Information Gain in Quantum Eavesdropping

Physical Review Letters, 1996

Existing quantum cryptographic schemes are not, as they stand, operable in the presence of noise on the quantum communication channel. Although they become operable if they are supplemented by classical privacy-amplification techniques, the resulting schemes are difficult to analyse and have not been proved secure. We introduce the concept of quantum privacy amplification and a cryptographic scheme incorporating it which is provably secure over a noisy channel. The scheme uses an 'entanglement purification' procedure which, because it requires only a few quantum Controlled-Not and singlequbit operations, could be implemented using technology that is currently being developed. The scheme allows an arbitrarily small bound to be placed on the information that any eavesdropper may extract from the encrypted 1 message. 89.70.+c, 03.65.Bz, 89.80.+h Typeset using REVT E X

Journal of Physics A: Mathematical and Theoretical, 2011

We consider the security of the BB84, six-state and SARG04 quantum key distribution protocols when the eavesdropper doesn't have access to a quantum memory. In this case, Eve's most general strategy is to measure her ancilla with an appropriate POVM designed to take advantage of the post-measurement information that will be released during the sifting phase of the protocol. After an optimization on all the parameters accessible to Eve, our method provides us with new bounds for the security of six-state and SARG04 against a memoryless adversary. In particular, for the six-state protocol we show that the maximum QBER for which a secure key can be extracted is increased from 12.6% (for collective attacks) to 20.4% with the memoryless assumption.

Employing the fundamental laws of quantum physics, Quantum Key Distribution (QKD) promises the unconditionally secure distribution of cryptographic keys. However, in practical realisations, a QKD protocol is only secure, when the quantum bit error rate introduced by an eavesdropper unavoidably exceeds the system error rate. This condition guarantees that an eavesdropper cannot disguise his presence by simply replacing the original transmission line with a less faulty one. Unfortunately, this condition also limits the possible distance between the communicating parties, Alice and Bob, to a few hundred kilometers. To overcome this problem, we design a QKD protocol which allows Alice and Bob to distinguish system errors from eavesdropping errors. If they are able to identify the origin of their errors, they can detect eavesdropping even when the system error rate exceeds the eavesdropping error rate. To achieve this, the proposed protocol employs an alternative encoding of information in two-dimensional photon states. Errors manifest themselves as quantum bit and as index transmission errors with a distinct correlation between them in case of intercept-resend eavesdropping. As a result, Alice and Bob can tolerate lower eavesdropping and higher system errors without compromising their privacy.

Physical Review A, 1997

We consider the Bennett-Brassard cryptographic scheme, which uses two conjugate quantum bases. An eavesdropper who attempts to obtain information on qubits sent in one of the bases causes a disturbance to qubits sent in the other basis. We derive an upper bound to the accessible information in one basis, for a given error rate in the conjugate basis. Independently fixing the error rate in the conjugate bases, we show that both bounds can be attained simultaneously by an optimal eavesdropping probe, consisting of two qubits. The qubits' interaction and their subsequent measurement are described explicitly. These results are combined to give an expression for the optimal information an eavesdropper can obtain for a given average disturbance when her interaction and measurements are performed signal by signal. Finally, the relation between quantum cryptography and violations of Bell's inequalities is discussed.

International Journal of Quantum Information, 2009

We study eavesdropping in quantum key distribution with the six state protocol, when the signal states are mixed with white noise. This situation may arise either when Alice deliberately adds noise to the signal states before they leave her lab, or in a realistic scenario where Eve cannot replace the noisy quantum channel by a noiseless one. We find Eve's optimal mutual information with Alice, for individual attacks, as a function of the qubit error rate. Our result is that added quantum noise can make quantum key distribution more robust against eavesdropping.

Journal of Cryptology, 1992

We describe results from an apparatus and protocol designed to implement quantum key distribution, by which two users, who share no secret information initially: (1) exchange a random quantum transmission, consisting of very faint flashes of polarized light; (2) by subsequent public discussion of the sent and received versions of this transmission estimate the extent of eavesdropping that might have taken place on it, and finally (3) if this estimate is small enough, distill from the sent and received versions a smaller body of shared random information, which is certifiably secret in the sense that any third party's expected information on it is an exponentially small fraction of one bit. Because the system depends on the uncertainty principle of quantum physics, instead of the usual mathematical assumptions such as the difficulty of factoring, it remains secure against an adversary with unlimited computing power.

2004

Quantum key distribution allows two parties, traditionally known as Alice and Bob, to establish a secure random cryptographic key if, firstly, they have access to a quantum communication channel, and secondly, they can exchange classical public messages which can be monitored but not altered by an eavesdropper, Eve. Quantum key distribution provides perfect security because, unlike its classical counterpart, it relies on the laws of physics rather than on ensuring that successful eavesdropping would require excessive computational effort. However, security proofs of quantum key distribution are not trivial and are usually restricted in their applicability to specific protocols. In contrast, we present a general and conceptually simple proof which can be applied to a number of different protocols. It relies on the fact that a cryptographic procedure called privacy amplification is equally secure when an adversary's memory for data storage is quantum rather than classical [1].

Most modern cryptographic mechanisms are often based on the key distribution schemes, the security of which depends on the computational complexity and the power used to break the encryption. Quantum Key Distribution (QKD) is gaining popularity as a panacea to the issue of secure key distribution due to its ability to show secret keys' information-theoretic protection that is already suitable for commercialization. The goal is to generate a secret key between trusted parties connected through a quantum channel and an authenticated classical channel. The technology promises unconditional secure communication based on the principles of quantum mechanics without limiting the power of an eavesdropper. The first three sections provide a contemporary review of the Quantum Key Distribution in a nutshell. The remaining part of the paper deals with the key parameters and implementations that have been developed to assess the security of the leading experimental platforms and the challeng...

2021

We present a new post-processing method for Quantum Key Distribution (QKD) that raises cubically the secret key rate in the number of double matching detection events. In Shannon’s communication model, information is prepared at Alice’s side, and it is then intended to pass it over a noisy channel. In our approach, secret bits do not rely in Alice’s transmitted quantum bits but in Bob’s basis measurement choices. Therefore, measured bits are publicly revealed, while bases selections remain secret. Our method implements sifting, reconciliation, and amplification in a unique process, and it just requires a round iteration; no redundancy bits are sent, and there is no limit in the correctable error percentage. Moreover, this method can be implemented as a post-processing software into QKD technologies already in use.

European Physical Journal D, 2006

Provable entanglement has been shown to be a necessary precondition for unconditionally secure key generation in the context of quantum cryptographic protocols. We estimate the maximal threshold disturbance up to which the two legitimate users can prove the presence of quantum correlations in their data, in the context of the four- and six-state quantum key-distribution protocols, under the assumption of coherent attacks. Moreover, we investigate the conditions under which an eavesdropper can saturate these bounds, by means of incoherent and two-qubit coherent attacks. A direct connection between entanglement distillation and classical advantage distillation is also presented.