Editing Device-Independent Quantum Key Distribution
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
'''Tags:''' [[:Category:Two Party Protocols|Two Party]], [[:Category:Quantum Enhanced Classical Functionality|Quantum Enhanced Classical Functionality]], [[:Category:Specific Task|Specific Task]],[[Quantum Key Distribution]], [[BB84 Quantum Key Distribution|BB84 QKD]], [[Category:Multi Party Protocols]] [[Category:Quantum Enhanced Classical Functionality]][[Category:Specific Task]][[Category:Entanglement Distribution Network | A device-independent quantum key distribution protocol implements the task of [[Quantum Key Distribution]] (QKD) without relying on any particular description of the underlying system. The protocol enables two parties, Alice and Bob, to establish a classical secret key by distributing an entangled quantum state and checking for the violation of a [[Bell inequality]] in order to certify the security. The output of the protocol is a classical secret key which is completely unknown to any third party, namely an eavesdropper. | ||
'''Tags:''' [[:Category:Two Party Protocols|Two Party]], [[:Category:Quantum Enhanced Classical Functionality|Quantum Enhanced Classical Functionality]], [[:Category:Specific Task|Specific Task]],[[Quantum Key Distribution]], [[BB84 Quantum Key Distribution|BB84 QKD]], [[Category:Multi Party Protocols]] [[Category:Quantum Enhanced Classical Functionality]][[Category:Specific Task]][[Category:Entanglement Distribution Network Stage]] | |||
==Assumptions== | ==Assumptions== | ||
* '''Network:''' we assume the existence of an authenticated public classical channel between Alice and Bob. | * '''Network:''' we assume the existence of an authenticated public classical channel between Alice and Bob. | ||
Line 15: | Line 16: | ||
* In the final phase, Alice and Bob perform [[privacy amplification]], where the not fully secure <math>n</math>-bit strings are mapped into smaller strings <math>K_A</math> and <math>K_B</math>, which represents the final keys of Alice and Bob respectively. | * In the final phase, Alice and Bob perform [[privacy amplification]], where the not fully secure <math>n</math>-bit strings are mapped into smaller strings <math>K_A</math> and <math>K_B</math>, which represents the final keys of Alice and Bob respectively. | ||
==Requirements == | ==Hardware Requirements == | ||
*'''Network Stage:''' [[:Category:Entanglement Distribution Network | *'''Network Stage:''' [[:Category: Entanglement Distribution Network Stage|Entanglement Distribution]] | ||
*'''Relevant Network Parameters:''' | *'''Relevant Network Parameters:''' <math>\epsilon_T, \epsilon_M</math> (see [[:Category: Entanglement Distribution Network Stage|Entanglement Distribution]]). | ||
*'''Benchmark values:''' | *'''Benchmark values:''' | ||
** Minimum number of rounds ranging from <math>\mathcal{O}(10^6)</math> to <math>\mathcal{O}(10^{12})</math> depending on the network parameters | ** Minimum number of rounds ranging from <math>\mathcal{O}(10^6)</math> to <math>\mathcal{O}(10^{12})</math> depending on the network parameters, for commonly used secure parameters. | ||
** <math>QBER \leq 0.071</math>, taking a depolarizing model as benchmark. Parameters satisfying <math>\epsilon_T+\epsilon_M\leq 0.071</math> are sufficient | ** <math>QBER \leq 0.071</math>, taking a depolarizing model as benchmark. Parameters satisfying <math>\epsilon_T+\epsilon_M\leq 0.071</math> are sufficient. | ||
* Distribution of Bell pairs, and measurement in three different bases (two basis on Alice's side and three basis on Bob's side). | * Distribution of Bell pairs, and measurement in three different bases (two basis on Alice's side and three basis on Bob's side). | ||
* Requires [[random number generator]]. | * Requires [[random number generator]]. | ||
==Notation== | ==Notation== | ||
* <math>n</math> expected number of rounds | * <math>n</math> expected number of rounds | ||
* <math>l</math> final key length | * <math>l</math> final key length | ||
* <math>\gamma</math> fraction of test rounds | * <math>\gamma</math> fraction of test rounds | ||
Line 44: | Line 40: | ||
* <math>\epsilon_{PA}</math> error probability of the privacy amplification protocol | * <math>\epsilon_{PA}</math> error probability of the privacy amplification protocol | ||
* <math>\mbox{leak}_{EC}</math> leakage in the error correction protocol | * <math>\mbox{leak}_{EC}</math> leakage in the error correction protocol | ||
==Properties== | ==Properties== | ||
Either the protocol (see [[Device Independent Quantum Key Distribution#Pseudocode|Pseudocode]]) aborts with probability higher than <math>1-(\epsilon_{EA}+\epsilon_{EC})</math>, or it generates a</br> | Either the protocol (see [[Device Independent Quantum Key Distribution#Pseudocode|Pseudocode]]) aborts with probability higher than <math>1-(\epsilon_{EA}+\epsilon_{EC})</math>, or it generates a</br> | ||
<math>(2\epsilon_{EC}+\epsilon_{PA}+\epsilon_s)</math>-correct-and-secret key of length | <math>(2\epsilon_{EC}+\epsilon_{PA}+\epsilon_s)</math>-correct-and-secret key of length</br> | ||
<math> | <math> | ||
\begin{align} | \begin{align} | ||
Line 63: | Line 57: | ||
*<math>\nu_1=2 \Big(\log 7 +\left\lceil\frac{|h'(\omega_{exp}+\delta_{est})|}{1-(1-\gamma)^{s_{\max}}}\right\rceil\Big)\sqrt{1-2\log\epsilon_s}</math> | *<math>\nu_1=2 \Big(\log 7 +\left\lceil\frac{|h'(\omega_{exp}+\delta_{est})|}{1-(1-\gamma)^{s_{\max}}}\right\rceil\Big)\sqrt{1-2\log\epsilon_s}</math> | ||
== | ==Pseudocode== | ||
*'''Input: '''<math> n, \delta</math></br> | *'''Input: '''<math> n, \delta</math></br> | ||
*'''Output: '''<math> K_A, K_B</math></br> | *'''Output: '''<math> K_A, K_B</math></br> | ||
Line 73: | Line 67: | ||
### Alice and Bob choose a random bit <math>T_i \in \{0,1\}</math> such that <math>P(T_i=1)=\gamma</math>. | ### Alice and Bob choose a random bit <math>T_i \in \{0,1\}</math> such that <math>P(T_i=1)=\gamma</math>. | ||
### '''If''' <math>T_i=0</math> '''then''' Alice and Bob choose inputs <math>(X_i, Y_i)=(0,2)</math>. | ### '''If''' <math>T_i=0</math> '''then''' Alice and Bob choose inputs <math>(X_i, Y_i)=(0,2)</math>. | ||
### '''Else''' they choose <math>X_i ,Y_i \in \{0,1\}</math>. | ### '''Else''' they choose <math>X_i ,Y_i \in \{0,1\}</math> (the observables for the CHSH test). | ||
### Alice and Bob use their devices with the respective inputs and record their outputs, <math>A_i</math> and <math>B_i</math> respectively. | ### Alice and Bob use their devices with the respective inputs and record their outputs, <math>A_i</math> and <math>B_i</math> respectively. | ||
### '''If''' <math>T_i=1</math> they set <math>i=s_{max}+1</math>.</br> | ### '''If''' <math>T_i=1</math> they set <math>i=s_{max}+1</math>.</br> | ||
Line 80: | Line 74: | ||
'''2.''' Error Correction | '''2.''' Error Correction | ||
''Alice and Bob apply the error correction protocol <math>EC</math> | ''Alice and Bob apply the error correction protocol <math>EC</math>, communicating script <math>O_{EC}</math> in the process. '' | ||
# '''If''' <math>EC</math> aborts, they abort the protocol | # '''If''' <math>EC</math> aborts, they abort the protocol | ||
# '''Else''' they obtain raw keys <math>\tilde{A}_1^n</math> and <math>\tilde{B}_1^n</math>. | # '''Else''' they obtain raw keys <math>\tilde{A}_1^n</math> and <math>\tilde{B}_1^n</math>. | ||
Line 88: | Line 82: | ||
#Using <math>B_1^n</math> and <math>\tilde{B}_1^n</math>, Bob sets <math>C_i</math> | #Using <math>B_1^n</math> and <math>\tilde{B}_1^n</math>, Bob sets <math>C_i</math> | ||
##'''If''' <math>T_i=1</math> and <math>A_i\oplus B_i=X_i\cdot Y_i</math> '''then''' <math>C_i=1</math> | ##'''If''' <math>T_i=1</math> and <math>A_i\oplus B_i=X_i\cdot Y_i</math> '''then''' <math>C_i=1</math> | ||
##'''If''' <math>T_i=1</math> and <math>A_i\oplus B_i | ##'''If''' <math>T_i=1</math> and <math>A_i\oplus B_i=X_i\cdot Y_i</math> '''then''' <math>C_i=0</math> | ||
## '''If''' <math>T_i= | ## '''If''' <math>T_i=1</math> and <math>A_i\oplus B_i=X_i\cdot Y_i</math> '''then''' <math>C_i=\bot</math> | ||
# | # He aborts '''If''' <math>\sum_j C_{j}<m\times (\omega_{exp}-\delta_{est})(1-(1-\gamma)^{s_{\max}})</math>, i.e., if they do not achieve the expected violation. | ||
'''4.''' Privacy amplification | '''4.''' Privacy amplification | ||
<math>PA(\cdot,\cdot)</math> ''is a privacy amplification subroutine'' | <math>PA(\cdot,\cdot)</math> ''is a privacy amplification subroutine'' | ||
# Alice and Bob run <math>PA(A_1^{n'},\tilde{B}_1^{n'})</math> and obtain secret keys <math>K_A, K_B</math>; | # Alice and Bob run <math>PA(A_1^{n'},\tilde{B}_1^{n'})</math> and obtain secret keys <math>K_A, K_B</math>; | ||
Line 105: | Line 98: | ||
#[https://www.nature.com/articles/s41467-017-02307-4 Arnon-Friedman et al. (2018)] & [https://epubs.siam.org/doi/10.1137/18M1174726 Arnon-Friedman et al. (2019)] simplify and tighten security proofs of device-independent QKD against [[coherent attacks]]. | #[https://www.nature.com/articles/s41467-017-02307-4 Arnon-Friedman et al. (2018)] & [https://epubs.siam.org/doi/10.1137/18M1174726 Arnon-Friedman et al. (2019)] simplify and tighten security proofs of device-independent QKD against [[coherent attacks]]. | ||
#[https://arxiv.org/abs/1903.10535 Tan et al. (2019)] shows that post-processing of the key using 2-way classical communication, denoted [[advantage distillation]], can increase the QBER tolerance up to <math>9.1\%</math>. | #[https://arxiv.org/abs/1903.10535 Tan et al. (2019)] shows that post-processing of the key using 2-way classical communication, denoted [[advantage distillation]], can increase the QBER tolerance up to <math>9.1\%</math>. | ||
<div style='text-align: right;'>''contributed by Gláucia Murta''</div> | <div style='text-align: right;'>''contributed by Gláucia Murta''</div> |