Abstract.
Some MIT researchers [Phys. Rev. A 75, 042327 (2007)] have recently claimed that their implementation of the Slutsky-Brandt attack [Phys. Rev. A 57, 2383 (1998); Phys. Rev. A 71, 042312 (2005)] to the BB84 quantum-key-distribution (QKD) protocol puts the security of this protocol “to the test” by simulating “the most powerful individual-photon attack” [Phys. Rev. A 73, 012315 (2006)]. A related unfortunate news feature by a scientific journal [G. Brumfiel, Quantum cryptography is hacked, News @ Nature (april 2007); Nature 447, 372 (2007)] has spurred some concern in the QKD community and among the general public by misinterpreting the implications of this work. The present article proves the existence of a stronger individual attack on QKD protocols with encrypted error correction, for which tight bounds are shown, and clarifies why the claims of the news feature incorrectly suggest a contradiction with the established “old-style” theory of BB84 individual attacks. The full implementation of a quantum cryptographic protocol includes a reconciliation and a privacy-amplification stage, whose choice alters in general both the maximum extractable secret and the optimal eavesdropping attack. The authors of [Phys. Rev. A 75, 042327 (2007)] are concerned only with the error-free part of the so-called sifted string, and do not consider faulty bits, which, in the version of their protocol, are discarded. When using the provably superior reconciliation approach of encrypted error correction (instead of error discard), the Slutsky-Brandt attack is no more optimal and does not “threaten” the security bound derived by Lütkenhaus [Phys. Rev. A 59, 3301 (1999)]. It is shown that the method of Slutsky and collaborators [Phys. Rev. A 57, 2383 (1998)] can be adapted to reconciliation with error correction, and that the optimal entangling probe can be explicitly found. Moreover, this attack fills Lütkenhaus bound, proving that it is tight (a fact which was not previously known).
Similar content being viewed by others
References
N. Gisin, G. Ribordy, W. Tittel, H. Zbinden, Rev. Mod. Phys. 74, 145 (2002)
M. Dušek, N. Lütkenhaus, M. Hendrych, in Quantum Cryptography, Progress in Optics, edited by E. Wolf (Elsevier, 2006), Vol. 49, Chap. 5
V. Scarani, H. Bechmann-Pasquinucci, N.J. Cerf, M. Dušek, N. Lütkenhaus, M. Peev, A framework for practical quantum cryptography, in preparation
C.H. Bennett, G. Brassard, in Proc. of IEEE International Conference on Computers, Systems, and Signal Processing, Bangalore, India, pp. 175–179 (1984)
A.K. Ekert, Phys. Rev. Lett. 67, 661 (1991)
C.H. Bennett, G. Brassard, D.N. Mermin, Phys. Rev. Lett. 68, 557 (1992)
U.M. Maurer, IEEE Trans. Inf. Theory 39 733 (1993)
C.H. Bennett, G. Brassard, C. Crépeau, U.M. Maurer, IEEE Trans. Inf. Theory 41, 1915 (1995)
H. Inamori, N. Lütkenhaus, D. Mayers, Eur. Phys. J. D 41, 599 (2007)
D. Gottesman, H.-K. Lo, N. Lütkenhaus, J. Preskill, Quantum Inform. Comput. 4, 325 (2004)
T. Kim, I.S. genannt Wersborg, F.N.C. Wong, J.H. Shapiro, Phys. Rev. A 75, 042327 (2007)
J.H. Shapiro, F.N.C. Wong, Phys. Rev. A 73, 012315 (2006)
B.A. Slutsky, R. Rao, P.-C. Sun, Y. Fainman, Phys. Rev. A 57, 2383 (1998)
H.E. Brandt, Phys. Rev. A 71, 042312 (2005)
N. Lütkenhaus, Phys. Rev. A 59, 3301 (1999)
C.E. Shannon, Bell Syst. Tech. J. 27, 379 and 623 (1948).
C.A. Fuchs, A. Peres, Phys. Rev. A 53, 2038 (1996)
C.A. Fuchs, N. Gisin, R.B. Griffiths, C.-S. Niu, A. Peres, Phys. Rev. A 56, 1163 (1997)
N. Lütkenhaus, Generalised Measurements and Quantum Cryptography, Ph.D. thesis, University of Strathclyde, Glasgow (1996)
E. Waks, A. Zeevi, Y. Yamamoto, Phys. Rev. A 65, 052310 (2002)
W.F. Stinespring, Proc. Amer. Math. Soc. 6, 211 (1955)
M.A. Neumark, Izv. Akad. Nauk. SSSR, Ser. Mat. 4, 277 (1940)
D. Bruss, Phys. Rev. Lett. 81, 3018 (1998)
L.D. Landau, E.M. Lifshitz, Quantum Mechanics. Non-relativistic Theory, Course of Theoretical Physics, 3rd edn. (Butterworth Heinemann, Oxford, 1981), Vol. 3
N. Lütkenhaus, Phys. Rev. A 54, 97 (1996)
C.W. Helstrom, Quantum Detection and Estimation Theory (Academic Press, 1976)
C.A. Fuchs, Distinguishability and Accessible Information in Quantum Theory, Ph.D. thesis, University of New Mexico (1996)
L.B. Levitin, in IEEE Intern. Symp. on Information Theory, Santa Monica, CA, USA (1981)
L.B. Levitin, in Quantum Communication and Measurement, edited by V.P. Belavkin, O. Hirota, R.L. Hudson (Plenum, New York, 1995) pp. 439–448. Proceedings of QCM94
C. Cachin, U.M. Maurer, J. Cryptol. 10, 97 (1997)
R. Jozsa, J. Mod. Opt. 41, 2315 (1994)
C.A. Fuchs, C.M. Caves, Phys. Rev. Lett. 73, 3047 (1994)
G. Brumfiel, Quantum cryptography is hacked, News @ Nature (april 2007). Online feature whose summary reads: “Simulation proves it's possible to eavesdrop on super-secure encrypted messages”
G. Brumfiel, Nature 447, 372 (2007). The editor's summary starts with: “Quantum cryptography is 100% hack-proof. Or at least it was, until the hackers got cracking. Recent simulations suggest that it is only a matter of time before a quantum-mechanical method of eavesdropping on super-secure encrypted messages is developed...”
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Herbauts, I., Bettelli, S., Hübel, H. et al. On the optimality of individual entangling-probe attacks against BB84 quantum key distribution. Eur. Phys. J. D 46, 395–406 (2008). https://doi.org/10.1140/epjd/e2008-00002-x
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1140/epjd/e2008-00002-x