Security of quantum key distribution with iterative sifting

Several quantum key distribution (QKD) protocols employ iterative sifting. After each quantum transmission round, Alice and Bob disclose part of their setting information (including their basis choices) for the detected signals. The quantum phase of the protocol then ends when the numbers of detected signals per basis exceed certain pre-agreed threshold values. Recently, however, Pfister et al. [New J. Phys. 18 053001 (2016)] showed that iterative sifting makes QKD insecure, especially in the finite key regime, if the parameter estimation for privacy amplification uses the random sampling theory. This implies that a number of existing finite key security proofs could be flawed and cannot guarantee security. Here, we solve this serious problem by showing that the use of Azuma's inequality for parameter estimation makes QKD with iterative sifting secure again. This means that the existing protocols whose security proof employs this inequality remain secure even if they employ iterative sifting. Also, our results highlight a fundamental difference between the random sampling theorem and Azuma's inequality in proving security.

[1]  Feihu Xu,et al.  Concise security bounds for practical decoy-state quantum key distribution , 2013, 1311.7129.

[2]  Masato Koashi,et al.  Simple security proof of quantum key distribution based on complementarity , 2009 .

[3]  R. Serfling Probability Inequalities for the Sum in Sampling without Replacement , 1974 .

[4]  H. Lo,et al.  Performance of two quantum-key-distribution protocols , 2006 .

[5]  Patrick J. Coles,et al.  Sifting attacks in finite-size quantum key distribution , 2015, 1506.07502.

[6]  M. Koashi,et al.  Unconditional security of the Bennett 1992 quantum-key-distribution scheme with a strong reference pulse , 2006, quant-ph/0607082.

[7]  Larry Carter,et al.  New Hash Functions and Their Use in Authentication and Set Equality , 1981, J. Comput. Syst. Sci..

[8]  Marco Tomamichel,et al.  Tight finite-key analysis for quantum cryptography , 2011, Nature Communications.

[9]  Ericka Stricklin-Parker,et al.  Ann , 2005 .

[10]  Hoi-Kwong Lo,et al.  Efficient Quantum Key Distribution Scheme and a Proof of Its Unconditional Security , 2004, Journal of Cryptology.

[11]  J-C Boileau,et al.  Unconditional security of a three state quantum key distribution protocol. , 2004, Physical review letters.

[12]  R. Renner,et al.  Uncertainty relation for smooth entropies. , 2010, Physical review letters.

[13]  Kazuoki Azuma WEIGHTED SUMS OF CERTAIN DEPENDENT RANDOM VARIABLES , 1967 .

[14]  Marco Tomamichel,et al.  A largely self-contained and complete security proof for quantum key distribution , 2015, 1506.08458.

[15]  H. Lo,et al.  Unconditionally secure key distillation from multiphotons , 2004, quant-ph/0412035.

[16]  Akihiro Mizutani,et al.  Finite-key security analysis of quantum key distribution with imperfect light sources , 2015, 1504.08151.

[17]  Wei Cui,et al.  Finite-key analysis for measurement-device-independent quantum key distribution , 2013, Nature Communications.

[18]  Lo,et al.  Unconditional security of quantum key distribution over arbitrarily long distances , 1999, Science.

[19]  Shor,et al.  Simple proof of security of the BB84 quantum key distribution protocol , 2000, Physical review letters.

[20]  Hoi-Kwong Lo,et al.  Loss-tolerant quantum cryptography with imperfect sources , 2013, 1312.3514.

[21]  M. Hayashi,et al.  Concise and tight security analysis of the Bennett–Brassard 1984 protocol with finite key lengths , 2011, 1107.0589.