Tight asymptotic key rate for the BB84 protocol with local randomisation and device imprecisions

Local randomisation is a preprocessing procedure in which one of the legitimate parties of a quantum key distribution (QKD) scheme adds noise to their version of the key and was found by Kraus et al. [Phys. Rev. Lett. 95, 080501 (2005)] to improve the security of certain QKD protocols. In this article, the improvement yielded by local randomisation is derived for an imperfect implementation of the BB84 QKD protocol, in which the source emits four given but arbitrary pure states and the detector performs arbitrarily-aligned measurements. Specifically, this is achieved by modifying an approach to analysing the security of imperfect variants of the BB84 protocol against collective attacks, introduced in [Phys. Rev. A 88, 012331 (2013)], to include the additional preprocessing step. The previously known improvement to the threshold channel noise, from 11\% to 12.41\%, is recovered in the special case of an ideal BB84 implementation and becomes more pronounced in the case of a nonideal source. Finally, the bound derived for the asymptotic key rate, both with and without local randomisation, is shown to be tight with the particular source characterisation used. This is demonstrated by the explicit construction of a family of source states and optimal attacks for which the key-rate bound is attained with equality

Effects of preparation and measurement misalignments on the security of the BB84 quantum key distribution protocol

The ideal Bennett-Brassard 1984 (BB84) quantum key distribution protocol is based on the preparation and measurement of qubits in two alternative bases differing by an angle of pi/2. Any real implementation of the protocol, though, will inevitably introduce misalignments in the preparation of the states and in the alignment of the measurement bases with respect to this ideal situation. Various security proofs take into account (at least partially) such errors, i.e., show how Alice and Bob can still distil a secure key in the presence of these imperfections. Here, we consider the complementary problem: how can Eve exploit misalignments to obtain more information about the key than would be possible in an ideal implementation? Specifically, we investigate the effects of misalignment errors on the security of the BB84 protocol in the case of individual attacks, where necessary and sufficient conditions for security are known. Though the effects of these errors are small for expected deviations from the perfect situation, our results nevertheless show that Alice and Bob can incorrectly conclude that they have established a secure key if the inevitable experimental errors in the state preparation and in the alignment of the measurements are not taken into account. This gives further weight to the idea that the formulation and security analysis of any quantum cryptography protocol should be based on realistic assumptions about the properties of the apparatus used. Additionally, we note that BB84 seems more robust against alignment imperfections if both the x and z bases are used to generate the key

Device-independent tests of structures of measurement incompatibility

In contrast with classical physics, in quantum physics some sets of measurements are incompatible in the sense that they can not be performed simultaneously. Among other applications, incompatibility allows for contextuality and Bell nonlocality. This makes of crucial importance developing tools for certifying whether a set of measurements posses a certain structure of incompatibility. Here we show that, for quantum or nonsignaling models, if the measurements employed in a Bell test satisfy a given type of compatibility, then the amount of violation of some specific Bell inequalities become limited. Then, we show that correlations arising from local measurements on two-qubit states violate these limits, which rules out in a device-independent way such structures of incompatibility. In particular, we prove that quantum correlations allow for a device-independent demonstration of genuine triplewise incompatibility. Finally, we translate these results into a semi-device-independent Einstein-Podolsky-Rosen-steering scenario.Comment: Substantial improvements, several new results added, new author added. 18 pages, 4 figure

Randomness versus nonlocality in the Mermin-Bell experiment with three parties

The detection of nonlocal correlations in a Bell experiment implies almost by definition some intrinsic randomness in the measurement outcomes. For given correlations, or for a given Bell violation, the amount of randomness predicted by quantum physics, quantified by the guessing probability, can generally be bounded numerically. However, currently only a few exact analytic solutions are known for violations of the bipartite Clauser-Horne-Shimony-Holt Bell inequality. Here, we study the randomness in a Bell experiment where three parties test the tripartite Mermin-Bell inequality. We give tight upper bounds on the guessing probabilities associated with one and two of the parties' measurement outcomes as a function of the Mermin inequality violation. Finally, we discuss the possibility of device-independent secret sharing based on the Mermin inequality and argue that the idea seems unlikely to work

Device-independent quantum key distribution with asymmetric CHSH inequalities

The simplest device-independent quantum key distribution protocol is based on the Clauser-Horne-Shimony-Holt (CHSH) Bell inequality and allows two users, Alice and Bob, to generate a secret key if they observe sufficiently strong correlations. There is, however, a mismatch between the protocol, in which only one of Alice's measurements is used to generate the key, and the CHSH expression, which is symmetric with respect to Alice's two measurements. We therefore investigate the impact of using an extended family of Bell expressions where we give different weights to Alice's measurements. Using this family of asymmetric Bell expressions improves the robustness of the key distribution protocol for certain experimentally-relevant correlations. As an example, the tolerable error rate improves from 7.15% to about 7.42% for the depolarising channel. Adding random noise to Alice's key before the postprocessing pushes the threshold further to more than 8.34%. The main technical result of our work is a tight bound on the von Neumann entropy of one of Alice's measurement outcomes conditioned on a quantum eavesdropper for the family of asymmetric CHSH expressions we consider and allowing for an arbitrary amount of noise preprocessing

Device-independent quantum key distribution with single-photon sources

Device-independent quantum key distribution protocols allow two honest users to establish a secret key with minimal levels of trust on the provider, as security is proven without any assumption on the inner working of the devices used for the distribution. Unfortunately, the implementation of these protocols is challenging, as it requires the observation of a large Bell-inequality violation between the two distant users. Here, we introduce novel photonic protocols for device-independent quantum key distribution exploiting single-photon sources and heralding-type architectures. The heralding process is designed so that transmission losses become irrelevant for security. We then show how the use of single-photon sources for entanglement distribution in these architectures, instead of standard entangled-pair generation schemes, provides significant improvements on the attainable key rates and distances over previous proposals. Given the current progress in single-photon sources, our work opens up a promising avenue for device-independent quantum key distribution implementations.Comment: 20 pages (9 + appendices and bibliography), 5 figures, 1 tabl

Maximal randomness from partially-entangled states

We investigate how much randomness can be extracted from a generic partially-entangled pure state of two qubits in a device-independent setting, where a Bell test is used to certify the correct functioning of the apparatus. For any such state, we first show that two bits of randomness are always attainable both if projective measurements are used to generate the randomness globally or if a non-projective measurement is used to generate the randomness locally. We then prove that the maximum amount of randomness that can be generated using non-projective measurements globally is restricted to between approximately 3.58 and 3.96 bits. The upper limit rules out that a bound of four bits potentially obtainable with extremal qubit measurements can be attained. We point out this is a consequence of the fact that non-projective qubit measurements with four outcomes can only be self-tested to a limited degree in a Bell experiment

Characterising correlations under informational restrictions

The strength of correlations observed between two separated events hinges on the amount of information transmitted between them. We characterise the correlations that can be created in classical and quantum experiments which feature a given amount of communicated information. For classical models, we present a complete characterisation of informationally restricted correlations in terms of linear programming. For quantum models, we develop a hierarchy of increasingly precise semidefinite relaxations to bound the set of informationally restricted quantum correlations. We leverage these techniques to i) derive device-independent witnesses of the information content of quantum communication, ii) the derivation of strict inequalities for different quantum information resources and iii) a new avenue for semi-device-independent random number generation based on the information assumption.Comment: First versio

Semi-device-independent framework based on natural physical assumptions

The semi-device-independent approach provides a framework for prepare-and-measure quantum protocols using devices whose behavior must not be characterized nor trusted, except for a single assumption on the dimension of the Hilbert space characterizing the quantum carriers. Here, we propose instead to constrain the quantum carriers through a bound on the mean value of a well-chosen observable. This modified assumption is physically better motivated than a dimension bound and closer to the description of actual experiments. In particular, we consider quantum optical schemes where the source emits quantum states described in an infinite-dimensional Fock space and model our assumption as an upper bound on the average photon number in the emitted states. We characterize the set of correlations that may be exhibited in the simplest possible scenario compatible with our new framework, based on two energy-constrained state preparations and a two-outcome measurement. Interestingly, we uncover the existence of quantum correlations exceeding the set of classical correlations that can be produced by devices behaving in a purely pre-determined fashion (possibly including shared randomness). This feature suggests immediate applications to certified randomness generation. Along this line, we analyze the achievable correlations in several prepare-and-measure optical schemes with a mean photon number constraint and demonstrate that they allow for the generation of certified randomness. Our simplest optical scheme works by the on-off keying of an attenuated laser source followed by photocounting. It opens the path to more sophisticated energy-constrained semi-device-independent quantum cryptography protocols, such as quantum key distribution.Comment: 26 pages, 10 figure