Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Quantum key distribution
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Photon number splitting attack === In the BB84 protocol Alice sends quantum states to Bob using single photons. In practice many implementations use laser pulses attenuated to a very low level to send the quantum states. These laser pulses contain a very small number of photons, for example 0.2 photons per pulse, which are distributed according to a [[Poisson distribution]]. This means most pulses actually contain no photons (no pulse is sent), some pulses contain 1 photon (which is desired) and a few pulses contain 2 or more photons. If the pulse contains more than one photon, then Eve can split off the extra photons and transmit the remaining single photon to Bob. This is the basis of the photon number splitting attack,<ref>{{cite journal | last1=Brassard | first1=Gilles | last2=Lütkenhaus | first2=Norbert | last3=Mor | first3=Tal | last4=Sanders | first4=Barry C. | title=Limitations on Practical Quantum Cryptography | journal=Physical Review Letters | publisher=American Physical Society (APS) | volume=85 | issue=6 | date=2000-08-07 | issn=0031-9007 | doi=10.1103/physrevlett.85.1330 | pmid=10991544 | pages=1330–1333| arxiv=quant-ph/9911054 | bibcode=2000PhRvL..85.1330B | s2cid=18688722 }}</ref> where Eve stores these extra photons in a quantum memory until Bob detects the remaining single photon and Alice reveals the encoding basis. Eve can then measure her photons in the correct basis and obtain information on the key without introducing detectable errors. Even with the possibility of a PNS attack a secure key can still be generated, as shown in the GLLP security proof;<ref name="GLLP" /> however, a much higher amount of privacy amplification is needed reducing the secure key rate significantly (with PNS the rate scales as <math>t^2</math> as compared to <math>t</math> for a single photon sources, where <math>t</math> is the transmittance of the quantum channel). There are several solutions to this problem. The most obvious is to use a true single photon source instead of an attenuated laser. While such sources are still at a developmental stage QKD has been carried out successfully with them.<ref>{{cite journal | last1=Intallura | first1=P. M. | last2=Ward | first2=M. B. | last3=Karimov | first3=O. Z. | last4=Yuan | first4=Z. L. | last5=See | first5=P. | last6=Shields | first6=A. J. | last7=Atkinson | first7=P. | last8=Ritchie | first8=D. A. |display-authors=5| title=Quantum key distribution using a triggered quantum dot source emitting near 1.3μm | journal=Applied Physics Letters | volume=91 | issue=16 | date=2007-10-15 | issn=0003-6951 | doi=10.1063/1.2799756 | page=161103| arxiv=0710.0565 | bibcode=2007ApPhL..91p1103I | s2cid=118994015 }}</ref> However, as current sources operate at a low efficiency and frequency key rates and transmission distances are limited. Another solution is to modify the BB84 protocol, as is done for example in the [[SARG04]] protocol,<ref>{{cite journal | last1=Scarani | first1=Valerio | last2=Acín | first2=Antonio | last3=Ribordy | first3=Grégoire | last4=Gisin | first4=Nicolas | title=Quantum Cryptography Protocols Robust against Photon Number Splitting Attacks for Weak Laser Pulse Implementations | journal=Physical Review Letters | volume=92 | issue=5 | date=2004-02-06 | issn=0031-9007 | doi=10.1103/physrevlett.92.057901 | pmid=14995344 | page=057901| arxiv=quant-ph/0211131 | bibcode=2004PhRvL..92e7901S | s2cid=4791560 }}</ref> in which the secure key rate scales as <math>t^{3/2}</math>. The most promising solution is the [[decoy states]]<ref name="HwangDecoy"/><ref name="VWDecoy"/><ref name="wangDecoy"/><ref name="LoDecoy"/><ref name="PracticalDecoy"/> in which Alice randomly sends some of her laser pulses with a lower average photon number. These decoy states can be used to detect a PNS attack, as Eve has no way to tell which pulses are signal and which decoy. Using this idea the secure key rate scales as <math>t</math>, the same as for a single photon source. This idea has been implemented successfully first at the University of Toronto,<ref>{{cite journal | last1=Zhao | first1=Yi | last2=Qi | first2=Bing | last3=Ma | first3=Xiongfeng | last4=Lo | first4=Hoi-Kwong | last5=Qian | first5=Li | title=Experimental Quantum Key Distribution with Decoy States | journal=Physical Review Letters | publisher=American Physical Society (APS) | volume=96 | issue=7 | date=2006-02-22 | issn=0031-9007 | doi=10.1103/physrevlett.96.070502 | pmid=16606067 | page=070502| hdl=1807/10013 | bibcode=2006PhRvL..96g0502Z | arxiv=quant-ph/0503192 | s2cid=2564853 }}</ref><ref>Y.Zhao, B. Qi, X. Ma, H.-K. Lo, and L. Qian, in Proc. IEEE ISIT, pp. 2094–2098 (2006).</ref> and in several follow-up QKD experiments,<ref>{{cite journal | last1=Yuan | first1=Z. L. | last2=Sharpe | first2=A. W. | last3=Shields | first3=A. J. | title=Unconditionally secure one-way quantum key distribution using decoy pulses | journal=Applied Physics Letters | publisher=AIP Publishing | volume=90 | issue=1 | year=2007 | issn=0003-6951 | doi=10.1063/1.2430685 | page=011118| arxiv=quant-ph/0610015 | bibcode=2007ApPhL..90a1118Y | s2cid=20424612 }}</ref> allowing for high key rates secure against all known attacks.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)