Modified Bennett-Brassard 1984 Quantum Key Distribution With Two-way Classical Communications

The quantum key distribution protocol without public announcement of bases is equipped with a two-way classical communication symmetric entanglement purification protocol. This modified key distribution protocol is unconditionally secure and has a higher tolerable error rate of 20%, which is higher than previous scheme without public announcement of bases.Comment: 5 pages. To appear in Physical Review

Using quantum key distribution for cryptographic purposes: a survey

The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8

Quantum Cryptography Beyond Quantum Key Distribution

Quantum cryptography is the art and science of exploiting quantum mechanical effects in order to perform cryptographic tasks. While the most well-known example of this discipline is quantum key distribution (QKD), there exist many other applications such as quantum money, randomness generation, secure two- and multi-party computation and delegated quantum computation. Quantum cryptography also studies the limitations and challenges resulting from quantum adversaries---including the impossibility of quantum bit commitment, the difficulty of quantum rewinding and the definition of quantum security models for classical primitives. In this review article, aimed primarily at cryptographers unfamiliar with the quantum world, we survey the area of theoretical quantum cryptography, with an emphasis on the constructions and limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference

Finite-key security analysis for multilevel quantum key distribution

We present a detailed security analysis of a d-dimensional quantum key distribution protocol based on two and three mutually unbiased bases (MUBs) both in an asymptotic and finite key length scenario. The finite secret key rates are calculated as a function of the length of the sifted key by (i) generalizing the uncertainly relation-based insight from BB84 to any d-level 2-MUB QKD protocol and (ii) by adopting recent advances in the second-order asymptotics for finite block length quantum coding (for both d-level 2- and 3-MUB QKD protocols). Since the finite and asymptotic secret key rates increase with d and the number of MUBs (together with the tolerable threshold) such QKD schemes could in principle offer an important advantage over BB84. We discuss the possibility of an experimental realization of the 3-MUB QKD protocol with the orbital angular momentum degrees of freedom of photons.Comment: v4: close to the published versio

Distributing Secret Keys with Quantum Continuous Variables: Principle, Security and Implementations

The ability to distribute secret keys between two parties with information-theoretic security, that is, regardless of the capacities of a malevolent eavesdropper, is one of the most celebrated results in the field of quantum information processing and communication. Indeed, quantum key distribution illustrates the power of encoding information on the quantum properties of light and has far reaching implications in high-security applications. Today, quantum key distribution systems operate in real-world conditions and are commercially available. As with most quantum information protocols, quantum key distribution was first designed for qubits, the individual quanta of information. However, the use of quantum continuous variables for this task presents important advantages with respect to qubit based protocols, in particular from a practical point of view, since it allows for simple implementations that require only standard telecommunication technology. In this review article, we describe the principle of continuous-variable quantum key distribution, focusing in particular on protocols based on coherent states. We discuss the security of these protocols and report on the state-of-the-art in experimental implementations, including the issue of side-channel attacks. We conclude with promising perspectives in this research field.Comment: 21 pages, 2 figures, 1 tabl

On the performance of two protocols: SARG04 and BB84

We compare the performance of BB84 and SARG04, the later of which was proposed by V. Scarani et al., in Phys. Rev. Lett. 92, 057901 (2004). Specifically, in this paper, we investigate SARG04 with two-way classical communications and SARG04 with decoy states. In the first part of the paper, we show that SARG04 with two-way communications can tolerate a higher bit error rate (19.4% for a one-photon source and 6.56% for a two-photon source) than SARG04 with one-way communications (10.95% for a one-photon source and 2.71% for a two-photon source). Also, the upper bounds on the bit error rate for SARG04 with two-way communications are computed in a closed form by considering an individual attack based on a general measurement. In the second part of the paper, we propose employing the idea of decoy states in SARG04 to obtain unconditional security even when realistic devices are used. We compare the performance of SARG04 with decoy states and BB84 with decoy states. We find that the optimal mean-photon number for SARG04 is higher than that of BB84 when the bit error rate is small. Also, we observe that SARG04 does not achieve a longer secure distance and a higher key generation rate than BB84, assuming a typical experimental parameter set.Comment: 48 pages, 10 figures, 1 column, changed Figs. 7 and