Efficient generation of tunable photon pairs at 0.8 and 1.6 micrometer

We demonstrate efficient generation of collinearly propagating, highly nondegenerate photon pairs in a periodically-poled lithium niobate cw parametric downconverter with an inferred pair generation rate of 1.4*10^7/s/mW of pump power. Detection of an 800-nm signal photon triggers a thermoelectrically-cooled 20%-efficient InGaAs avalanche photodiode for the detection of the 1600-nm conjugate idler photon. Using single-mode fibers as spatial mode filters, we obtain a signal-conditioned idler-detection probability of about 3.1%.Comment: 8 pages, 3 figure

Quantum Cryptography using larger alphabets

Like all of quantum information theory, quantum cryptography is traditionally based on two level quantum systems. In this letter, a new protocol for quantum key distribution based on higher dimensional systems is presented. An experimental realization using an interferometric setup is also proposed. Analyzing this protocol from the practical side, one finds an increased key creation rate while keeping the initial laser pulse rate constant. Analyzing it for the case of intercept/resend eavesdropping strategy, an increased error rate is found compared to two dimensional systems, hence an advantage for the legitimate users to detect an eavesdropper.Comment: 12 pages, 2 (eps) figure

Controlled Quantum Secret Sharing

We present a new protocol in which a secret multiqubit quantum state $\ket{\Psi}$ is shared by $n$ players and $m$ controllers, where $\ket{\Psi}$ is the encoding state of a quantum secret sharing scheme. The players may be considered as field agents responsible for carrying out a task, using the secret information encrypted in $\ket{\Psi}$, while the controllers are superiors who decide if and when the task should be carried out and who to do it. Our protocol only requires ancillary Bell states and Bell-basis measurements.Comment: 6 pages, 0 figure, RevTeX4; published version with minor change

Using quantum key distribution for cryptographic purposes: a survey

The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8

Linking Classical and Quantum Key Agreement: Is There "Bound Information"?

After carrying out a protocol for quantum key agreement over a noisy quantum channel, the parties Alice and Bob must process the raw key in order to end up with identical keys about which the adversary has virtually no information. In principle, both classical and quantum protocols can be used for this processing. It is a natural question which type of protocols is more powerful. We prove for general states but under the assumption of incoherent eavesdropping that Alice and Bob share some so-called intrinsic information in their classical random variables, resulting from optimal measurements, if and only if the parties' quantum systems are entangled. In addition, we provide evidence that the potentials of classical and of quantum protocols are equal in every situation. Consequently, many techniques and results from quantum information theory directly apply to problems in classical information theory, and vice versa. For instance, it was previously believed that two parties can carry out unconditionally secure key agreement as long as they share some intrinsic information in the adversary's view. The analysis of this purely classical problem from the quantum information-theoretic viewpoint shows that this is true in the binary case, but false in general. More explicitly, bound entanglement, i.e., entanglement that cannot be purified by any quantum protocol, has a classical counterpart. This "bound intrinsic information" cannot be distilled to a secret key by any classical protocol. As another application we propose a measure for entanglement based on classical information-theoretic quantities.Comment: Accepted for Crypto 2000. 17 page

Security against individual attacks for realistic quantum key distribution

I prove the security of quantum key distribution against individual attacks for realistic signals sources, including weak coherent pulses and downconversion sources. The proof applies to the BB84 protocol with the standard detection scheme (no strong reference pulse). I obtain a formula for the secure bit rate per time slot of an experimental setup which can be used to optimize the performance of existing schemes for the considered scenario.Comment: 10 pages, 4 figure

High rate, long-distance quantum key distribution over 250km of ultra low loss fibres

We present a fully automated quantum key distribution prototype running at 625 MHz clock rate. Taking advantage of ultra low loss fibres and low-noise superconducting detectors, we can distribute 6,000 secret bits per second over 100 km and 15 bits per second over 250km

Quantum Cryptography using entangled photons in energy-time Bell states

We present a setup for quantum cryptography based on photon pairs in energy-time Bell states and show its feasability in a laboratory experiment. Our scheme combines the advantages of using photon pairs instead of faint laser pulses and the possibility to preserve energy-time entanglement over long distances. Moreover, using 4-dimensional energy-time states, no fast random change of bases is required in our setup : Nature itself decides whether to measure in the energy or in the time base.Comment: 4 pages including 2 figure

Pulsed energy-time entangled twin-photon source for quantum communication

A pulsed source of energy-time entangled photon pairs pumped by a standard laser diode is proposed and demonstrated. The basic states can be distinguished by their time of arrival. This greatly simplifies the realization of 2-photon quantum cryptography, Bell state analyzers, quantum teleportation, dense coding, entanglement swapping, GHZ-states sources, etc. Moreover the entanglement is well protected during photon propagation in telecom optical fibers, opening the door to few-photon applications of quantum communication over long distances.Comment: 8 pages, 4 figure

One-Way Entangled-Photon Autocompensating Quantum Cryptography

A new quantum cryptography implementation is presented that combines one-way operation with an autocompensating feature that has hitherto only been available in implementations that require the signal to make a round trip between the users. Using the concept of advanced waves, it is shown that this new implementation is related to the round-trip implementations in the same way that Ekert's two-particle scheme is related to the original one-particle scheme of Bennett and Brassard. The practical advantages and disadvantages of the proposed implementation are discussed in the context of existing schemes.Comment: 5 pages, 1 figure; Minor edits--conclusions unchanged; accepted for publication in Physical Review