcome is random. But because the particles are entangled, Alice's and Bob's results are strongly correlated.
The goal is the same as BB84: Alice and Bob want to end up with a shared secret key that an eavesdropper can't learn without being noticed. The difference is where the security comes from. In E91, it comes directly from the correlations created by entanglement.
Where the key comes from
When Alice and Bob measure their qubits in the same basis, their results match every time. If Alice measures 0, Bob measures 0. If Alice measures 1, Bob measures 1. Neither side controls the result, but the outcomes are perfectly correlated.
When they measure in different bases, the outcomes don't align in any usable way. Those rounds are useless for key generation and get thrown away.
You are Bob
For each round, a new entangled pair is created. Alice receives one particle; your Qubi receives the other. You and Alice independently choose a measurement basis, the Z basis or the X basis.
When you both happen to pick the same basis, your results match perfectly. Those rounds become bits of a shared secret key. When your bases differ, the round is discarded.
After many rounds, Alice publicly announces which basis she used for each one. You compare basis choices over a public channel and keep only the rounds where your bases matched. What's left is a shared random key.
Notice the difference from BB84: Alice never prepared a qubit herself. The key emerged from measurements on shared entangled states. Neither party controls the bits in the key, and yet they share it.
What if someone listens?
Suppose Eve intercepts the particles travelling to Bob. She tries to measure them, then forwards replacements onward to keep up appearances.
Eve faces a problem. Measuring an entangled particle disturbs the entangled system itself. She can't silently extract information while preserving the original quantum correlations.
What Eve breaks
In a clean entangled system, matching-basis measurements produce extremely strong correlations.
Eve's interference breaks part of that entanglement, introducing detectable inconsistencies. Rounds that should have matched now contain errors.
Alice and Bob check this by publicly comparing the outcomes from a small subset of their matching-basis rounds. If the correlations look perfect, no one was listening, and they use the rest of the rounds as a key. If the correlations are weak, the key is discarded and they start over.
This is exactly the same idea that powered the CHSH Bell test. Strong entanglement produces correlations that no classical eavesdropper can fake. Weak correlations mean someone has been touching the qubits.
BB84 vs E91
BB84 and E91 solve the same problem in different ways:
BB84
Security from measurement disturbance.
Alice prepares qubits in random bases. Eve's measurement changes them. Bob and Alice compare and the disturbance shows up as errors.
E91
Security from entanglement itself.
A source distributes entangled pairs. Eve disturbing one half weakens the correlation between the two halves, which Alice and Bob detect by checking the Bell inequality.
Quantum mechanics can't send messages faster than light, and it can't do everything a cryptographer might want. But it can create correlations no classical system can reproduce, and those correlations are enough to distribute a secret key securely.