On the Optimal Mean Photon Number for Quantum Cryptography

The optimal mean photon number (mu) for quantum cryptography is the average photon number per transmitted pulse that results in the highest delivery rate of distilled cryptographic key bits, given a specific system scenario and set of assumptions about Eve's capabilities. Although many experimental systems have employed a mean photon number (mu) of 0.1 in practice, several research teams have pointed out that this value is somewhat arbitrary. In fact, various optimal values for mu have been described in the literature. In this paper we offer a detailed analytic model for an experimental, fiber-based quantum cryptographic system, and an explicit set of reasonable assumptions about Eve's current technical capabilities. We explicitly model total system behavior ranging from physical effects to the results of quantum cryptographic protocols such as error correction and privacy amplification. We then derive the optimal photon number (mu) for this system in a range of scenarios. One interesting result is that mu of approximately 1.1 is optimal for a wide range of realistic, fiber-based QKD systems; in fact, it provides nearly 10 times the distilled throughput of systems that employ a more conventional mu = 0.1, without any adverse affect on system security, as judged against a set of reasonable assumptions about Eve's current capabilities.

[1]  G. Gilbert,et al.  Practical Quantum Cryptography: A Comprehensive Analysis (Part One) , 2000, quant-ph/0009027.

[2]  Peterson,et al.  Daylight quantum key distribution over 1.6 km , 2000, Physical review letters.

[3]  Stephen M. Barnett,et al.  Conditional beam-splitting attack on quantum key distribution , 2001 .

[4]  Nicolas Gisin,et al.  Quantum cryptography protocols robust against photon number splitting attacks for weak laser pulse implementations. , 2004, Physical review letters.

[5]  Chip Elliott,et al.  Quantum Cryptography , 2004, IEEE Secur. Priv..

[6]  N. Lütkenhaus Security against individual attacks for realistic quantum key distribution , 2000 .

[7]  G. L. Morgan,et al.  Quantum Cryptography over Underground Optical Fibers , 1996, CRYPTO.

[8]  Norbert Lütkenhaus,et al.  Effect of finite detector efficiencies on the security evaluation of quantum key distribution , 2004 .

[9]  Gilles Brassard,et al.  Experimental Quantum Cryptography , 1990, EUROCRYPT.

[10]  O. Okunev,et al.  Picosecond superconducting single-photon optical detector , 2001 .

[11]  D. Bethune,et al.  Autocompensating quantum cryptography , 2002, quant-ph/0204144.

[12]  H. Bechmann-Pasquinucci,et al.  Quantum cryptography , 2001, quant-ph/0101098.

[13]  B Slutsky,et al.  Defense frontier analysis of quantum cryptographic systems. , 1998, Applied optics.

[14]  C. Elliott Building the quantum network* , 2002 .

[15]  Chip Elliott,et al.  Quantum cryptography in practice , 2003, SIGCOMM '03.

[16]  John Myers,et al.  Entropy estimates for individual attacks on the BB84 protocol for quantum key distribution , 2004, SPIE Defense + Commercial Sensing.

[17]  Alan Mink,et al.  High speed quantum communication testbed , 2002, SPIE Optics + Photonics.

[18]  Barry C. Sanders,et al.  Security Aspects of Practical Quantum Cryptography , 2000, EUROCRYPT.