SSecurity against jamming and noise exclusion in imaging
Wojciech Roga and John Jeffers ∗ SUPA, Department of Physics, University of Strathclyde, John Anderson Building, 107 Rottenrow,Glasgow G4 0NG, UK
October 20, 2018
Abstract
We describe a protocol by which an imaging system could be protected against jamming by a malevolent party.Our protocol not only allows recognition of the jamming, but also allows for the recovery of the true image fromthe jammed one. We apply the method to jamming of quantum ghost imaging, for which the jamming detectionprobability is increased when the imaging light is entangled. The method can also be used to provide image recoveryin general noisy environments.
Image security is a challenge that arises when spatial information about an object is transferred to and imaged by adevice at a remote location. It is more important when receiving particular images implies related actions. Securitycannot normally be guaranteed along the entire path between the source of light and the detectors. Imagine a situationin which an intruder places a false object in front of the real one, or alternatively changes the path of a beam to directit via a false object. There is no protection from such tampering. Thus when we simply point a camera we can not besure whether or not the light received bears any relation to any real object. Someone may simply send us the imagethat they want us to see. Of course we can provide more confidence by controlling of the source of radiation as well asthe detector, as is done in radar or lidar systems, but the fundamental point is that imaging is insecure.Quantum protocols have been applied to imaging and communication, providing several advantages [1, 2, 3, 4, 5, 6].Among them are detection of imaging jamming and appropriate protection [7, 8]. In communication situations we canuse encryption to safeguard information in transit. This typically relies on secure key-sharing protocols, an exampleof which is quantum key distribution [9, 10, 11, 12]. When this procedure succeeds two parties share a secrete keyand only limited private information can leak to an eavesdropper. In imaging, however, the privacy condition is notnormally crucial. We simply care that the image received exactly corresponds to the object. This is an example ofpublic communication in which we stress the correctness of the message or image instead of its privacy. We facenot an eavesdropper but an active intruder, who may already know the object and, instead, wants to jam the imagingprotocol, changing information and consequently perhaps a strategic decision.As already stated, there is no secure protection from an intruder who uses a false object or a false beam path. It may,however, be difficult for the intruder to perform such jamming both efficiently and undetectably. Thus we investigatea weaker jamming procedure in which some of the light from a trusted source of illumination is intercepted by theintruder and replaced by light from their independent source [13, 14, 15]. As the party who prepares states of light hasnaturally more information about the states than it is possible to extract from a measurement, the legitimate imager hasan informational advantage over the intruder. This advantage can be a source of imaging security as we show in thispaper.The paper is organised as follows. In Sec. 2, we analyse the general image security scenario and provide a universaldescription of intruder detection and correct image recovery. Our protocol applies to both deliberate jamming and toimage noise. In Sec. 3, we define a quantitative criterion for image comparison that enables us to estimate theprobability that we detect jamming and a false alarm probability. In Sec. 4, we propose an arrangement of ghostimaging [1, 16, 19, 17, 18] protected against such jamming by using both classical and quantum-correlated light.Here, we show an advantage of using the quantum-correlated light and demonstrate the recovery protocol. Finally,concluding remarks and possible extensions of these work are discussed in Sec. 5. ∗ Corresponding author: [email protected] a r X i v : . [ qu a n t - ph ] S e p Universal intrusion detection and image recovery protocol
Let us start with a general description of imaging protected by a security system that allows us to both detect thepresence of an intruder and to counter the effect of jamming. We note at the outset that there is nothing specificallyquantum about our procedure. It can be performed with classical light. There can sometimes be advantages, however,to using certain types of quantum state.We assume that states of light ρ ( x , κ ) used to image an object are characterized by spatial coordinates x describingthe coordinates of light during the procedure together with another degree of freedom κ that is used to detect intrusionand recover the image. In this paper κ denotes a polarisation state, however all the results could apply to otherdegrees of freedom. Suppose that states produced by a trusted source interact with an object and therefore carryinformation about it. These states are denoted ρ j ( x , κ ) , where j indicates that the legitimate imager can choose froma set containing more than one state of light for imaging. Indeed, this diversification is crucial to the protocol.An intruder intercepts a fraction r of the light and resends their own photons in state ρ E ( x , κ (cid:48) ) . Superscript E refers to an intruder or jammer or simply a noisy environment that introduces errors. We assume that the state selectedby the intruder does not depend on the choice of j made randomly by the imagers and is, at least on average, constantin time. This is a reasonable assumption because in imaging the dynamics of the process is not typically relevant.We will discuss this condition further in the context of particular implementations. In the final part of the paper wecomment on the situation in which it is partially relaxed, i.e. the state of the intruder changes in time in such a waythat a partial correlation between ρ E ( x , κ (cid:48) ) and j is established.The intrusion detection and image recovery arrangement contains a set of polarisation analysers. The analysingsystem induces the detectors to make a measurement of κ by filtering, characterised by a set of parameters { θ i } , whichin our case denotes the set of angles of different polarisers. We consider a general situation of multi-photon coincidenceimaging with n photons involved in which i = 1 , ..., n . A spatial distribution of intensities in an image is proportionalto probabilities corresponding to an n -photon polarisation state ρ = ρ ( x , κ ) which depend on the analyser angles θ i and are given by P ( { θ i } , ρ ) = (cid:16) (cid:104) a ( θ ) | ⊗ ... ⊗ (cid:104) a ( θ n ) | (cid:17) ρ (cid:16) | a ( θ ) (cid:105) ⊗ ... ⊗ | a ( θ n ) (cid:105) (cid:17) . (1)This is a probability if ρ is a state with exactly n-photons, otherwise it is an expectation value. Here, for a singleanalyser and fixed basis of horizontal-vertical polarisations, | a ( θ i ) (cid:105) = cos θ i | ↔(cid:105) + sin θ i | (cid:108)(cid:105) . The state of the entiresystem, before any action of the analysers can be written as (1 − r ) ρ j + rρ E . The intensity distributions of images areproportional to (1 − r ) P ( { θ i } , ρ j ) + rP (cid:0) { θ i } , ρ E (cid:1) . (2)Here several images indexed by j and i are obtained. If the intensity dependence of the received images correspondsto the distribution P ( { θ i } , ρ j ) , which is known only to the imager, then we can infer that there is no intrusion. If not,intrusion is detected and, if it is only partial ( r < ), the correct image can be recovered, as we now show.As an example assume that imager uses two different states of polarisation, so j = 1 , . The contribution of theintruder ρ E does not depend on j so the detected images (1 − r ) P ( { θ i } , ρ )+ rP (cid:0) { θ i } , ρ E (cid:1) and (1 − r ) P ( { θ i } , ρ )+ rP (cid:0) { θ i } , ρ E (cid:1) have the same contribution to the image induced by the intruder. If the contribution from P ( { θ i } , ρ ) is different to the contribution from P ( { θ i } , ρ ) the absolute value of the difference between the two images for any i eliminates any incorrect part of the image while merely attenuating any correct part because the difference of theimages is taken. This procedure allows us to distill a correct, although attenuated, image of the investigated object. An essential part of the detection protocol is based on the ability of legitimate imagers to distinguish between imagesformed by two kinds of state characterised by different polarisation degrees of freedom. In order to compare imagesquantitatively we define a state dependent visibility V that for given pair of polarisation states ρ and ρ and for a givenset of analyser orientation angles { θ i } is given by V ( ρ , ρ , { θ i } ) = | P − P | P + P , (3)where P and P are photon detection probabilities for states ρ and ρ respectively as in (1). Although, for brevity,we omit the arguments of P j in our notation, we assume that P j = P j ( { θ i } , ρ j ) i.e. P j is defined for a specific state2nd for a chosen set of analyser angles. Notice that for ρ = ρ the state dependent visibility vanishes, showing thatthe images are identical. If, instead, for two different states V (cid:54) = 0 it means that intensity distributions of two imagesare different.As the legitimate imagers know both the states used and the analyser orientations in ideal conditions withoutintrusion they expect to observe images of a particular state dependent visibility. Any noise or intrusion will reducethe observed visibility.The measured and expected visibilities provide data for hypotheses testing based on the likelihood ratio test [20,13]. Our null hypothesis H assumes no intruder while the alternative hypothesis H assumes the presence of intercept-resend jamming. We must also account for real devices having some level of noise. Let us assume that the measuredvisibilities are associated with the Gaussian noise of variance σ and test the hypotheses based on the likelihood ratio testwith prior probabilities . (and the test threshold λ = 1 ). Visibilities related to the two hypotheses are the following:for H we have s = V + N and for H , s = V + N where V and V are the average values of the visibilities and N is the Gaussian noise with variance σ . In the log-likelihood ratio test we decide that H occurs if (cid:88) i ˜ s i < ln λd + d , (4)where ˜ s i = s i / ( σ √ M ) , and M is a number of trials which we will assume to be 1. Here d = √ M ( V − V ) /σ . Acorresponding inequality to Ineq. (4) convinces us to accept H . The probability of correct detection of an intruder(i.e. when H is correctly accepted) and the false alarm probabilities are P d = erfc (cid:20) ln λd − d (cid:21) , (5) P err = erfc (cid:20) ln λd + d (cid:21) , (6)and erfc[ x ] denotes the complimentary error function [20]. In order to demonstrate the optimal decision strategy made by the legitimate imagers let us consider the attack in whichthe intruder intercepts a fraction r of the original photons and replaces them with photons in a state ρ E carrying thefalse image.As the intruder detection probability (5) is a monotonic function of the difference between expected and observedstate dependent visibilities, the intruder will choose states carrying false information such that this difference is assmall as possible. The legitimate imagers have freedom in the choice of analyser angles and will want to maximisethis difference. In principle, the intruder could optimize their state for each value of { θ i } . Although it is unlikely, thelegitimate imagers can consider this situation in order to check the robustness of their state choice against jamming.Thus they are able to decide the states for which the detectability of an intruder is largest. Hence in the worst casescenario the detection probability (5) is a monotonic function of d = 1 σ max { θ i } (cid:104) min ρ E (cid:16) V ( ρ , ρ , { θ i } ) − V ( ρ (cid:48) , ρ (cid:48) , { θ i } ) (cid:17)(cid:105) , (7)where ρ and ρ are the states chosen by the legitimate imagers and ρ (cid:48) j = (1 − r ) ρ j + rρ E , where j = 1 , (8)are the states carrying false information. The parameter d is estimated for a given level of intrusion. In cryptographya similar parameter is given by a secrecy function [21]. For image comparison we introduce the level of jamming interms of the state dependent visibility for jammed and non-jammed images V L = max j V ( ρ j , ρ (cid:48) j , { θ i } ) , (9)where ρ j means the state from legitimate source and ρ (cid:48) j = (1 − r ) ρ j + rρ E its jammed counterpart. The level ofjamming V L quantitatively describes how at most the actual image can differ from the correct one in visibility. Inprinciple, as a measure of the intrusion level we could consider the intercepting rate r . However, this is not the optimalchoice, as even for large r the correct image may be attenuated but not changed as is shown in the following example.3 xample. One photon states. Imagine that the states chosen by legitimate parties are ρ = | ↔(cid:105)(cid:104)↔ | and ρ = | (cid:108)(cid:105)(cid:104)(cid:108) | .We assume that ρ E can be an arbitrary one photon polarisation pure state ρ E = | φ (cid:105)(cid:104) φ | , where | φ (cid:105) = cos α | ↔(cid:105) + e iβ sin α | (cid:108)(cid:105) , for arbitrary real α and β . It is easy to show that in this case V ( ρ (cid:48) , ρ (cid:48) , θ ) = (1 − r ) V ( ρ , ρ , θ )1 − r + r (cid:104) a ( θ ) | ρ E | a ( θ ) (cid:105) , (10)where ρ (cid:48) i are given by ρ (cid:48) j = (1 − r ) ρ j + rρ E , where j = 1 , . (11)Thus for each θ the intruder can find a state ρ E orthogonal to | a ( θ ) (cid:105) . Hence, for any intercepting rate r the parameter d = 0 and the probability of detection is as small as possible, equal to the probability of an unbiased guess . .However, notice that although the interference of the intruder is significant, the image is not changed apart from beingattenuated. Because we stress the correctness of the image rather than its intensity, which we do not fully control, thisinvasion is not treated as jamming. Therefore, we do not treat r as a proper characterisation of the degree of jamming. In ghost imaging correlations between photons in two separate light beams, which we call the object beam and theimage beam, allow an image of an object to be obtained by detecting light that has never interacted with it directly.The object beam interacts with an object with a particular spatial profile. This beam is detected with a bucket detectorthat provides no spatial information. The image beam does not interact with the object but falls on a spatially resolvingdetector. An image appears at this detector due to coincidence correlations between two detectors. The technique hasapplications for example, for difficult to access objects where a single pixel detector might be easier to place, or if itis easier to detect spatial images at one wavelength rather than another [17, 18]. The correlations also provide timinginformation.
In what follows we describe the detection and recovery protocol applied to ghost imaging. This two-photon coincidenceimaging allows us additionally to show that imaging with entangled states can increase the probability of intrusiondetection compared to classically correlated states.A ghost imaging setup contains the following fundamental elements: a source of correlated photons, S , the investi-gated object, Λ , a bucket detector D L and a spatially-resolving detector D R . These elements are shown in Fig. 1 whichis arranged in the so-called Klyshko picture [22, 23]. The central part of the setup is doubled, showing the symmetricrole of imagers (lower) and an intruder (upper). Polarisation analysers P and P can be rotated independently todistinguish two angles θ and θ of polarisation filtering. Intruder E intercepts a fraction of the photons sent by trustedsource S and resends pairs of photons, correlated in polarisation, which carry false image information. We assume thatdifferent photons from each pair travel through different arms and E intercepts photons from only one arm. This isenough to prevent coincidence counting which can contribute to a correct image.Figure 1: Ghost imaging with security. Intruder E intercepts part of a signal emitted by source S sent to an object Λ . E re-sends correlated pairs of photons produced by source S E that carry information about a false object T to bothright and left detectors. Regions bordered by dotted lines denote zones controlled by imagers.4igure 2: (Color online.) Probability of intrusion detection (left panel) and false alarm probability (right panel) as afunction of the jamming level (7). The noise variance is σ = 0 . . The thin black, red dashed and thick blue linescorrespond to the legitimate imagers using two classical states (15) and (16), one entangled and one classical (13)and (15) and two entangled states 13) and (14) respectively. For V L > . there is no significant difference betweenimaging with classical and quantum states.The states used by the legitimate imagers are changed at random. We assume that the intruder does not knowwhich of them was chosen, as the states have maximally mixed reduced states and cannot be distinguished by any localmeasurement. Therefore, the states carrying the false part of the image the intruder resends are independent of thechoice by the legitimate imagers. For given angles of the analysers, legitimate imagers observe two images that havethe same contribution from the false image. The difference between these images allows them to recover the correctimage.As we have already mentioned, the legitimate imagers use states with maximally mixed reduced states. All two-photon polarisation states with maximal mixed reduced states can be transformed by local changes of bases to thefollowing class known as Bell diagonal states [24, 25] ρ BD = µ x σ x ⊗ σ x + µ y σ y ⊗ σ y + µ z σ z ⊗ σ z , (12)where σ x , σ y and σ z are three Pauli matrices, is the identity matrix, µ x , µ y and µ z are real parameters for which (12)is positive semidefined. Examples of these states, that will be used are the following: | ψ (cid:105) = 1 √ | ↔↔(cid:105) + | (cid:108)(cid:108)(cid:105) ) for µ x = µ y = µ z = 1 / , (13) | ψ (cid:105) = 1 √ | ↔↔(cid:105)−| (cid:108)(cid:108)(cid:105) ) for µ x = µ y = − , µ z = 14 , (14) ω =12 ( |(cid:108)(cid:108)(cid:105)(cid:104)(cid:108)(cid:108) | + |↔↔(cid:105)(cid:104)↔↔| ) for µ x = µ y = 0 , µ z = 14 , (15) ω =12 ( |(cid:38)(cid:45)(cid:38)(cid:45)(cid:105)(cid:104)(cid:38)(cid:45)(cid:38)(cid:45)| + |(cid:46)(cid:37)(cid:46)(cid:37)(cid:105)(cid:104)(cid:46)(cid:37)(cid:46)(cid:37)| ) for µ y = µ z = 0 , µ x = 14 , (16)Here | (cid:108)(cid:105) , | ↔(cid:105) and | (cid:38)(cid:45)(cid:105) , | (cid:46)(cid:37)(cid:105) denote the vertical, horizontal, diagonal and antidiagonal polarisation states respectively.The states (13) and (14) are entangled while the states (15) and (16) are classically correlated. The coincidencedetection probability for (12) is given by P BD = 14 + µ x sin(2 θ ) sin(2 θ ) + µ z cos(2 θ ) cos(2 θ ) . (17)The visibility difference d (7) and the detection probability (5) depend on the intruder’s set of possible states. Weassume that this set is given by (12). For pairs of states from the set (13)-(16) the probability of detection is plotted inthe left panel of Fig. 2 in the worst case scenario for different values of the level of jamming (9), while the probabilityof false detection is plotted in the right panel. The value of the noise variance is chosen to be σ = 0 . . For pairsof entangled states the detection probability is larger than for pairs of classically correlated states. In particular, fora level of jamming V L = 0 . the probability of jamming detection is about . when two classical states are used5igure 3: The upper left image shows the mixture of the correct ( Λ -shape) and the false ( T -shape) image obtainedusing states (13) and (15) respectively. The upper right image shows the false image. In this case, the correct partdisappears because the legitimate states (14) are blocked by the polarisers. The lower left image shows the recoveredimage. For comparison, the lower right image shows the image without jamming.for legitimate imaging while P d = 0 . if entangled states are used. Preliminary numerical calculations show thatthe situation does not change in the intruder’s favour if the intruder changes local bases of states (12). However, thisanalysis requires further investigation. A simulation of an example of the recovery protocol is illustrated in figure 3. Here, we assume that in order toimage a correct Λ -shaped object legitimate imagers use two classes of photons characterised by maximally entangledpolarisation states | ψ (cid:105) and | ψ (cid:105) given by (13) and (14) respectively. During this process intercept-resend jammingoccurs with intercepting rate r = 0 . . A false T -shaped image is imposed on the correct one. In this example we studya classical attack in which the false image is formed by photons in a classically correlated polarisation state ρ E = ω given in (15). The number of photons used in the simulation in order to form one image in a unit of time is n = 10 .We assume that the detectors that are used for imaging record accidental counts, dark counts and other events thatcontribute to general noise at rate for the unit of time across all pixels, i.e. of the number of photons.The legitimate imagers chose polariser angles θ = θ = π/ . The probability of the photons being detectedare given by Eq. (17). This choice of angles provides the maximum state dependent visibility for imaging withoutjamming V ( ρ , ρ , { θ i } ) = 1 , (18)where ρ = | ψ (cid:105)(cid:104) ψ | and ρ = | ψ (cid:105)(cid:104) ψ | . The maximum value means that a correct image completely disappearswhen the state of the imaging photons is changed from ρ to ρ , as visualised in the upper panels of figure 3.To estimate the probability of jamming detection we also calculate the state dependent visibility for jammed states ρ (cid:48) = (1 − r ) ρ + rρ E and ρ (cid:48) = (1 − r ) ρ + rρ E . Here we calculate this quantity for the central region of the imagein which a part of the false ‘T’ is superimposed on the correct ‘ Λ ’. The visibility is V ( ρ (cid:48) , ρ (cid:48) , { θ i } ) = 0 . (19)and it can be measured experimentally. For an assumed variance of Gaussian noise σ = 0 . the difference betweenthe visibility without intrusion and the one with jamming in units of σ is d = 5 which guarantees that we detect theintrusion almost with certainty ( P d ≈ , see (5)).According to the recovery protocol the correct image is obtained as the difference between two images from theupper panels of figure 3. The recovered image is shown in the lower right panel of this figure, while in the lower leftpanel we show the correct image obtained without jamming.During the imaging process random external noise independent of the image is recorded by detectors. We canobserve that the noise level is reduced as an effect of our recovery protocol. Let us compare the levels of noise on twolower images of figure 3. The average amount of dark counts per pixel is about . for the chosen unit of time in thelower right panel. The level of noise in the case of the recovered image (the lower left panel) is about . The ratiobetween the average brightness of the Λ -shaped area and the noise without jamming is about while for the recoveredimage this ratio is about . In consequence, the reduction of the absolute level of noise is observed in the simulation as6n effect of the recovery protocol. The relative noise is increased due to a difference in brightness between the imagesobserved with or without jamming. Imaging in which an imager controls the signal used to test a remote object is more robust than imaging relying on thesignal coming from the object or from an uncontrollable source. This control gives us the ability to detect jammingand eliminate the jammed part of the image. We describe a detection and recovery protocol relying on the controlof the polarisation of light. The protocol can be applied to negate the effect of jamming by a malevolent party aswell as reducing the impact of background noise and signals on the imaging. Security of this protocol is providedby the fundamental fact that the party who prepares quantum states has more information about the states than it ispossible to extract from a measurement. This creates an informational advantage of the legitimate imager with respectto an intruder. The latter cannot perfectly correlate the false image carrying states of light with the states from alegitimate source. As a consequence, the informational advantage can be used for false image detection and correctimage restoration, as is done in our protocol.In the description of our protocol we assumed that the state of the intruder is stationary during the imaging process,at least on average. This is a reasonable consequence of the assumption that the intruder does not distinguish betweenstates from the legitimate source and create correlations with the changes of these states. Let us consider the situationin which this assumption is relaxed allowing for partial correlations between the intruder’s states and the states fromthe legitimate source. Even in this case we are able to recognise the false contribution. It is enough to observe animage that appears when a filter at the legitimate detector completely blocks one of the legitimate states. This situationis shown in the upper right panel of fig. 3. The false image contribution still appears there. In this case, however, wecannot use simple difference between two images corresponding to different legitimate states to recover the correctimage, since the brightness of the false image is now different on each of them. On the other hand, a modification ofthe protocol, taking a weighted difference between the two images is still possible, which will allow us to correct forthis problem.Free space application of the light beams together with the necessity of preservation of (or at least controlled inter-action with) their polarisation states during imaging influences the conditions under which the protocol is applicable.In particular, the distance of the imaging is limited. Therefore, protocols like this one may not necessarily be consid-ered in the context of radar type imaging of remote unknown objects. Instead, as the robots and drones industry israpidly developed [26] they can be parts of modern surveillance systems with application of such proxy observers sentto vulnerable places of an area being protected. In this example readout of the device is more trusted if controlled statesof light are used instead of the signal sent from the device in the border region between protected and uncontrollableareas. The protocol can be also used when the robot is sent to view an object in a noisy environment, where directimaging is impossible. Another range of possible applications appears in the context of the general free space opticalcommunication [27].Correlation imaging can provide further information. For example, due to timing information we can confirm ifbeam path lengths are equal or have been changed as a consequence of jamming. We have shown here a further exampleof the advantage to be gained by using quantum over classically correlated states in coincidence ghost imaging.We have discussed the situation in which jamming photons were directed to the detectors through the analysingpolarisers. One alternative available to the intruder is jamming in which these photons are sent directly to the detectorsside-stepping the polarisation analysers. Then the probability of detection does not depend on the polarisation states.As the intruder cannot optimize over these states the probability of intrusion detection is larger than in the case ofjamming through the analysers, so this is not a useful intrusion strategy.
Acknowledgements
The work was supported by the QuantIC Project of the UK Engineering and Physical SciencesResearch Council (EP/M01326X/1). The authors thank Mehul Malik for useful discussion of an early version of thiswork and Masahide Sasaki for pointing out possible applications.
References [1] T. B. Pittman, Y. H. Shih, D. V. Strekalov, and A. V. Sergienko, Phys. Rev. A , R3429 (1995).[2] M. I. Kolobov, Rev. Mod. Phys. , 1539 (1999).[3] L. A. Lugiato, A. Gatti, E. Brambilla, J. Opt. B: Quantum Semiclass. Opt. , S176 (2002).74] V. Giovannetti, S. Lloyd, and L. Maccone, Science , 1330 (2004).[5] C. A. Santivanez, S. Guha, Z. Dutton, M. Annamalai, M. Vasilyev, B. J. Yen, R. Nair, J. H. Shapiro, Proc. SPIE8163, Quantum Communications and Quantum Imaging IX, 81630Z (2011).[6] K. Jiang, H. Lee, C. C. Gerry, and J. P. Dowling, J. Appl. Phys. , 193102 (2013).[7] M. Malik, O. S. Maga´na-Loaiza, and R. W. Boyd, Appl. Phys. Lett. , 241103 (2012).[8] T. S. Humble, R. S. Bennink, W. P. Grice, and I. J. Owens, Intrusion Detection with Quantum Mechanics: APhotonic Quantum Fence , 26. Army Science Conference; Orlando, FL (United States); 1-4 Dec 2008.[9] C. Bennett, and G. Brassard, in
Proceedings of IEEE International Conference CSSP , Bangalore, India, p. 175(1984).[10] A. K. Ekert, Phys. Rev. Lett. , 661 (1991).[11] N. L¨utkenhaus, Phys. Rev. A , 052304 (2000).[12] C. F. Sabottke, C. D. Richardson, P. M. Anisimov, U. Yurtsever, A. Lamas-Linares, and J. P. Dowling, New J.Phys. , 043003 (2012).[13] T. S. Humble, R. S. Bennink, W. P. Grice, and I. J. Owens, Proceedings of the SPIE, , 73420H (2009).[14] C. Bennett, F. Bessette, G. Brassard, L. Salvail, and J. Smolin, J. Cryptology , 3 (1992).[15] N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, Rev. Mod. Phys. , 145 (2002).[16] B. I. Erkmen, and J. H. Shapiro, Adv. Opt. Photon. , 405 (2010).[17] K. W. C. Chan, M. N. OSullivan, and R. W. Boyd, Phys. Rev. A , 033808 (2009).[18] R. S. Aspden, N. R. Gemmell, P. A. Morris, D. S. Tasca, L. Mertens, M. G. Tanner, R. A. Kirwood, A. Ruggeri,A. Tosi, R. W. Boyd, G. S. Buller, R. H. Hadfield, and M. J. Padgett, Optica , 1049 (2015).[19] R. S. Bennink, S. J. Bentley, and R. W. Boyd, Phys. Rev. Lett. , 113601 (2002).[20] H. L. Van Trees, Detection, Estimation, and Modulation Theory, Part I , John Wiley & Sons, Inc., New York(2001).[21] T. S. Han, H. Endo, and M. Sasaki, IEEE Trans. Information Theory , 6819 (2014).[22] D. V. Strekalov, A. V. Sergienko, D. N. Klyshko, and Y. H. Shih, Phys. Rev. Lett. , 3600 (1995).[23] E.-K. Tan, J. Jeffers, S.M. Barnett, and D.T. Pegg, Eur. Phys. J. D , 495, (2003).[24] B. Daki´c, V. Vedral, and ˇC. Brukner, Phys. Rev. Lett. , 190502 (2010).[25] R. Horodecki, and M. Horodecki, Phys. Rev. A The Booming Business of Drones , Harvard Business Review Jan 4, 2013.[27] F. J. Lopez-Martinez, G. Gomez, J. M. Garrido-Balsells, IEEE Photonics Journal,7