Security against eavesdropping in quantum cryptography

In this article we deal with the security of the BB84 quantum cryptography protocol over noisy channels using generalized privacy amplification. For this we estimate the fraction of bits needed to be discarded during the privacy amplification step. This estimate is given for two scenarios, both of which assume the eavesdropper to access each of the signals independently and take error correction into account. One scenario does not allow a delay of the eavesdropper's measurement of a measurement probe until he receives additional classical information. In this scenario we achieve a sharp bound. The other scenario allows a measurement delay, so that the general attack of an eavesdropper on individual signals is covered. This bound is not sharp but allows a practical implementation of the protocol.Comment: 11 pages including 3 figures, contains new results not contained in my Phys. Rev. A pape

Sequential Attack with Intensity Modulation on the Differential-Phase-Shift Quantum Key Distribution Protocol

In this paper, we discuss the security of the differential-phase-shift quantum key distribution (DPSQKD) protocol by introducing an improved version of the so-called sequential attack, which was originally discussed by Waks et al. Our attack differs from the original form of the sequential attack in that the attacker Eve modulates not only the phases but also the amplitude in the superposition of the single-photon states which she sends to the receiver. Concentrating especially on the "discretized gaussian" intensity modulation, we show that our attack is more effective than the individual attack, which had been the best attack up to present. As a result of this, the recent experiment with communication distance of 100km reported by Diamanti et al. turns out to be insecure. Moreover it can be shown that in a practical experimental setup which is commonly used today, the communication distance achievable by the DPSQKD protocol is less than 95km.Comment: 6 pages, 2 figure

Polar Coding for Secure Transmission and Key Agreement

Wyner's work on wiretap channels and the recent works on information theoretic security are based on random codes. Achieving information theoretical security with practical coding schemes is of definite interest. In this note, the attempt is to overcome this elusive task by employing the polar coding technique of Ar{\i}kan. It is shown that polar codes achieve non-trivial perfect secrecy rates for binary-input degraded wiretap channels while enjoying their low encoding-decoding complexity. In the special case of symmetric main and eavesdropper channels, this coding technique achieves the secrecy capacity. Next, fading erasure wiretap channels are considered and a secret key agreement scheme is proposed, which requires only the statistical knowledge of the eavesdropper channel state information (CSI). The enabling factor is the creation of advantage over Eve, by blindly using the proposed scheme over each fading block, which is then exploited with privacy amplification techniques to generate secret keys.Comment: Proceedings of the 21st Annual IEEE International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC 2010), Sept. 2010, Istanbul, Turke

Unconditionally secure quantum key distribution over 50km of standard telecom fibre

We demonstrate a weak pulse quantum key distribution system using the BB84 protocol which is secure against all individual attacks, including photon number splitting. By carefully controlling the weak pulse intensity we demonstrate the maximum secure bit rate as a function of the fibre length. Unconditionally secure keys can be formed for standard telecom fibres exceeding 50 km in length.Comment: 9 pages 2 figure

Long Response to Scheuer-Yariv: "A Classical Key-Distribution System based on Johnson (like) noise - How Secure?", physics/0601022

This is the longer (partially unpublished) version of response; the shorter version (http://arxiv.org/abs/physics/0605013) is published in Physics Letters A. We point out that the claims in the comment-paper of Scheuer and Yariv are either irrelevant or incorrect. We first clarify what the security of a physically secure layer means. The idealized Kirchoff-loop-Johnson-like-noise (KLJN) scheme is totally secure therefore it is more secure than idealized quantum communication schemes which can never be totally secure because of the inherent noise processes in those communication schemes and the statistical nature of eavesdropper detection based on error statistics. On the other hand, with sufficient resources, a practical/non-ideal realization of the KLJN cipher can arbitrarily approach the idealized limit and outperform even the idealized quantum communicator schemes because the non-ideality-effects are determined and controlled by the design. The cable resistance issue analyzed by Scheuer and Yariv is a good example for that because the eavesdropper has insufficient time window to build a sufficient statistics and the actual information leak can be designed. We show that Scheuer's and Yariv's numerical result of 1% voltage drop supports higher security than that of quantum communicators. Moreover, choosing thicker or shorter wires can arbitrarily reduce this voltage drop further; the same conclusion holds even according to the equations of Scheuer and Yariv.Comment: The older long response and the newer brief response (in press, PLA) with modelling data are fuse

Side-Information Coding with Turbo Codes and its Application to Quantum Key Distribution

Turbo coding is a powerful class of forward error correcting codes, which can achieve performances close to the Shannon limit. The turbo principle can be applied to the problem of side-information source coding, and we investigate here its application to the reconciliation problem occurring in a continuous-variable quantum key distribution protocol.Comment: 3 pages, submitted to ISITA 200