Security of quantum cryptography against individual attacks

An attempt to eavesdrop a quantum cryptographic channel reveals itself through errors it inevitably introduces into the transmission. We investigate the relationship between the induced error rate and the maximum amount of information the eavesdropper can extract, both in the two-state B92 and the four-state BB84 quantum cryptographic protocols, In each case, the optimal eavesdropping method that on average yields the most information for a given error rate is explicitly constructed. Analysis is limited to eavesdropping strategies where each bit of the quantum transmission is attacked individually and independently from other bits. Subject to this restriction, however, we believe that all attacks not forbidden by physical laws are included. Unlike previous work the eavesdropper's advantage is measured in terms of Renyi (rather than Shannon) information, and with respect only to bits received error-free by Bob (rather than all bits). This alters both the maximum extractable information and the optimal eavesdropping attack. The result can be used directly at the privacy amplification stage of the protocol to accomplish secure communication over a noisy channel.