Security proof methods for quantum key distribution protocols
MetadataShow full item record
In this thesis we develop practical tools for quantum key distribution (QKD) security proofs. We apply the tools to provide security proofs for several protocols, ranging from discrete variable protocols in high dimensions, protocols with realistic implementations, measurement device independent QKD and continuous-variable QKD. The security proofs are based on the Devetak-Winter security framework [I. Devetak and A. Winter, Proc. of the Roy. Soc. of London Series A, 461, 207 (2005); B. Kraus, N. Gisin, and R. Renner, Phys. Rev. Lett., 95 080501 (2005)]. In the key rate calculation, it is often convenient to assume that the optimal attack is symmetric. Under the assumption that the parameter estimation is based on coarse-grained observations, we show that the optimal attack is symmetric, if the protocol and the postselection have sufficient symmetries. As an example we calculate the key rates of protocols using 2, d and d+1 mutually unbiased bases in d-dimensional Hilbert spaces. We investigate the connection between the optimal collective eavesdropping attack and the optimal cloning attack, in which the eavesdropper employs an optimal cloner to attack the protocol. We find that, in general, it does not hold that the optimal attack is an optimal cloner. However, there are classes of protocols, for which we can identify the optimal attack by an optimal cloner. We analyze protocols with mutually unbiased bases in d dimensions, and show that for the protocols with 2 and d+1 mutually unbiased bases the optimal attack is an optimal cloner, but for the protocols with d mutually unbiased bases, it is not. In optical implementations of the phase-encoded BB84 protocol, the bit information is usually encoded in the phase of two consecutive photon pulses generated in a Mach-Zehnder interferometer. In the actual experimental realization, the loss in the arms of the Mach-Zehnder interferometer is not balanced, for example because only one arm contains a lossy phase modulator. Since the imbalance changes the structure of the signals states and measurements, the BB84 security analysis no longer applies in this scenario. We provide a security proof for the unbalanced phase-encoded BB84. The loss does lower the key rate compared to a protocol without loss. However, for a realistic parameter regime, the same key rate is found by applying the original BB84 security analysis. Recently, the security of a measurement device-independent QKD setup with BB84 signal states was proven in Refs. [H.-K. Lo, M. Curty, and B. Qi, Phys. Rev. Lett., 108 (2012); S. L. Braunstein and S. Pirandola, Phys. Rev. Lett., 108 (2012)]. In this setup Alice and Bob send quantum states to an intermediate node, which performs the measurement, and is assumed to be controlled by Eve. We analyze the security of a measurement device-independent QKD protocol with B92 signal states, and calculate the key rates numerically for a realistic implementation. Based on our security proof we were able to prove the security of the strong reference pulse B92 protocol. We analyze the security of continuous-variable protocols using the entropic uncertainty relations established in Ref. [M. Berta, M. Christandl, R. Colbeck, J. M. Renes, and R. Renner, Nature Physics 6, 659 (2010)] to provide an estimate of the key rate based on the observed first and second moments. We analyze a protocol with squeezed coherent states and the 2-state protocol with two coherent states with opposite phases.