Quantum Protocol Zoo

Editing BB84 Quantum Key Distribution

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:


This [https://core.ac.uk/download/pdf/82447194.pdf example protocol] implements the task of [[Quantum Key Distribution]] (QKD). The protocol enables two parties to establish a classical secret key by preparing and measuring qubits. The output of the protocol is a classical secret key which is completely unknown to any third party, namely an eavesdropper.  
The BB84 protocol implements the task of [[Quantum Key Distribution]] (QKD). The protocol enables two parties, Sender and Receiver, to establish a classical secret key by preparing and measuring qubits. The output of the protocol is a classical secret key which is completely unknown to any third party, namely an eavesdropper.  


'''Tags:''' [[:Category:Two Party Protocols|Two Party]], [[:Category:Quantum Enhanced Classical Functionality|Quantum Enhanced Classical Functionality]], [[:Category:Specific Task|Specific Task]],[[Quantum Key Distribution]], [[Device Independent Quantum Key Distribution|Device Independent QKD]], [[Category:Multi Party Protocols]] [[Category:Quantum Enhanced Classical Functionality]][[Category:Specific Task]][[Category:Prepare and Measure Network Stage]]
'''Tags:''' [[:Category:Two Party Protocols|Two Party]], [[:Category:Quantum Enhanced Classical Functionality|Quantum Enhanced Classical Functionality]], [[:Category:Specific Task|Specific Task]],[[Quantum Key Distribution]], [[Device Independent Quantum Key Distribution|Device Independent QKD]], [[Category:Multi Party Protocols]] [[Category:Quantum Enhanced Classical Functionality]][[Category:Specific Task]][[Category:Prepare and Measure Network Stage]]
==Assumptions==
==Assumptions==
* '''Network:''' we assume the existence of an authenticated public classical channel between Alice and Bob.
* We assume the existence of an authenticated public classical channel between the two parties
* '''Timing:''' we assume that the network is synchronous.
* We assume synchronous network between parties
* '''Adversarial model:''' [[coherent attacks]].
* We assume security from [[coherent attacks]]
 
==Outline==
==Outline==
The protocol shares a classical key between two parties, Alice and Bob.
The protocol shares a classical between two parties, sender and receiver.
The BB84 quantum key distribution protocol consists of the following steps:
The BB84 quantum key distribution protocol is composed by the following steps:
*'''Distribution:''' This step involves preparation, exchange and measurement of quantum states. For each round of the distribution phase, Alice randomly chooses a basis (a pair of orthogonal states) out of two available bases (X and Z). She then randomly chooses one of the two states and prepares the corresponding quantum state in the chosen basis. She sends the prepared state to Bob. Upon receiving the state, Bob announces that he received the state and randomly chooses to measure in the either of the two available bases (X or Z). The outcomes of the measurements give Bob a string of classical bits. The two parties repeat the above procedure <math>n</math> times so that at the end of the distribution phase each of them holds an <math>n</math>-bit string.
*'''Distribution:''' This step involves preparation, exchange and measurement of quantum states. For each round of the distribution phase, Sender randomly chooses a basis (a pair of orthogonal states) out of two available bases (X and Z). She then randomly chooses one of the two states and prepares the corresponding quantum state in the chosen basis. She sends the prepared state to Receiver. Upon receiving the state, Receiver announces that he received the state and randomly chooses to measure in the either of the two available bases (X or Z). The outcomes of the measurements give Receiver a string of classical bits. The two parties repeat the above procedure <math>n</math> times so that at the end of the distribution phase each of them holds an <math>n</math>-bit string.
*'''Sifting:''' Alice and Bob publicly announce their choices of basis and compare them. They discard the rounds in which Bob measured in a different basis than the one prepared by Alice.
*'''Sifting:''' Both parties publicly announce their choices of basis and compare them. They discard the rounds in which Receiver measured in a different basis than the one prepared by Sender.
*'''Parameter estimation:'''  Alice and Bob use a fraction of the remaining rounds (in which both measured in the same basis) in order to estimate the [[quantum bit error rate]] (QBER).
*'''Parameter estimation:'''  Both parties use a fraction of the remaining rounds (in which both measured in the same basis) in order to estimate the [[quantum bit error rate]] (QBER).
*'''Error correction:''' Alice and Bob choose a classical error correcting code and publicly communicate in order to correct their string of bits. At the end of this phase Alice and Bob hold the same bit-string.
*'''Error correction:''' Both together, choose a classical error correcting code and publicly communicate in order to correct their string of bits. At the end of this phase both parties hold the same bit-string.
*'''Privacy amplification:''' Alice and Bob use an [[extractor]] on the previously established string to generate a smaller but completely secret string of bits, which is the final key.
*'''Privacy amplification:''' Both use an [[extractor]] on the previously established string to generate a smaller but completely secret string of bits, which is the final key.


==Requirements ==
==Hardware Requirements ==
*'''Network Stage:''' [[:Category:Prepare and Measure Network Stage|Prepare and Measure]]
*'''Network Stage:''' [[:Category:Prepare and Measure Network Stage|Prepare and Measure]]
*'''Relevant Network Parameters:''' transmission error <math>\epsilon_T</math>, measurement error <math>\epsilon_M</math> (see [[:Category:Prepare and Measure Network Stage|Prepare and Measure]])
*'''Relevant Network Parameters:''' <math>\epsilon_T, \epsilon_M</math> (see [[:Category:Prepare and Measure Network Stage|Prepare and Measure]])
*'''Benchmark values:'''
*'''Benchmark values:'''
**Minimum number of rounds ranging from <math>\mathcal{O}(10^2)</math> to <math>\mathcal{O}(10^5)</math> depending on the network parameters <math>\epsilon_T,\epsilon_M</math>, for commonly used security parameters.
**Minimum number of rounds ranging from <math>\mathcal{O}(10^2)</math> to <math>\mathcal{O}(10^5)</math> depending on the network parameters, for commonly used secure parameters.
**<math>QBER \leq 0.11</math>, taking a depolarizing model as benchmark. Parameters satisfying <math> \epsilon_T+\epsilon_M\leq 0.11</math> are sufficient to asymptotically get positive secret key rate.
**<math>QBER \leq 0.11</math>, taking a depolarizing model as benchmark. Parameters satisfying <math> \epsilon_T+\epsilon_M\leq 0.11</math> are sufficient.
*requires [[random number generator]].
*requires Authenticated classical channel, Random number generator.
 
==Knowledge Graph==
 
{{graph}}


==Notation==
==Notation==
*<math>n</math> number of total rounds of the protocol.
*<math>n</math> number of total rounds of the protocol.
*<math>\ell</math> size of the secret key.
*<math>\ell</math> size of the secret key.
*<math>X_i, Y_i</math> bits of input of Alice and Bob, respectively, that define the measurement basis.
*<math>X_i, Y_i</math> bits of input of Sender and Receiver, respectively, that define the measurement basis.
*<math>A_i,B_i</math> bits of output of Alice and Bob, respectively.
*<math>A_i,B_i</math> bits of output of Sender and Receiver, respectively.
*<math>Z_1^n</math> is a shorthand notation for the string <math>Z_1,\ldots, Z_n</math>.
*<math>K_A,K_B</math> final key of Sender and Receiver, respectively.
*<math>K_A,K_B</math> final key of Alice and Bob, respectively.
*<math>Q_X</math> is the quantum bit error rate QBER in the <math>X</math> basis.
*<math>Q_X</math> is the quantum bit error rate QBER in the <math>X</math> basis.
*<math>Q_Z</math> is the quantum bit error rate QBER in the <math>Z</math> basis estimated prior to the protocol.
*<math>Q_Z</math> is the quantum bit error rate QBER in the <math>Z</math> basis estimated prior to the protocol.
*<math>H</math> is the Hadamard gate. <math>H^{0} = I, H^{1} = H</math>.
*<math>H</math> is the Hadamard gate. <math>H^{0} = I, H^{1} = H</math>.
*<math>\gamma</math> is the probability that Alice (Bob) prepares (measures) a qubit in the <math>X</math> basis.
*<math>\gamma</math> is the probability that Sender (Receiver) prepares (measures) a qubit in the <math>X</math> basis.
*<math>\epsilon_{\rm EC}</math>, <math>\epsilon'_{\rm EC}</math> are the error probabilities of the error correction protocol.
*<math>\epsilon_{\rm EC}</math>, <math>\epsilon'_{\rm EC}</math> are the error probabilities of the error correction protocol.
*<math>\epsilon_{\rm PA}</math> is the error probability of the privacy amplification protocol.
*<math>\epsilon_{\rm PA}</math> is the error probability of the privacy amplification protocol.
Line 45: Line 39:


==Properties==
==Properties==
The protocol implements <math>(n,\epsilon_{\rm corr},\epsilon_{\rm sec},\ell)</math>-QKD, which means that it generates an <math>\epsilon_{\rm corr}</math>-correct, <math>\epsilon_{\rm sec}</math>-secret key of length <math>\ell</math> in <math>n</math> rounds. The security parameters of this protocol are given by
'''The protocol-'''
<math>\epsilon_{\rm corr}=\epsilon_{\rm EC},\
**is Information-theoretically secure
** requires [[synchronous network]], [[authenticated]] public classical channel, secure from [[coherent attacks]]
** implements <math>(n,\epsilon_{\rm corr},\epsilon_{\rm sec},\ell)</math>-QKD, which means that it generates an <math>\epsilon_{\rm corr}</math>-correct, <math>\epsilon_{\rm sec}</math>-secret key of length <math>\ell</math> in <math>n</math> rounds. The security parameters of this protocol are give by
<math>\epsilon_{\rm corr}=\epsilon_{\rm EC},</br>
\epsilon_{\rm sec}= \epsilon_{\rm PA}+\epsilon_{\rm PE},</math>
\epsilon_{\rm sec}= \epsilon_{\rm PA}+\epsilon_{\rm PE},</math>
and the amount of key <math>\ell</math> that is generated is given by</br>
and the amount of key <math>\ell</math> that is generated is given by</br>
<math> \begin{align}
<math>\ell\geq (1-\gamma)^2n (1-h(Q_X+\nu) -h(Q_Z))</math></br><math>-\sqrt{(1-\gamma)^2n}\big(4\log(2\sqrt{2}+1)(\sqrt{\log\frac{2}{\epsilon_{\rm PE}^2}}+ \sqrt{\log \frac{8}{{\epsilon'}_{\rm EC}^2}}))</math></br>
\ell \geq & (1-\gamma)^2n (1-h(Q_X+\nu) -h(Q_Z)) \\ &-\sqrt{(1-\gamma)^2n}\big(4\log(2\sqrt{2}+1)(\sqrt{\log\frac{2}{\epsilon_{\rm PE}^2}}+ \sqrt{\log \frac{8}{{\epsilon'}_{\rm EC}^2}})) \\& -\log(\frac{8}{{\epsilon'}_{\rm EC}^2}+\frac{2}{2-\epsilon'_{\rm EC}})-\log (\frac{1}{\epsilon_{\rm EC}})- 2\log(\frac{1}{2\epsilon_{\rm PA}})  
<math>-\log(\frac{8}{{\epsilon'}_{\rm EC}^2}+\frac{2}{2-\epsilon'_{\rm EC}})-\log (\frac{1}{\epsilon_{\rm EC}})- 2\log(\frac{1}{2\epsilon_{\rm PA}})</math></br>where<math>\nu = \sqrt{ \frac{(1+\gamma^2n)((1-\gamma)^2+\gamma^2)}{(1-\gamma)^2\gamma^4n^2}\log(\frac{1}{\epsilon_{\rm PE}}})</math>
\end{align}
</math>  
</br>where <math>\nu = \sqrt{ \frac{(1+\gamma^2n)((1-\gamma)^2+\gamma^2)}{(1-\gamma)^2\gamma^4n^2}\log(\frac{1}{\epsilon_{\rm PE}}})</math>
and <math>h(\cdot)</math> is the [[binary entropy function]].  
and <math>h(\cdot)</math> is the [[binary entropy function]].  


In the above equation for key length, the parameters <math>\epsilon_{\rm EC}</math> and <math>\epsilon'_{\rm EC}</math> are error probabilities of the classical error correction subroutine. At the end of the error correction step, if the protocol does not abort, then Alice and Bob share equal strings of bits with probability at least <math>1-\epsilon_{\rm EC}</math>. The parameter <math>\epsilon'_{\rm EC}</math> is related with the completeness of the error correction subroutine, namely that for an honest implementation, the error correction protocol aborts with probability at most <math>\epsilon'_{\rm EC}+\epsilon_{\rm EC}</math>.  
In the above equation for key length, the parameters <math>\epsilon_{\rm EC}</math> and <math>\epsilon'_{\rm EC}</math> are error probabilities of the classical error correction subroutine. At the end of the error correction step, if the protocol does not abort, then Sender and Receiver share equal strings of bits with probability at least <math>1-\epsilon_{\rm EC}</math>. The parameter <math>\epsilon'_{\rm EC}</math> is related with the completeness of the error correction subroutine, namely that for an honest implementation, the error correction protocol aborts with probability at most <math>\epsilon'_{\rm EC}+\epsilon_{\rm EC}</math>.  
The parameter <math>\epsilon_{\rm PA}</math> is the error probability of the privacy amplification subroutine and <math>\epsilon_{\rm PE}</math> is the error probability of the parameter estimation subroutine used to estimate <math>Q_X</math>  
The parameter <math>\epsilon_{\rm PA}</math> is the error probability of the privacy amplification subroutine and <math>\epsilon_{\rm PE}</math> is the error probability of the parameter estimation subroutine used to estimate <math>Q_X</math>.
(see [[Quantum Key Distribution]] for the precise security definition).
(See [[Quantum Key Distribution]] for the precise security definition)


==Protocol Description==
==Pseudo Code==
*'''Input:'''<math>n, \gamma, \epsilon_{\rm PA},\epsilon_{\rm PE},\epsilon_{\rm EC},\epsilon'_{\rm EC},Q_Z</math>
*'''Input:'''<math>n, \gamma, \epsilon_{\rm PA},\epsilon_{\rm PE},\epsilon_{\rm EC},\epsilon'_{\rm EC},Q_Z</math>
*'''Output:'''<math>K_A, K_B</math>
*'''Output:'''<math>K_A, K_B</math>
'''1.''' Distribution and measurement
<u>'''Stage 1'''</u> Distribution and measurement
#For <math>i=1,...,n</math>
#For i=1,2,...,n
##  Alice chooses random bits <math>X_i\in\{0,1\}</math> and <math>A_i\in_R\{0,1\}</math> such that <math>P(X_i=1)=\gamma</math>
##  Sender chooses random bits <math>X_i\epsilon\{0,1\}</math> and <math>A_i\epsilon_R\{0,1\}</math> such that <math>P(X_i=1)=\gamma</math>
##  Alice prepares <math>H^{X_i}|A_i\rangle</math> and sends it to Bob
##  Sender prepares <math>H^{X_i}|A_i\rangle</math> and sends it to Receiver
##  Bob announces receiving a state
##  Receiver announces receiving a state
##  Bob chooses bit <math>Y_i\in_R\{0,1\}</math> such that <math>P(Y_i=1)=\gamma</math>
##  Receiver chooses bit <math>Y_i\in_R\{0,1\}</math> such that <math>P(Y_i=1)=\gamma</math>
##  Bob measures <math>H^{X_i}|A_i\rangle</math> in basis <math>\{H^{Y_i}|0\rangle, H^{Y_i}|1\rangle\}</math> with outcome <math>B_i</math>
##  Receiver measures <math>H^{X_i}|A_i\rangle</math> in basis <math>\{H^{Y_i}|0\rangle, H^{Y_i}|1\rangle\}</math> with outcome <math>B_i</math>
''At this stage Alice holds strings <math>X_1^n, A_1^n</math> and Bob <math>Y_1^n, B_1^n</math>, all of length <math>n</math>.''
 
 
*At this stage Sender holds strings <math>X_1^n, A_1^n</math> and Receiver <math>Y_1^n, B_1^n</math>, all of length <math>n</math>
'''2.''' Sifting   
<u>'''Stage 2'''</u> Sifting   
#Alice and Bob publicly announce <math>X_1^n, Y_1^n</math>
#Alice and Bob publicly announce <math>X_1^n, Y_1^n</math>
#For <math>i=1,...,n</math>
#For i=1,2,....,n
## If <math>X_i=Y_i</math>
## If <math>X_i=Y_i</math>
### <math>A_1^{n'} = A_1^{n'}.</math>append<math>(A_i)</math>
### <math>A_1^{n'} = A_1^{n'}.</math>append</math>(A_i)</math>
### <math>B_1^{n'} = B_1^{n'}.</math>append<math>(B_i)</math>
### <math>B_1^{n'} = B_1^{n'}.</math>append<math>(B_i)</math>
### <math>X_1^{n'} = X_1^{n'}.</math>append<math>(X_i)</math>
### <math>X_1^{n'} = X_1^{n'}.</math>append<math>(X_i)</math>
### <math>Y_1^{n'} = Y_1^{n'}.</math>append<math>(Y_i)</math>
### <math>Y_1^{n'} = Y_1^{n'}.</math>append<math>(Y_i)</math>
''Now Alice holds strings <math>X_1^{n'}, A_1^{n'}</math> and Bob <math>Y_1^{n'}, B_1^{n'}</math>, all of length <math>n'\leq n</math>.''  
*Now Sender holds strings <math>X_1^{n'}, A_1^{n'}</math> and Receiver <math>Y_1^{n'}, B_1^{n'}</math>, all of length <math>n'\leq n</math>
<u>'''Stage 3'''</u> Parameter estimation
#For <math>i=1,...,n</math>
## size<math>Q</math> = 0
## If{<math>X_i = Y_i = 1</math>
### Sender and Receiver publicly announce <math>A_i, B_i</math>
### Sender and Receiver compute <math>Q_i = 1 - \delta_{A_iB_i}</math>, where <math>\delta_{A_iB_i}</math> is the Kronecker delta
## size<math>Q</math> += 1\;


'''3.''' Parameter estimation
*Both Sender and Receiver, each, compute <math>Q_X = \frac{1}{\text{size}Q} \sum_{i=1}^{n'}Q_i</math></br>
# Set size<math>Q</math> = 0
<u>'''Stage 4'''</u> Error correction
#For <math>i=1,...,n'</math>
*''<math>C(\cdot,\cdot)</math> is an error correction subroutine determined by the previously estimated value of <math>Q_Z</math> and with error parameters  <math>\epsilon'_{\rm EC}</math> and <math>\epsilon_{\rm EC}</math>
## If <math>X_i = Y_i = 1</math>
#Both Sender and Receiver run <math>C(A_1^{n'},B_1^{n'})</math>''.  
### Alice and Bob publicly announce <math>A_i, B_i</math>
#Receiver obtains <math>\tilde{B}_1^{n'}</math>
### Alice and Bob compute <math>Q_i = 1 - \delta_{A_iB_i}</math>, where <math>\delta_{A_iB_i}</math> is the Kronecker delta
<u>'''Stage 5'''</u> Privacy amplification
## size<math>Q</math> += 1;
*''<math>PA(\cdot,\cdot)</math> is a privacy amplification subroutine determined by the size <math>\ell</math>, computed from equation for key length <math>\ell</math> (see [[Quantum Key Distribution#Properties|Properties]]), and  with secrecy parameter <math>\epsilon_{\rm PA}</math>''
#Both Alice and Bob, each, compute <math>Q_X = \frac{1}{\text{size}Q} \sum_{i=1}^{n'}Q_i</math></br>
#Sender and Receiver run <math>PA(A_1^{n'},\tilde{B}_1^{n'})</math> and obtain secret keys <math>K_A, K_B</math>\;
'''4.''' Error correction
 
''<math>C(\cdot,\cdot)</math> is an error correction subroutine (see [[BB84 Quantum Key Distribution #References| [9]]]) determined by the previously estimated value of <math>Q_Z</math> and with error parameters  <math>\epsilon'_{\rm EC}</math> and <math>\epsilon_{\rm EC}</math>
#Both Alice and Bob run <math>C(A_1^{n'},B_1^{n'})</math>''.  
#Bob obtains <math>\tilde{B}_1^{n'}</math>
'''5.''' Privacy amplification
 
''<math>PA(\cdot,\cdot)</math> is a privacy amplification subroutine (see [[BB84 Quantum Key Distribution #References| [10]]]) determined by the size <math>\ell</math>, computed from equation for key length <math>\ell</math> (see [[Quantum Key Distribution#Properties|Properties]]), and  with secrecy parameter <math>\epsilon_{\rm PA}</math>''
#Alice and Bob run <math>PA(A_1^{n'},\tilde{B}_1^{n'})</math> and obtain secret keys <math>K_A, K_B</math>;
 
==Simulation and benchmark==
A simulation code for benchmarking the QKD protocol is available [https://github.com/LiaoChinTe/netsquid-simulation/tree/main/QKD/BB84 here].
Hardware parameter analysis can be found in the following [https://cloud.veriqloud.fr/index.php/s/iiw1SxU4D22FyQ7 preprint]


==Further Information==
==Further Information==
Line 110: Line 98:
# Sifting: the BB84 protocol can also be described in a symmetric way. This means that the inputs <math>0</math> and <math>1</math> are chosen with the same probability. In that case only <math>1/2</math> of the generated bits are discarded during the sifting process. Indeed, in the symmetric protocol, Alice and Bob measure in the same basis in about half of the rounds.  
# Sifting: the BB84 protocol can also be described in a symmetric way. This means that the inputs <math>0</math> and <math>1</math> are chosen with the same probability. In that case only <math>1/2</math> of the generated bits are discarded during the sifting process. Indeed, in the symmetric protocol, Alice and Bob measure in the same basis in about half of the rounds.  
# [https://dl.acm.org/citation.cfm?id=1058094 LCA05] the asymmetric protocol was introduced to make this more efficient protocol presented in this article.
# [https://dl.acm.org/citation.cfm?id=1058094 LCA05] the asymmetric protocol was introduced to make this more efficient protocol presented in this article.
# A post-processing of the key using 2-way classical communication, denoted [[Advantage distillation]], can increase the QBER tolerance up to <math>18.9\%</math> (3).
# A post-processing of the key using 2-way classical communication, denoted [[Advantage distillation]], can increase the QBER tolarance up to <math>18.9\%</math> (3).
# We remark that in [[BB84 Quantum Key Distribution#Pseudo Code|Pseudo Code]], the QBER in the <math>Z</math> basis is not estimated during the protocol. Instead Alice and Bob make use of a previous estimate for the value of <math>Q_Z</math> and the error correction step, Step 4 in the pseudo-code, will make sure that this estimation is correct. Indeed, if the real QBER is higher than the estimated value <math>Q_Z</math>, [[BB84 Quantum Key Distribution#Pseudo Code|Pseudo Code]] will abort in the Step 4 with very high probability.
# We remark that in [[BB84 Quantum Key Distribution#Pseudo Code|Pseudo Code]], the QBER in the <math>Z</math> basis is not estimated during the protocol. Instead Alice and Bob make use of a previous estimate for the value of <math>Q_Z</math> and the error correction step, Step 4 in the pseudo-code, will make sure that this estimation is correct. Indeed, if the real QBER is higher than the estimated value <math>Q_Z</math>, [[BB84 Quantum Key Distribution#Pseudo Code|Pseudo Code]] will abort in the Step 4 with very high probability.
# The BB84 can be equivalently implemented by distributing [[EPR pairs]] and Alice and Bob making measurements in the <math>Z</math> and <math>X</math> basis, however this required a [[entanglement distribution]] network stage.
# The BB84 can be equivalently implemented by distributing [[EPR pairs]] and Alice and Bob making measurements in the <math>Z</math> and <math>X</math> basis, however this required a [[entanglement distribution]] network stage.
#[https://doi.org/10.1007/3-540-48285-7_35 Secret-Key Reconciliation by Public Discussion]
 
#[https://arxiv.org/abs/quant-ph/0512258 Security of Quantum Key Distribution]
 


<div style='text-align: right;'>''contributed by Bas Dirke, Victoria Lipinska, Gláucia Murta and Jérémy Ribeiro''</div>
<div style='text-align: right;'>''contributed by Bas Dirke, Victoria Lipinska, Gláucia Murta and Jérémy Ribeiro''</div>
Please note that all contributions to Quantum Protocol Zoo may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see Quantum Protocol Zoo:Copyrights for details). Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following CAPTCHA:

Cancel Editing help (opens in new window)

Template used on this page:

Retrieved from "https://wiki.veriqloud.fr/index.php?title=BB84_Quantum_Key_Distribution"