Unconditional Security of Quantum Key Distribution over Arbitrarily Long Distances

Abstract: Quantum key distribution is widely thought to offer unconditional security in communication between two users. Unfortunately, a widely accepted proof of its security in the presence of source, device and channel noises has been missing. This long-standing problem is solved here by showing that, given fault-tolerant quantum computers, quantum key distribution over an arbitrarily long distance of a realistic noisy channel can be made unconditionally secure. The proof is reduced from a noisy quantum scheme to a n… Show more

“…The best value for r is therefore obtained by optimizing (12) over the free parameters 6 , for a given experiment.…”

“…-In (12), only S ξ (X|E) ≡ max σ ABE ∈Γε PE S(X|E b ) σ XE b depends on the protocol, and this quantity contains only the imprecision of the parameter estimation as a finite-key effect -indeed, the other three modifications due to the finite resources, listed in Section 3.1, give rise to the other terms in (12) that are independent of the protocol. Therefore, we only have to allow a deviation of the measured parameters by the quantity ξ(m, d) = 2 ln(1/ε PE )+d ln(m+1) m as defined in (6). The asymptotic version [34] S ξ=0 (X|E) = 1 − h 1 + (C/2) 2 − 1 2…”

“…Most unconditional security proofs of QKD have provided an asymptotic bound for the secret key rate r, valid only in the limit of infinitely long keys [4,5,6,7,8]. This reads in general [9] r = S(X|E) − H(X|Y ) ,…”

Security Bounds for Quantum Cryptography with Finite Resources

“…The best value for r is therefore obtained by optimizing (12) over the free parameters 6 , for a given experiment.…”

“…-In (12), only S ξ (X|E) ≡ max σ ABE ∈Γε PE S(X|E b ) σ XE b depends on the protocol, and this quantity contains only the imprecision of the parameter estimation as a finite-key effect -indeed, the other three modifications due to the finite resources, listed in Section 3.1, give rise to the other terms in (12) that are independent of the protocol. Therefore, we only have to allow a deviation of the measured parameters by the quantity ξ(m, d) = 2 ln(1/ε PE )+d ln(m+1) m as defined in (6). The asymptotic version [34] S ξ=0 (X|E) = 1 − h 1 + (C/2) 2 − 1 2…”

“…Most unconditional security proofs of QKD have provided an asymptotic bound for the secret key rate r, valid only in the limit of infinitely long keys [4,5,6,7,8]. This reads in general [9] r = S(X|E) − H(X|Y ) ,…”

Security Bounds for Quantum Cryptography with Finite Resources

“…The following statement describes the security of quantum key distribution, and there are many formal mathematical arguments for the security of QKD (e.g., [May97,LC99,GLLP04] Assumption 1: Quantum mechanics is correct. This assumption requires that any eavesdropper be bounded by the laws of quantum mechanics, although within this realm there are no further restrictions beyond the eavesdropper's inability to access the devices.…”

The Case for Quantum Key Distribution

“…She first measures both her copy E and the 'cloning machine' M in the good basis (after the chosen basis is disclosed by Alice and Bob). If the two outcomes coincide, then she knows for sure that Bob has no error (m = 0), so that the state she has is the first term on the rhs of equation (17). Otherwise, she knows Bob had an error (m > 0), and she gets one of the other terms on the rhs of equation (17).…”

Quantum key distribution using multilevel encoding: security analysis