BB84 Quantum Key Distribution: Difference between revisions

Jump to navigation Jump to search
m
Line 44: Line 44:
** requires [[synchronous network]], [[authenticated]] public classical channel, secure from [[coherent attacks]]
** requires [[synchronous network]], [[authenticated]] public classical channel, secure from [[coherent attacks]]
** implements <math>(n,\epsilon_{\rm corr},\epsilon_{\rm sec},\ell)</math>-QKD, which means that it generates an <math>\epsilon_{\rm corr}</math>-correct, <math>\epsilon_{\rm sec}</math>-secret key of length <math>\ell</math> in <math>n</math> rounds. The security parameters of this protocol are give by
** implements <math>(n,\epsilon_{\rm corr},\epsilon_{\rm sec},\ell)</math>-QKD, which means that it generates an <math>\epsilon_{\rm corr}</math>-correct, <math>\epsilon_{\rm sec}</math>-secret key of length <math>\ell</math> in <math>n</math> rounds. The security parameters of this protocol are give by
<math>\epsilon_{\rm corr}&=\epsilon_{\rm EC},</br>
<math>\epsilon_{\rm corr}=\epsilon_{\rm EC}</math></br>
\epsilon_{\rm sec}&= \epsilon_{\rm PA}+\epsilon_{\rm PE},
<math>\epsilon_{\rm sec}= \epsilon_{\rm PA}+\epsilon_{\rm PE},</math></br>
</math>
and the amount of key <math>\ell</math> that is generated is given by</br>
and the amount of key <math>\ell</math> that is generated is given by
<math>\ell\geq (1-\gamma)^2n(1-h(Q_X+\nu) -h(Q_Z))-\sqrt{(1-\gamma)^{2}n}(4\log(2\sqrt{2}+1)(\sqrt{\log\frac{2}{\epsilon_{\rm PE}^2}}+\sqrt{\log\frac{8}{{\epsilon'}_{\rm EC}^2}}))</math></br>   <math>-\log(\frac{8}{{\epsilon'}_{\rm EC}^2}+\frac{2}{2-\epsilon'_{\rm EC}})-\log (\frac{1}{\epsilon_{\rm EC}})-2\log(\frac{1}{2\epsilon_{\rm PA}})</math></br> where <math>\nu = \sqrt{\frac{(1+\gamma^2n)((1-\gamma)^2+\gamma^2)}{(1-\gamma)^2\gamma^4n^2}\log\frac{1}{\epsilon_{\rm PE}}}</math>
<math>\ell\geq & (1-\gamma)^2n \de{ 1-h(Q_X+\nu) -h(Q_Z)}</br>
&\;\;\; -\sqrt{(1-\gamma)^2n}\de{4\log\de{2\sqrt{2}+1} \de{\sqrt{\log\frac{2}{\epsilon_{\rm PE}^2}}+ \sqrt{\log \frac{8}{{\epsilon'}_{\rm EC}^2}}}}</br>
&\;\;\; -\log\de{\frac{8}{{\epsilon'}_{\rm EC}^2}+\frac{2}{2-\epsilon'_{\rm EC}} }-\log \de{\frac{1}{\epsilon_{\rm EC}}}- 2\log\de{\frac{1}{2\epsilon_{\rm PA}}}</math>
where
<math>
\nu = \sqrt{ \frac{(1+\gamma^2n)((1-\gamma)^2+\gamma^2)}{(1-\gamma)^2\gamma^4n^2}\log\de{\frac{1}{\epsilon_{\rm PE}}}}</math>
and <math>h(\cdot)</math> is the [[binary entropy function]].  
and <math>h(\cdot)</math> is the [[binary entropy function]].  


In Eq.~\eqref{eq:keylength}, the parameters $\epsilon_{\rm EC}$ and $\epsilon'_{\rm EC}$ are error probabilities of the classical error correction subroutine. At the end of the error correction step, if the protocol does not abort, then Alice and Bob share equal strings of bits with probability at least $1-\epsilon_{\rm EC}$. The parameter $\epsilon'_{\rm EC}$ is related with the completeness of the error correction subroutine, namely that for an honest implementation, the error correction protocol aborts with probability at most $\epsilon'_{\rm EC}+\epsilon_{\rm EC}$.  
In the above equation for <math>\ell</math>, the parameters <math>\epsilon_{\rm EC}</math> and <math>\epsilon'_{\rm EC}</math> are error probabilities of the classical error correction subroutine. At the end of the error correction step, if the protocol does not abort, then Alice and Bob share equal strings of bits with probability at least <math>1-\epsilon_{\rm EC}</math>. The parameter <math>\epsilon'_{\rm EC}</math> is related with the completeness of the error correction subroutine, namely that for an honest implementation, the error correction protocol aborts with probability at most <math>\epsilon'_{\rm EC}+\epsilon_{\rm EC}</math>.  
The parameter $\epsilon_{\rm PA}$ is the error probability of the privacy amplification subroutine and $\epsilon_{\rm PE}$ is the error probability of the parameter estimation subroutine used to estimate $Q_X$.  
The parameter <math>\epsilon_{\rm PA}</math> is the error probability of the privacy amplification subroutine and <math>\epsilon_{\rm PE}</math> is the error probability of the parameter estimation subroutine used to estimate <math>Q_X</math>.  
(See [[Quantum Key Distribution]] for the precise security definition)
(See [[Quantum Key Distribution]] for the precise security definition)


Write, autoreview, editor, reviewer
3,129

edits

Navigation menu