Quantum cryptography with finite resources: unconditional security bound for discrete-variable protocols with one-way post-processing

We derive a bound for the security of QKD with finite resources under one-way post-processing, based on a definition of security that is composable and has an operational meaning. While our proof relies on the assumption of collective attacks, unconditional security follows immediately for standard protocols like Bennett-Brassard 1984 and six-states. For single-qubit implementations of such protocols, we find that the secret key rate becomes positive when at least N\sim 10^5 signals are exchanged and processed. For any other discrete-variable protocol, unconditional security can be obtained using the exponential de Finetti theorem, but the additional overhead leads to very pessimistic estimates

Secure quantum key distribution using squeezed states

We prove the security of a quantum key distribution scheme based on transmission of squeezed quantum states of a harmonic oscillator. Our proof employs quantum error-correcting codes that encode a finite-dimensional quantum system in the infinite-dimensional Hilbert space of an oscillator, and protect against errors that shift the canonical variables p and q. If the noise in the quantum channel is weak, squeezing signal states by 2.51 dB (a squeeze factor e^r=1.34) is sufficient in principle to ensure the security of a protocol that is suitably enhanced by classical error correction and privacy amplification. Secure key distribution can be achieved over distances comparable to the attenuation length of the quantum channel.Comment: 19 pages, 3 figures, RevTeX and epsf, new section on channel losse

Tight Finite-Key Analysis for Quantum Cryptography

Despite enormous progress both in theoretical and experimental quantum cryptography, the security of most current implementations of quantum key distribution is still not established rigorously. One of the main problems is that the security of the final key is highly dependent on the number, M, of signals exchanged between the legitimate parties. While, in any practical implementation, M is limited by the available resources, existing security proofs are often only valid asymptotically for unrealistically large values of M. Here, we demonstrate that this gap between theory and practice can be overcome using a recently developed proof technique based on the uncertainty relation for smooth entropies. Specifically, we consider a family of Bennett-Brassard 1984 quantum key distribution protocols and show that security against general attacks can be guaranteed already for moderate values of M.Comment: 11 pages, 2 figure

Secure Coherent-state Quantum Key Distribution Protocols with Efficient Reconciliation

We study the equivalence between a realistic quantum key distribution protocol using coherent states and homodyne detection and a formal entanglement purification protocol. Maximally-entangled qubit pairs that one can extract in the formal protocol correspond to secret key bits in the realistic protocol. More specifically, we define a qubit encoding scheme that allows the formal protocol to produce more than one entangled qubit pair per coherent state, or equivalently for the realistic protocol, more than one secret key bit. The entanglement parameters are estimated using quantum tomography. We analyze the properties of the encoding scheme and investigate its application to the important case of the attenuation channel.Comment: REVTeX, 11 pages, 2 figure

Security Against Collective Attacks of a Modified BB84 QKD Protocol with Information only in One Basis

The Quantum Key Distribution (QKD) protocol BB84 has been proven secure against several important types of attacks: the collective attacks and the joint attacks. Here we analyze the security of a modified BB84 protocol, for which information is sent only in the z basis while testing is done in both the z and the x bases, against collective attacks. The proof follows the framework of a previous paper (Boyer, Gelles, and Mor, 2009), but it avoids the classical information-theoretical analysis that caused problems with composability. We show that this modified BB84 protocol is as secure against collective attacks as the original BB84 protocol, and that it requires more bits for testing.Comment: 6 pages; 1 figur