Device-Independent Quantum Key Distribution: Difference between revisions
No edit summary |
|||
Line 1: | Line 1: | ||
A device-independent quantum key distribution protocol implements the task of [[Quantum Key Distribution]] (QKD) without relying on any particular description of the underlying system. The protocol enables two parties, | A device-independent quantum key distribution protocol implements the task of [[Quantum Key Distribution]] (QKD) without relying on any particular description of the underlying system. The protocol enables two parties, Sender and Receiver, to establish a classical secret key by distributing an entangled quantum state and checking for the violation of a [[Bell inequality]] in order to certify the security. The output of the protocol is a classical secret key which is completely unknown to any third party, namely an eavesdropper. | ||
'''Tags:''' [[:Category:Two Party Protocols|Two Party]], [[:Category:Quantum Enhanced Classical Functionality|Quantum Enhanced Classical Functionality]], [[:Category:Specific Task|Specific Task]],[[Quantum Key Distribution]], [[BB84 Quantum Key Distribution|BB84 QKD]], [[Category:Multi Party Protocols]] [[Category:Quantum Enhanced Classical Functionality]][[Category:Specific Task]][[Category:Entanglement Distribution Network Stage]] | '''Tags:''' [[:Category:Two Party Protocols|Two Party]], [[:Category:Quantum Enhanced Classical Functionality|Quantum Enhanced Classical Functionality]], [[:Category:Specific Task|Specific Task]],[[Quantum Key Distribution]], [[BB84 Quantum Key Distribution|BB84 QKD]], [[Category:Multi Party Protocols]] [[Category:Quantum Enhanced Classical Functionality]][[Category:Specific Task]][[Category:Entanglement Distribution Network Stage]] |
Revision as of 13:52, 19 March 2019
A device-independent quantum key distribution protocol implements the task of Quantum Key Distribution (QKD) without relying on any particular description of the underlying system. The protocol enables two parties, Sender and Receiver, to establish a classical secret key by distributing an entangled quantum state and checking for the violation of a Bell inequality in order to certify the security. The output of the protocol is a classical secret key which is completely unknown to any third party, namely an eavesdropper.
Tags: Two Party, Quantum Enhanced Classical Functionality, Specific Task,Quantum Key Distribution, BB84 QKD,
Assumptions
- We assume the existence of an authenticated public classical channel between the two parties
- We assume synchronous network between parties
- We assume security from coherent attacks
Outline
A DIQKD protocol is composed by the following steps:
- Distribution: For each round of the distribution phase:
- Sender uses the source to prepare a maximally entangled state and send half of the state to Receiver.
- Upon receiving the state, Receiver announces that he received it, and they both use their respective devices to measure the quantum systems. They record their output in a string of bits.
- A second phase where Sender and Receiver publicly exchange classical information in order to perform error correction, where they correct their strings generating the raw keys, and parameter estimation, where they estimate the parameters of interest. At the end of this phase Sender and Receiver are supposed to share the same -bit string and have an estimate of how much knowledge an eavesdropper might have about their raw key.
- In the final phase, Sender and Receiver perform privacy amplification, where the not fully secure -bit strings are mapped into smaller strings and Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle K_B} , which represents the final keys of Sender and Receiver respectively.
Hardware Requirements
- Network Stage: Entanglement Distribution
- Relevant Network Parameters: (see Entanglement Distribution)
- Distribution of Bell pairs, and measurement in three different bases (two basis on Sender's side and three basis on Receiver's side).
- Minimum number of rounds ranging from to Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{O}(10^{12})} depending on the network parameters, for commonly used secure parameters.
- , taking a depolarizing model as benchmark. Parameters satisfying are sufficient.
- Authenticated classical channel.
- Random number generator.
Notations Used
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle n} expected number of rounds
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle l} final key length
- fraction of test rounds
- quantum bit error rate
- CHSH violation
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \omega_{exp}} expected winning probability on the CHSH game in an honest implementation
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \delta_{est}} width of the statistical interval for the Bell test
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \delta_{con}} confidence interval for the Bell test
- smoothing parameter
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \epsilon_{EC},\epsilon'_{EC}} error probabilities of the error correction protocol
- error probability of Bell violation estimation.
- error probability of Bell violation estimation.
- error probability of the privacy amplification protocol
- leakage in the error correction protocol
Properties
Either Protocol (see Pseudo-code) abort with probability higher than , or it generates a
-correct-and-secret key of length
Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle l\geq \frac{{n}}{\bar{s}}\eta_{opt} -\frac{{n}}{\bar{s}}h(\omega_{exp}-\delta_{est}) -\sqrt{\frac{{n}}{\bar{s}}}\nu_1 -\mbox{leak}_{EC}}
,
where is the leakage due to error correction step and the functions , , Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \nu_1}
and Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \nu_2}
are specified in below.
The security parameters of the error correction protocol, Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \epsilon_{EC}}
and , mean that if the error correction step in Protocol 1 does not abort, then Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle K_A=K_B}
with probability at least Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle 1-\epsilon_{EC}}
, and for an honest implementation, the error correction protocol aborts with probability at most Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \epsilon'_{EC}+\epsilon_{EC}}
.
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \eta_{opt}=\max_{\frac{3}{4}<\frac{{p}_t(1)}{1-(1-\gamma)^{s_{max}}}<\frac{2+\sqrt{2}}{4}} \Bigg(F_{\min}(\vec{p},\vec{p}_t)-\frac{1}{\sqrt{m}}\nu_2\Bigg)}
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \nu_2 =2 \Big(\log\Bigg(1+2\cdot 2^{s_{\max}}3}+\left\lceil \frac{d}{d{p}(1)}g(\vec{p})\big|_{\vec{p}_t}\right\rceil\Bigg)\sqrt{1-2\log \epsilon_s)}
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \nu_1=2 \Big(\log 7 +\left\lceil\frac{|h'(\omega_{exp}+\delta_{est})|}{1-(1-\gamma)^{s_{\max}}}\right\rceil\Big)\sqrt{1-2\log\epsilon_s}}
Pseudo Code
- Input:
- Output:Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle K_A, K_B}
Stage 1 Distribution and measurement
- For every block Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle j \in [m]}
- Set Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle i=0} and .
- While
- Set
- Sender and Receiver choose a random bit such that .
- If then Alice and Bob choose inputs .
- Else they choose (the observables for the CHSH test).
- Sender and Receiver use their devices with the respective inputs and record their outputs, and respectively.
- If they set .
- At this stage Sender holds strings and Receiver , all of length .
Stage 2 Error Correction
- Sender and Receiver apply the error correction protocol , communicating script in the process.
- If aborts, they abort the protocol
- Else they obtain raw keys and .
Stage 3 Parameter estimation
- Using and , Receiver sets
- If and then
- If and then
- If and then
- He aborts If
- i.e., if they do not achieve the expected violation.
Stage 4 Privacy amplification
- is a privacy amplification subroutine
- Sender and Receiver run and obtain secret keys ;