@Remy Redert re:Dead in the water
Of course other encryption systems suffer from early problems, but you're missing my point.
The strengths and weaknesses of systems like DES and AES can be determined purely analytically, and their implementations are open to truly large scale testing and examination by anyone with the urge to download the spec and look at the source code. Whatever the weaknesses in the algorithms are, we can point to them and say definitively what they are, how hard they are to exploit, etc. Anyone can look at one aspect of an algorithm and say things like "you'd have to find the prime factors of that number there" and know that that would be a complete and definitive statement on the merits of that part of the algorithm. One can then objectively assess how hard it would be to perform said feat, keep an eye out for papers with titles like "prime factor finding" and generally be comfortable. And the same goes for implementations. This is because things like DES, AES, etc. are entirely logical systems that operate in rule sets created by man with no physical influences.
The problem with quantum cryptography is that the security of a key transfer relies entirely on the behaviour of physical processes, namely the quantum entanglement itself as well as the single photon sources and detectors. Knowing whether or not we have a complete understanding of these physical processes is much harder to be sure about. Mankind has been constantly revising its opinions of nature for millennia, and I don't suppose we're going to stop doing that anytime soon.
So far the problems that have been encountered with quantum cryptography are related to the physical properties of the detectors and photon generators (it turned out that single photons weren't always on their own...). No great surprises there - matter does not always behave as we tell it to! This latest problem is just another instance of our misunderstanding the physical properties of one electro-optic component in the system. I doubt that one can ever prove analytically that the components are designed and implemented correctly. All one can ever say is that N tests have shown them to work properly, but N can never be a truly large number. And should one test each and every photon detector, or just a sample of the production run?
But what about entanglement itself, and the impossibility of messing with it? There's several bunches of physicists who are questioning whether this is in fact correct or not. It looks like the rule that you can't measure the state of an entangled photon without effecting the state is more of an assumption than a proven fact. It's easy to say that it is hard to make such measurements, but to the best of my knowledge no one has quite yet been able to completely rule it out. Some very elegant experiments are being planned by academics to explore this. Some have already been done with electrons which showed that you can 'sniff'' their quantum state, repair the damage done to the state, repeat until you know everything. Not good news so far, except that quantum cryptography uses photons.
My point is that all an experimentalist can say is that their particular experimental design could or could not measure states without disturbing them, but that say's nothing about someone else's experiment. Saying "I can't do it" doesn't prove that no one else can. Yet for quantum cryptography to be guaranteed you have to prove the rule. As I said above some results are already known for experiements with electrons which would suggest the issue is more one of experimental design, not hard physical facts. So where would quantum cryptography be if someone successfully designed and performed the right experiment? It is not guaranteed that they won't be able to do so. Certainly, if some one *does* manage to do it (which would be impressive because it would mean our quantum model of the world is wrong, Nobel prize in the post) quantum cryptography would be finished.
And it's worth pointing out that quantum cryptography is in fact ordinary symmetric cryptography that relies on a physical trick to securely exchange the key. That still doesn't stop someone getting the design and implementation of the actual encryption/decryption algorithm wrong.