Quantum Cryptography by Federico Grasselli

Author:Federico Grasselli
Language: eng
Format: epub
ISBN: 9783030643607
Publisher: Springer International Publishing

(5.12)

where and are the gain and QBER of the signal state, while () is a lower bound on the probability that Alice sent 0 (1) photon and Bob had a detection event, given that Alice sent a signal state: and .

Finally, we mention that the key rate could be optimized by using the decoy-state rounds in the Z basis even for key generation [8].

5.3 Introduction to Measurement-device-independent QKD

The security proof of the general QKD protocol presented in Sect. 3.​3 is based on the assumption that the measurement devices held by the parties are trusted, while the source of quantum states can be untrusted. Indeed, we assume that Eve distributes uncharacterised quantum states, on which the parties perform characterised measurements2 (e.g., in the Z or X basis). All the information that Eve can gain on the measurement outcomes comes from her quantum side information E (apart from the information leaked in the classical public channel).

However, measurement detectors can suffer from imperfections causing them to operate differently from their theoretical models used to prove security. Eve could exploit such imperfections to launch powerful eavesdropping attacks [10–12] that go under the name of detector side channels. An example is the detector blinding attack [11], where Eve first sends bright light to Bob’s single-photon detectors to “blind” them and make them operate in linear-mode. This means that his detectors are now unable to detect single photons and produce a click only above a certain intensity threshold. Eve then sends tailored light pulses to Bob which yield a click only when Bob chooses the same basis in which Eve prepared the pulse. Hence Eve knows the outcome of each detection observed by Bob, without introducing noticeable disturbance.

Measurement-device-independent QKD (MDI-QKD) [13, 14] provides a solution which removes all possible detector side channels with a new QKD paradigm. Here, the honest parties send quantum signals to an intermediate relay which applies some measurement and publicly announces the outcome. The founding idea is to remove all trust from the measurement apparatus, which can be operated by Eve, and place it on the sources, held by Alice and Bob. Typically, QKD sources are attenuated lasers which can be easily characterized in a controlled environment such as Alice’s and Bob’s laboratories. Note that this scenario is opposite to the previous one, where the source was untrusted and the measurement devices were trusted.

Despite the fact that Eve has potentially full control on the relay and on the connecting quantum channels, Alice and Bob can still establish a secret key. This is possible if the measurement outcome publicly announced by the relay, in an honest implementation, is informative for Alice and Bob but is not informative—i.e. it does not reveal information on the key—for anyone else, including Eve.

To make things more concrete, let us consider an idealized MDI-QKD protocol [15] where Alice and Bob independently encode their bits in the rectilinear or diagonal polarization of single-photon states, represented by the bases and (with ), respectively. The quantum signals are then sent to the relay.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.