Security proof methods for quantum key distribution protocols

In this thesis we develop practical tools for quantum key distribution (QKD) security proofs. We apply the tools to provide security proofs for several protocols, ranging from discrete variable protocols in high dimensions, protocols with realistic implementations, measurement device independent QKD and continuous-variable QKD. The security proofs are based on the Devetak-Winter security framework [31, 57]. In the key rate calculation, it is often convenient to assume that the optimal attack is symmetric. Under the assumption that the parameter estimation is based on coarsegrained observations, we show that the optimal attack is symmetric, if the protocol and the postselection have sufficient symmetries. As an example we calculate the key rates of protocols using 2, d and d+ 1 mutually unbiased bases in d-dimensional Hilbert spaces. We investigate the connection between the optimal collective eavesdropping attack and the optimal cloning attack, in which the eavesdropper employs an optimal cloner to attack the protocol. We find that, in general, it does not hold that the optimal attack is an optimal cloner. However, there are classes of protocols, for which we can identify the optimal attack by an optimal cloner. We analyze protocols with mutually unbiased bases in d dimensions, and show that for the protocols with 2 and d+ 1 mutually unbiased bases the optimal attack is an optimal cloner, but for the protocols with d mutually unbiased bases, it is not. In optical implementations of the phase-encoded BB84 protocol, the bit information is usually encoded in the phase of two consecutive photon pulses generated in a MachZehnder interferometer. In the actual experimental realization, the loss in the arms of the Mach-Zehnder interferometer is not balanced, for example because only one arm contains a lossy phase modulator. Since the imbalance changes the structure of the signals states and measurements, the BB84 security analysis no longer applies in this scenario. We provide a security proof for the unbalanced phase-encoded BB84. The loss does lower the key rate compared to a protocol without loss. However, for a realistic parameter regime, the same key rate is found by applying the original BB84 security analysis. Recently, the security of a measurement device-independent QKD setup with BB84 signal states was proven in Refs. [61, 14]. In this setup Alice and Bob send quantum states to an intermediate node, which performs the measurement, and is assumed to be controlled by Eve. We analyze the security of a measurement device-independent QKD protocol with B92 signal states, and calculate the key rates numerically for a realistic implementation. Based on our security proof we were able to prove the security of the strong reference pulse B92 protocol.

[1]  J. Cirac,et al.  De Finetti representation theorem for infinite-dimensional quantum systems and applications to quantum cryptography. , 2008, Physical review letters.

[2]  J. Skaar,et al.  Hacking commercial quantum cryptography systems by tailored bright illumination , 2010, 1008.4593.

[3]  Masato Koashi,et al.  Unconditionally secure key distribution based on two nonorthogonal states. , 2003, Physical review letters.

[4]  Hitoshi Inamori,et al.  Security of Practical Time-Reversed EPR Quantum Key Distribution , 2002, Algorithmica.

[5]  John Preskill,et al.  Secure quantum key distribution using squeezed states , 2001 .

[6]  H. Bechmann-Pasquinucci,et al.  Quantum cryptography , 2001, quant-ph/0101098.

[7]  V. Scarani,et al.  Device-independent security of quantum cryptography against collective attacks. , 2007, Physical review letters.

[8]  N. Cerf,et al.  Quantum distribution of Gaussian keys using squeezed states , 2000, quant-ph/0008058.

[9]  N. Lutkenhaus,et al.  Efficiency of coherent-state quantum cryptography in the presence of loss: Influence of realistic error correction , 2005, quant-ph/0512013.

[10]  Normand J. Beaudry,et al.  Squashing models for optical measurements in quantum communication. , 2008, Physical review letters.

[11]  Matthias Christandl,et al.  Postselection technique for quantum channels with applications to quantum cryptography. , 2008, Physical review letters.

[12]  N. Gisin,et al.  Quantum cryptography , 1998 .

[13]  Cerf,et al.  Pauli cloning of a quantum Bit , 2000, Physical review letters.

[14]  Renato Renner,et al.  Security of quantum key distribution , 2005, Ausgezeichnete Informatikdissertationen.

[15]  M. Hillery Quantum cryptography with squeezed states , 1999, quant-ph/9909006.

[16]  N. Gisin,et al.  Optimal Eavesdropping in Quantum Cryptography. I , 1997, quant-ph/9701039.

[17]  I. D. Ivonovic Geometrical description of quantal state determination , 1981 .

[18]  Nicolas Gisin,et al.  Coherent-pulse implementations of quantum cryptography protocols resistant to photon-number-splitting attacks , 2004 .

[19]  Frédéric Grosshans Collective attacks and unconditional security in continuous variable quantum key distribution. , 2005, Physical review letters.

[20]  P R Tapster,et al.  Quantum cryptography: A step towards global key distribution , 2002, Nature.

[21]  Dominic Mayers,et al.  Quantum Key Distribution and String Oblivious Transfer in Noisy Channels , 1996, CRYPTO.

[22]  Kiyoshi Tamaki,et al.  Unconditional security of the Bennett 1992 quantum key-distribution protocol over a lossy and noisy channel , 2003, quant-ph/0308048.

[23]  Stefano Pirandola,et al.  Side-channel-free quantum key distribution. , 2011, Physical review letters.

[24]  N. Lutkenhaus,et al.  Asymptotic security of binary modulated continuous-variable quantum key distribution under collective attacks , 2008, 0807.3751.

[25]  Shor,et al.  Simple proof of security of the BB84 quantum key distribution protocol , 2000, Physical review letters.

[26]  I. D. Ivanović,et al.  Unbiased projector basis over C3 , 1997 .

[27]  Gilles Brassard,et al.  Experimental Quantum Cryptography , 1990, EUROCRYPT.

[28]  Xiongfeng Ma,et al.  Decoy state quantum key distribution. , 2004, Physical review letters.

[29]  A. Winter,et al.  Distillation of secret key and entanglement from quantum states , 2003, Proceedings of the Royal Society A: Mathematical, Physical and Engineering Sciences.

[30]  H Bechmann-Pasquinucci,et al.  Quantum cryptography with 3-state systems. , 2000, Physical review letters.

[31]  M. Koashi,et al.  Unconditional security of the Bennett 1992 quantum-key-distribution scheme with a strong reference pulse , 2006, quant-ph/0607082.

[32]  Andrew Chi-Chih Yao,et al.  Quantum cryptography with imperfect apparatus , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[33]  Richard J. Hughes,et al.  Practical free-space quantum key distribution over 10 km in daylight and at night , 2002, quant-ph/0206092.

[34]  Won-Young Hwang Quantum key distribution with high loss: toward global secure communication. , 2003, Physical review letters.

[35]  T Franz,et al.  Continuous variable quantum key distribution: finite-key analysis of composable security against coherent attacks. , 2011, Physical review letters.

[36]  R. Renner,et al.  Information-theoretic security proof for quantum-key-distribution protocols , 2005, quant-ph/0502064.

[37]  Lo,et al.  Unconditional security of quantum key distribution over arbitrarily long distances , 1999, Science.

[38]  B Kraus,et al.  Lower and upper bounds on the secret-key rate for quantum key distribution protocols using one-way classical communication. , 2004, Physical review letters.

[39]  P. Raynal,et al.  Optimal unambiguous state discrimination of two density matrices: Lower bound and class of exact sol , 2005 .

[40]  M. Lewenstein,et al.  Entanglement as a precondition for secure quantum key distribution. , 2003, Physical review letters.

[41]  Varun Narasimhachar,et al.  Study of realistic devices for quantum key-distribution , 2011 .

[42]  Anders Karlsson,et al.  Security of quantum key distribution using d-level systems. , 2001, Physical review letters.

[43]  D. Bruß,et al.  Optimal eavesdropping in cryptography with three-dimensional quantum states. , 2001, Physical review letters.

[44]  Nicolas J. Cerf,et al.  Asymmetric quantum cloning in any dimension , 1998, quant-ph/9805024.

[45]  N. Lutkenhaus,et al.  Intercept-resend attacks in the Bennett-Brassard 1984 quantum-key-distribution protocol with weak coherent pulses , 2004, quant-ph/0411041.

[46]  Advanced Quantum Mechanics , 1969 .

[47]  G. Koster,et al.  The Properties of the Thirty-Two Point Groups , 1963 .

[48]  Valerio Scarani,et al.  Security proof for quantum key distribution using qudit systems , 2010, 1003.5464.

[49]  Stephen P. Boyd,et al.  Convex Optimization , 2004, Algorithms and Theory of Computation Handbook.

[50]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[51]  Thierry Paul,et al.  Quantum computation and quantum information , 2007, Mathematical Structures in Computer Science.

[52]  V. Scarani,et al.  The security of practical quantum key distribution , 2008, 0802.4155.

[53]  C. Helstrom Quantum detection and estimation theory , 1969 .

[54]  John Preskill,et al.  Security of quantum key distribution using weak coherent states with nonrandom phases , 2007, Quantum Inf. Comput..

[55]  W. Miller Symmetry groups and their applications , 1972 .

[56]  R. Renner Symmetry of large physical systems implies independence of subsystems , 2007 .

[57]  Z. Yuan,et al.  Unconditionally secure quantum key distribution over 50 km of standard telecom fibre , 2004, quant-ph/0412173.

[58]  S. Braunstein,et al.  Quantum Information with Continuous Variables , 2004, quant-ph/0410100.

[59]  Norbert Lutkenhaus,et al.  Symmetries in Quantum Key Distribution and the Connection between Optimal Attacks and Optimal Cloning , 2011, 1112.3396.

[60]  A. Acín,et al.  Security bounds for continuous variables quantum key distribution. , 2004, Physical review letters.

[61]  S. Massar,et al.  Optimal Quantum Cloning Machines , 1997, quant-ph/9705046.

[62]  Buzek,et al.  Quantum copying: Beyond the no-cloning theorem. , 1996, Physical review. A, Atomic, molecular, and optical physics.

[63]  T. Ralph,et al.  Continuous variable quantum cryptography , 1999, quant-ph/9907073.

[64]  Renato Renner,et al.  Quantum cryptography with finite resources: unconditional security bound for discrete-variable protocols with one-way postprocessing. , 2007, Physical review letters.

[65]  John Preskill,et al.  Security of quantum key distribution with imperfect devices , 2002, International Symposium onInformation Theory, 2004. ISIT 2004. Proceedings..

[66]  Hong-Wei Li,et al.  Security of practical phase-coding quantum key distribution , 2009, Quantum Inf. Comput..

[67]  Robert König,et al.  Universally Composable Privacy Amplification Against Quantum Adversaries , 2004, TCC.

[68]  H. Bechmann-Pasquinucci,et al.  Incoherent and coherent eavesdropping in the six-state protocol of quantum cryptography , 1998, quant-ph/9807041.

[69]  Nicolas J. Cerf,et al.  Asymmetric phase covariant d-dimensional cloning , 2005, Quantum Inf. Comput..

[70]  Norbert Lutkenhaus,et al.  Security proof of the unbalanced phase-encoded Bennett-Brassard 1984 protocol , 2012, 1206.6668.

[71]  G. D’Ariano,et al.  Optimal nonuniversally covariant cloning , 2001, quant-ph/0101100.

[72]  Seth Lloyd,et al.  Gaussian quantum information , 2011, 1110.3234.

[73]  Dominic Mayers,et al.  Unconditional security in quantum cryptography , 1998, JACM.

[74]  Joshua A. Slater,et al.  A quantum key distribution system immune to detector attacks , 2012 .

[75]  G. M. D'Ariano,et al.  Extremal quantum cloning machines , 2005, quant-ph/0507130.

[76]  K. Życzkowski,et al.  Geometry of Quantum States , 2007 .

[77]  P. Butler Point Group Symmetry Applications: Methods and Tables , 1981 .

[78]  J. Kowski Linear transformations which preserve trace and positive semidefiniteness of operators , 1972 .

[79]  D. Bruß Optimal Eavesdropping in Quantum Cryptography with Six States , 1998, quant-ph/9805019.

[80]  P. Oscar Boykin,et al.  A New Proof for the Existence of Mutually Unbiased Bases , 2002, Algorithmica.

[81]  M. Ruskai,et al.  Entanglement Breaking Channels , 2003, quant-ph/0302031.

[82]  H. Inamori,et al.  Unconditional security of practical quantum key distribution , 2007 .

[83]  W. Wootters,et al.  Optimal state-determination by mutually unbiased measurements , 1989 .

[84]  Matthias Christandl,et al.  One-and-a-Half Quantum de Finetti Theorems , 2007 .

[85]  Xiang‐Bin Wang,et al.  Beating the PNS attack in practical quantum cryptography , 2004 .

[86]  M. Żukowski,et al.  Security of Quantum Key Distribution with entangled Qutrits. , 2002, quant-ph/0207057.

[87]  G. Leuchs,et al.  Witnessing effective entanglement in a continuous variable prepare-and-measure setup and application to a quantum key distribution scheme using postselection , 2006, quant-ph/0603271.

[88]  M. Curty,et al.  Measurement-device-independent quantum key distribution. , 2011, Physical review letters.

[89]  Maassen,et al.  Generalized entropic uncertainty relations. , 1988, Physical review letters.

[90]  M. Koashi Unconditional security of coherent-state quantum key distribution with a strong phase-reference pulse. , 2004, Physical review letters.

[91]  Gilles Brassard,et al.  Quantum cryptography: Public key distribution and coin tossing , 2014, Theor. Comput. Sci..