Finite-key security analysis of the decoy-state BB84 QKD with passive measurement

The performance of a practical quantum key distribution (QKD) system is often limited by the multi-photon state emission of its source and the dark counts of its detectors. Here, we present two methods to improve its performance. The first method is decoy state QKD: the sender randomly sends out weak coherent states with various average photon numbers (which are named as signal state and decoy states). In [14,15], we have performed the first experimental implementation of decoy state QKD over 15km and 60km respectively, thus dramatically increasing the distance and secure key generation rate of practical QKD systems. Our work has been followed up by many research groups worldwide [16-18]. The second scheme is QKD with "dual detectors" [19]: the legitimate receiver randomly uses either a fast (but noisy) detector or a quiet (but slow) detector to measure the incoming quantum signals. The measurement results from the quiet detector can be used to upper bound the eavesdropper's information, while the measurement results from the fast detector are used to generate a secure key. We applied this idea to various QKD protocols. Simulation results demonstrated significant improvements in both BB84 protocol with ideal single photon source and Gaussian-modulated coherent states protocol.

The decoy-state quantum key distribution (QKD) protocol has been widely used in commercial QKD systems. Several QKD field networks show its practicability and commercial prospects. Importantly, practical decoy-state QKD systems should be characterized with device imperfections. In this paper, for the case without intensity fluctuations, we present the parameter estimation based on the Chernoff bound for a practical decoy-state QKD protocol and compare performances of that based on Hoeffding's inequality and the Chernoff bound, respectively. Taking intensity fluctuations into consideration, we present the finite-key analysis with composable security against general attacks based on Azuma's inequality. Our numerical results show that the finite-key analysis based on the Chernoff bound is tighter than Hoeffding's inequality when the total number of transmitting signals $N<1\ifmmode\times\else\texttimes\fi{}{10}^{12}$. Moreover, the intensity fluctuations' influence is more obvious when the data size of total transmitting signals is small. Our results emphasize the importance of the stability of the intensity modulator as well as the accurate estimation of emitted pulse's intensity.

Covert communication methods are used in the communication with high security level. When it turns to quantum communication, covertness is also an important concern which is firstly discussed by Arrazola and Scarani (Phys Rev Lett, 117:250503, 2016). To make quantum key distribution (QKD) protocol more suitable in the scenarios need high security, we propose a covert QKD protocol with decoy-state method in this paper. The secure key rate and covertness of the covert decoy-state QKD are proved. We compare the performance of the covert decoy-state QKD with those of the original decoy-state QKD and covert QKD without decoy states in numerical simulations. It shows that (1) the covert decoy-state QKD can have a performance comparable to the original decoy-state QKD protocol besides its covertness; (2) the covert decoy-state QKD can have a considerable improvement of transmission distance over covert QKD without decoy states at the cost of a small change of covertness parameter. Furthermore, the statistical fluctuation due to the finite length of data is also taken into account based on the Gaussian analysis method.

The finite-key security of the standard three-intensity decoy-state quantum key distribution (QKD) protocol in the presence of information leakage has been analyzed (Wang et al. in New J Phys 20:083027, 2018). On the other hand, the 1-decoy state QKD protocol has been proved to be able to achieve higher secret key rate than the three-intensity decoy-state QKD protocol in the finite-key regime by using only two different intensity settings (Davide et al. in Appl Phys Lett 112:171104, 2018). In this work, we analyze the finite-key security of the 1-decoy state QKD protocol with a leaky intensity modulator, which is used to generate the decoy state. In particular, we simulate the secret key rate under three practical cases of Trojan-horse attacks. Our simulation results demonstrate that the 1-decoy state QKD protocol can be secure over long distances within a reasonable time frame given that the intensity modulator is sufficiently isolated. By comparing the simulation results to those presented in Wang et al. (2018), we find that, as expected, the 1-decoy state QKD protocol is more robust against information leakage from the intensity modulator for all achievable distances.

Quantum key distribution (QKD) protocols allow for information theoretically secure distribution of (classical) cryptographic key material. However, due to practical limitations the performance of QKD implementations is somewhat restricted. For this reason, it is crucial to find optimal protocol parameters, while guaranteeing information theoretic security. The performance of a QKD implementation is determined by the tightness of the underlying security analysis. In particular, the security analyses determines the key-rate, i.e., the amount of cryptographic key material that can be distributed per time unit. Nowadays, the security analyses of various QKD protocols are well understood. It is known that optimal protocol parameters, such as the number of decoy states and their intensities, can be found by solving a nonlinear optimization problem. The complexity of this optimization problem is typically handled by making a number of heuristic assumptions. For instance, the number of decoy states is restricted to only one or two, with one of the decoy intensities set to a fixed value, and vacuum states are ignored as they are assumed to contribute only marginally to the secure key-rate. These assumptions simplify the optimization problem and reduce the size of search space significantly. However, they also cause the security analysis to be non-tight, and thereby result in sub-optimal performance. In this work, we follow a more rigorous approach using both linear and nonlinear programs describing the optimization problem. Our approach, focusing on the decoy-state BB84 protocol, allows heuristic assumptions to be omitted, and therefore results in a tighter security analysis with better protocol parameters. We show an improved performance for the decoy-state BB84 QKD protocol, demonstrating that the heuristic assumptions typically made are too restrictive. Moreover, our improved optimization frameworks shows that the complexity of the performance optimization problem can also be handled without making heuristic assumptions, even with limited computational resources available.

The decoy state quantum key distribution (QKD) protocol is proven to be an effective strategy against the photon number splitting attack. It was shown that the 1-decoy state protocol, easier to implement in the practical QKD system, outperforms the 2-decoy state protocol for block sizes of up to 108 bits. How intensity fluctuations influence the performance of the 1-decoy state protocol with finite resources remains a pending issue. In this paper, we present a finite-key analysis of the 1-decoy state protocol with intensity fluctuations and obtain the secret key rate formula about intensity fluctuations. Our numerical simulation results show that the stronger the intensity fluctuations, the lower the secret key rate for a small data block size of a few bits. Our research can provide theoretical implications for the selection of data size in the QKD system with intensity fluctuations.

Decoy state method is widely used in practical quantum key distribution (QKD) systems to substantially extend the secure communication distance. Detector efficiency mismatch (DEM), which exists between practical detectors, effects the security of practical QKD systems seriously. Security of single photon QKD with DEM has been analyzed. However, estimate of the phase error rate still remains difficult in practice. Here, using a simple equivalent detection model, the mutual information between legitimate users and the eavesdropper for single photon state in QKD with DEM is analyzed. Then we improve the security analysis to cover the situation of weak coherent QKD with DEM. A general theory of the decoy state QKD with DEM is proposed to calculate the lower bound of count rate and the upper bound of error rate of single photon state signals. The numerical simulations show that secure key can also be generated, but the existing of DEM will reduce the secure key of practical decoy state QKD systems. The experiment parameter related security bound of DEM is also given out.

Every security analysis of quantum key distribution relies on a faithful modeling of the employed quantum states. The properties of decoy state protocol based on only two decoy states and one signal state are analyzed. The performance of decoy state quantum key distribution protocol with finite resources is calculated by considering the statistical fluctuation for the yield and error rate of the quantum state. The relationship between key generation rate and transmission distance is compared by considering the data-set size to be N=108 (N=109 or N=1010 or the asymptotic case). These may provide some important parameters for the practical quantum key distribution system.

Decoy state quantum key distribution (QKD) has been proposed as a novel approach to improve dramatically both the security and the performance of practical QKD set-ups. Recently, many theoretical efforts have been made on this topic and have theoretically predicted the high performance of decoy method. However, the gap between theory and experiment remains open. In this paper, we report the first experiments on decoy state QKD, thus bridging the gap. Two protocols of decoy state QKD are implemented: one-decoy protocol over 15km of standard telecom fiber, and weak+vacuum protocol over 60km of standard telecom fiber. We implemented the decoy state method on a modified commercial QKD system. The modification we made is simply adding commercial acousto-optic modulator (AOM) on the QKD system. The AOM is used to modulate the intensity of each signal individually, thus implementing the decoy state method. As an important part of implementation, numerical simulation of our set-up is also performed. The simulation shows that standard security proofs give a zero key generation rate at the distance we perform decoy state QKD (both 15km and 60km). Therefore decoy state QKD is necessary for long distance secure communication. Our implementation shows explicitly the power and feasibility of decoy method, and brings it to our real-life.

Quantum key distribution (QKD) allows two parties to communicate in absolute security based on the fundamental laws of physics. Up till now, it is widely believed that unconditionally secure QKD based on standard Bennett-Brassard (BB84) protocol is limited in both key generation rate and distance because of imperfect devices. Here, we solve these two problems directly by presenting new protocols that are feasible with only current technology. Surprisingly, our new protocols can make fiber-based QKD unconditionally secure at distances over 100km (for some experiments, such as GYS) and increase the key generation rate from O(η2) in prior art to O(η) where η is the overall transmittance. Our method is to develop the decoy state idea (first proposed by W.-Y. Hwang in "Quantum Key Distribution with High Loss: Toward Global Secure Communication", Phys. Rev. Lett. 91, 057901 (2003)) and consider simple extensions of the BB84 protocol. This part of work is published in "Decoy State Quantum Key Distribution", . We present a general theory of the decoy state protocol and propose a decoy method based on only one signal state and two decoy states. We perform optimization on the choice of intensities of the signal state and the two decoy states. Our result shows that a decoy state protocol with only two types of decoy states—a vacuum and a weak decoy state—asymptotically approaches the theoretical limit of the most general type of decoy state protocols (with an infinite number of decoy states). We also present a one-decoy-state protocol as a special case of Vacuum+Weak decoy method. Moreover, we provide estimations on the effects of statistical fluctuations and suggest that, even for long distance (larger than 100km) QKD, our two-decoy-state protocol can be implemented with only a few hours of experimental data. In conclusion, decoy state quantum key distribution is highly practical. This part of work is published in "Practical Decoy State for Quantum Key Distribution", . We also have done the first experimental demonstration of decoy state quantum key distribution, over 15km of Telecom fibers. This part of work is published in "Experimental Decoy State Quantum Key Distribution Over 15km", .

Quantum key distribution (QKD) enables the establishment of shared keys between two distant users, Alice and Bob, based on the fundamental principles of quantum mechanics, and it has proven to possess information-theoretic security. In most of QKD systems, Alice and Bob require a shared reference frame, and real-time calibration of the reference frame increases system costs and reduces its performance. Fortunately, the reference-frame-independent QKD protocol has been proposed, overcoming reference-frame drift issues and receiving widespread attention. However, in practical QKD systems, the non-ideal characteristics of realistic devices introduce certain inconsistency between the theory and the practice. In real-world quantum key distribution systems, device imperfections can lead to security vulnerabilities, thereby reducing system security. For example, imperfections in the encoding apparatus at the source end may result in errors in the quantum states. The inherent defects in the detection part may cause after-pulse effects and dead-time effects, thus reducing the key rate. Therefore, in this work, we propose a practical state-preparation error tolerant reference-frame-independent quantum key distribution protocol by taking imperfections in both the source and the detectors into account. Moreover, a three-intensity decoy-state scheme for modeling analysis and numerical simulations is employed. In this protocol, we reduce the influence of state-preparation errors on the key rate by utilizing virtual state methods to precisely estimate the phase-error rate. Furthermore, by characterizing the effects of after-pulses and dead-time on the key rate, our protocol exhibits higher robustness and can effectively address issues related to detector imperfections. This approach can also be extended to other quantum key distribution protocols with higher security levels, such as measurement-device-independent quantum key distribution protocol and twin-field quantum key distribution, further mitigating the influence of device imperfections on practical implementation of QKD system. Therefore, our present work provide important reference value for putting the quantum key distributions into practical application.

With practical quantum key distribution (QKD) systems, estimating the safe transmission distance and the safe bit rate under some transmission distance is quite important. For the practical QKD setup, with decoy states, the photon count distribution of the faint laser pulse with signal states can be optimized to acquire the maximum transmission distance. With this goal, we implement a method combining mathematical derivation and numerical simulation to find the optimal photon count distribution under realistic conditions; the numerical simulation results show that the new distributions can be employed in the decoy QKD system to reach safe transmission distances farther than those reached by systems with the Poisson distribution.

The twin-field quantum key distribution (TF-QKD) protocol and its variants can overcome the well-known rate-loss bound without quantum repeaters, which have attracted significant attention. Generally, to ensure the security of these protocols, weak coherent states with continuous randomized phases are always assumed in the test mode. However, this assumption is difficult to meet in practice. To bridge the gap between theory and practice, we propose two alternative discrete-phase-randomized (DPR)-twin-field quantum key distribution protocols, which remove the phase sifting procedure in the code mode. Simulation results show that when compared with previous discrete-phase-randomized-twin-field quantum key distribution protocols, our modified protocols can significantly improve the secret key rate in the low channel loss range, which is very promising for practical twin-field quantum key distribution systems.

A unique quantum key distribution (QKD) protocol, called DPS (differential-phase-shift) QKD, has been proposed and developed at NTT and Osaka University, which utilizes a coherent pulse train instead of individual photons as in traditional QKD protocols such as BB84. Its security is based on the fact that every phase difference of a highly-attenuated coherent pulse train cannot be fully measured. This protocol has features of simple setup, potential for a high key creation rate, and robustness against photon-number-splitti ng attack. This paper presents recent research activities on DPS-QKD. Keywords: Quantum key distribution, coherent pulses, eavesdropping. 1. INTRODUCTION Quantum key distribution (QKD) is being studied, aiming at unconditionally secured communications, where a secret key for ciphering and deciphering a message is safely shared by two legitimate parties based on quantum mechanics. The pioneering QKD protocol, called BB84, was proposed by Bennett and Brassard in 1984, which has been mainly investigated in QKD researches since then. While BB84 is the most widespread QKD protocol, the authors proposed and have developed another type of QKD protocol, called DPS (Differential-phase-shift) QKD.

Although the unconditional security of quantum key distribution (QKD) has been widely studied, the imperfections of the practical devices leave potential loopholes for Eve to spy the final key. Thus, how to evaluate the security of QKD with realistic devices is always an interesting and opening question. In this paper, we briefly review the development of quantum hacking and security evaluation technology for a practical decoy state BB84 QKD system. The security requirement and parameters in each module (source, encoder, decoder and detector) are discussed, and the relationship between quantum hacking and security parameter are also shown.