Abstract
Device-independent quantum key distribution (DIQKD) is the art of using untrusted devices to distribute secret keys in an insecure network. It thus represents the ultimate form of cryptography, offering not only information-theoretic security against channel attacks, but also against attacks exploiting implementation loopholes. In recent years, much progress has been made towards realising the first DIQKD experiments, but current proposals are just out of reach of today’s loophole-free Bell experiments. Here, we significantly narrow the gap between the theory and practice of DIQKD with a simple variant of the original protocol based on the celebrated Clauser-Horne-Shimony-Holt (CHSH) Bell inequality. By using two randomly chosen key generating bases instead of one, we show that our protocol significantly improves over the original DIQKD protocol, enabling positive keys in the high noise regime for the first time. We also compute the finite-key security of the protocol for general attacks, showing that approximately 108–1010 measurement rounds are needed to achieve positive rates using state-of-the-art experimental parameters. Our proposed DIQKD protocol thus represents a highly promising path towards the first realisation of DIQKD in practice.
Highlights
Device-independent quantum key distribution (DIQKD) is the art of using untrusted devices to distribute secret keys in an insecure network
The basic task of DIQKD1–5 is to distribute a pair of identical secret keys between two users, called Alice and Bob, who are embedded in an untrusted network
The main advantage of DIQKD is that the measurement devices need not be characterised—Alice and Bob only need to verify that the input–output statistics of the devices violate a CHSH Bell inequality[6,7]
Summary
We note that in the original protocol introduced by Acín et al.[3], the key generating basis is predetermined and known to. Our DIQKD proposal is essentially the same as the original protocol, except that we introduce an additional measurement setting for Bob and generate the secret key from both of Alice’s measurements. In the parameter estimation step of the protocol, note that when the inputs are not uniformly distributed i.e. p ≠ 1/2, the CHSH value is to be computed in terms of the conditional probabilities P(AX, BY∣X, Y) rather than the unconditioned probabilities P(AX, BY, X, Y) directly We remark that this does not introduce a measurementdependence[26] security loophole, because the choice of inputs is still independent of the state. When the secret key is only generated from a single measurement, like in the original DIQKD protocol, Eve’s attacks are basically limited only by the observed CHSH violation and the monogamy of entanglement[30].
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
