Receiver-device-independent quantum key distribution protocols

Abstract: We consider a receiver-device-independent (RDI) approach to quantum key distribution. Specifically, we discuss protocols for a prepare-and-measure scenario and present a detailed security analysis. The sender's (Alice's) device is partially characterized, in the sense that we assume bounds on the overlaps of the prepared quantum states. The receiver's (Bob's) device requires no characterisation and can be represented as a black-box. Our protocols are therefore robust to any attack on Bob, such as blinding atta… Show more

“…Note that the MDI approach cannot provide security in the receiver-DI scenario, as some level of trust will always be required for both honest parties. We note that a detailed comparison of our approach with previous works is given in the companion paper [39], as well as a more detailed discussion of how to justify the overlap bounds in practice.…”

“…Still, the requirements for transmission and efficiency are considerably relaxed compared to the full DI model (or the one-sided DI approach of Ref. [24]), with the additional advantage that no source of entanglement is required, as well as significantly reducing the required efficiency on Bob's side (in principle, the efficiency can be made arbitrarily low, as we show in the companion article [39]).…”

“…3) an implementation of the four-state protocol with weak coherent states encoded at a 1 GHz rate, would lead to key rates of ∼ 100 kbps at a 30 km distance. Alternatively an implementation based on polarization-encoded single photons would also be more robust to loss [39].…”

“…We now present our simplest protocol (where Alice can prepare n = 2 different states), which is similar to the B92 protocol [38]. While the presentation below fits the implementation reported later, a more abstract and general presentation of these protocols is given in the companion paper [39].…”

Receiver-Device-Independent Quantum Key Distribution

“…Note that the MDI approach cannot provide security in the receiver-DI scenario, as some level of trust will always be required for both honest parties. We note that a detailed comparison of our approach with previous works is given in the companion paper [39], as well as a more detailed discussion of how to justify the overlap bounds in practice.…”

“…Still, the requirements for transmission and efficiency are considerably relaxed compared to the full DI model (or the one-sided DI approach of Ref. [24]), with the additional advantage that no source of entanglement is required, as well as significantly reducing the required efficiency on Bob's side (in principle, the efficiency can be made arbitrarily low, as we show in the companion article [39]).…”

“…3) an implementation of the four-state protocol with weak coherent states encoded at a 1 GHz rate, would lead to key rates of ∼ 100 kbps at a 30 km distance. Alternatively an implementation based on polarization-encoded single photons would also be more robust to loss [39].…”

“…We now present our simplest protocol (where Alice can prepare n = 2 different states), which is similar to the B92 protocol [38]. While the presentation below fits the implementation reported later, a more abstract and general presentation of these protocols is given in the companion paper [39].…”

Receiver-Device-Independent Quantum Key Distribution

“…The situation where the source and one of the parties are not trusted have been considered in [21], [22]. Other recent studies consider the situation where only the receiver-device is not trusted, called receiver-deviceindependent-QKD (RDI-QKD) [23], [24]. Moving to the RDI-QKD scenario can be advantageous for situations where Bob's devices are placed in an unmonitored environment.…”

QKeyShield: A Practical Receiver-Device-Independent Entanglement-Swapping-Based Quantum Key Distribution

Demonstration of $$\mathcal{P}\mathcal{T}$$-symmetric quantum state discrimination