On the optimality of individual entangling-probe attacks against BB84 quantum key distribution

被引:0
作者
I. M. Herbauts
S. Bettelli
H. Hübel
M. Peev
机构
[1] Quantum Optics,
[2] Quantum Nanophysics and Quantum Information,undefined
[3] Faculty of Physics,undefined
[4] University of Vienna,undefined
[5] Austrian Research Centers GmbH - ARC,undefined
[6] Donau-City-Straße 1,undefined
来源
The European Physical Journal D | 2008年 / 46卷
关键词
03.67.-a Quantum information; 03.67.Dd Quantum cryptography and communication security;
D O I
暂无
中图分类号
学科分类号
摘要
Some MIT researchers [Phys. Rev. A 75, 042327 (2007)] have recently claimed that their implementation of the Slutsky-Brandt attack [Phys. Rev. A 57, 2383 (1998); Phys. Rev. A 71, 042312 (2005)] to the BB84 quantum-key-distribution (QKD) protocol puts the security of this protocol “to the test” by simulating “the most powerful individual-photon attack” [Phys. Rev. A 73, 012315 (2006)]. A related unfortunate news feature by a scientific journal [G. Brumfiel, Quantum cryptography is hacked, News @ Nature (april 2007); Nature 447, 372 (2007)] has spurred some concern in the QKD community and among the general public by misinterpreting the implications of this work. The present article proves the existence of a stronger individual attack on QKD protocols with encrypted error correction, for which tight bounds are shown, and clarifies why the claims of the news feature incorrectly suggest a contradiction with the established “old-style” theory of BB84 individual attacks. The full implementation of a quantum cryptographic protocol includes a reconciliation and a privacy-amplification stage, whose choice alters in general both the maximum extractable secret and the optimal eavesdropping attack. The authors of [Phys. Rev. A 75, 042327 (2007)] are concerned only with the error-free part of the so-called sifted string, and do not consider faulty bits, which, in the version of their protocol, are discarded. When using the provably superior reconciliation approach of encrypted error correction (instead of error discard), the Slutsky-Brandt attack is no more optimal and does not “threaten” the security bound derived by Lütkenhaus [Phys. Rev. A 59, 3301 (1999)]. It is shown that the method of Slutsky and collaborators [Phys. Rev. A 57, 2383 (1998)] can be adapted to reconciliation with error correction, and that the optimal entangling probe can be explicitly found. Moreover, this attack fills Lütkenhaus bound, proving that it is tight (a fact which was not previously known).
引用
收藏
页码:395 / 406
页数:11
相关论文
共 24 条
[1]  
Gisin U.M.(2002)undefined Rev. Mod. Phys. 74 145-undefined
[2]  
Ekert undefined(1991)undefined Phys. Rev. Lett. 67 661-undefined
[3]  
Bennett undefined(1992)undefined Phys. Rev. Lett. 68 557-undefined
[4]  
Maurer undefined(1993)undefined IEEE Trans. Inf. Theory 39 733-undefined
[5]  
Bennett undefined(1995)undefined IEEE Trans. Inf. Theory 41 1915-undefined
[6]  
Inamori undefined(2007)undefined Eur. Phys. J. D 41 599-undefined
[7]  
Gottesman undefined(2004)undefined Quantum Inform. Comput. 4 325-undefined
[8]  
Kim undefined(2007)undefined Phys. Rev. A 75 042327-undefined
[9]  
Shapiro undefined(2006)undefined Phys. Rev. A 73 012315-undefined
[10]  
Slutsky undefined(1998)undefined Phys. Rev. A 57 2383-undefined
123