Cryptographic security of quantum key distribution

This work is intended as an introduction to cryptographic security and a motivation for the widely used Quantum Key Distribution (QKD) security definition. We review the notion of security necessary for a protocol to be usable in a larger cryptographic context, i.e., for it to remain secure when composed with other secure protocols. We then derive the corresponding security criterion for QKD. We provide several examples of QKD composed in sequence and parallel with different cryptographic schemes to illustrate how the error of a composed protocol is the sum of the errors of the individual protocols. We also discuss the operational interpretations of the distance metric used to quantify these errors.Comment: 31+23 pages. 28 figures. Comments and questions welcom

Security of two-way quantum key distribution

Quantum key distribution protocols typically make use of a one-way quantum channel to distribute a shared secret string to two distant users. However, protocols exploiting a two-way quantum channel have been proposed as an alternative route to the same goal, with the potential advantage of outperforming one-way protocols. Here we provide a strategy to prove security for two-way quantum key distribution protocols against the most general quantum attack possible by an eavesdropper. We utilize an entropic uncertainty relation, and only a few assumptions need to be made about the devices used in the protocol. We also show that a two-way protocol can outperform comparable one-way protocols.Comment: 10 pages, 5 figure

Attacking practical quantum key distribution system with wavelength dependent beam splitter and multi-wavelength sources

Unconditional security of quantum key distribution protocol can be guaranteed by the basic property of quantum mechanics. Unfortunately, the practical quantum key distribution system always have some imperfections, and the practical system may be attacked if the imperfection can be controlled by the eavesdropper Eve. Applying the fatal security loophole introduced by the imperfect beam splitter's wavelength dependent optical property, we propose wavelength-dependent attacking model, which can be applied to almost all practical quantum key distribution systems with the passive state modulation and photon state detection after the practical beam splitter. Utilizing our attacking model, we experimentally demonstrate the attacking system based on practical polarization encoding quantum key distribution system with almost 100% success probability. Our result demonstrate that all practical devices require tightened security inspection for avoiding side channel attacks in practical quantum key distribution experimental realizations

The Security of Practical Quantum Key Distribution

Quantum key distribution (QKD) is the first quantum information task to reach the level of mature technology, already fit for commercialization. It aims at the creation of a secret key between authorized partners connected by a quantum channel and a classical authenticated channel. The security of the key can in principle be guaranteed without putting any restriction on the eavesdropper's power. The first two sections provide a concise up-to-date review of QKD, biased toward the practical side. The rest of the paper presents the essential theoretical tools that have been developed to assess the security of the main experimental platforms (discrete variables, continuous variables and distributed-phase-reference protocols).Comment: Identical to the published version, up to cosmetic editorial change

No Signalling and Quantum Key Distribution

Standard quantum key distribution protocols are provably secure against eavesdropping attacks, if quantum theory is correct. It is theoretically interesting to know if we need to assume the validity of quantum theory to prove the security of quantum key distribution, or whether its security can be based on other physical principles. The question would also be of practical interest if quantum mechanics were ever to fail in some regime, because a scientifically and technologically advanced eavesdropper could perhaps use post-quantum physics to extract information from quantum communications without necessarily causing the quantum state disturbances on which existing security proofs rely. Here we describe a key distribution scheme provably secure against general attacks by a post-quantum eavesdropper who is limited only by the impossibility of superluminal signalling. The security of the scheme stems from violation of a Bell inequality.Comment: Clarifications and minor revisions in response to comments. Final version; to appear in Phys. Rev. Let