Charles Ci Wen Lim

Tight finite-key analysis for quantum cryptography

Despite enormous theoretical and experimental progress in quantum cryptography, the security of most current implementations of quantum key distribution is still not rigorously established. One significant problem is that the security of the final key strongly depends on the number, M, of signals exchanged between the legitimate parties. Yet, existing security proofs are often only valid asymptotically, for unrealistically large values of M. Another challenge is that most security proofs are very sensitive to small differences between the physical devices used by the protocol and the theoretical model used to describe them. Here we show that these gaps between theory and experiment can be simultaneously overcome by using a recently developed proof technique based on the uncertainty relation for smooth entropies.

Provably secure and practical quantum key distribution over 307 km of optical fibre

A discrete-variable quantum key distribution system that is capable of distributing a provably-secure cryptographic key over 307 kilometres is demonstrated at a telecom wavelength.

Finite-key analysis for measurement-device-independent quantum key distribution.

Quantum key distribution promises unconditionally secure communications. However, as practical devices tend to deviate from their specifications, the security of some practical systems is no longer valid. In particular, an adversary can exploit imperfect detectors to learn a large part of the secret key, even though the security proof claims otherwise. Recently, a practical approach--measurement-device-independent quantum key distribution--has been proposed to solve this problem. However, so far its security has only been fully proven under the assumption that the legitimate users of the system have unlimited resources. Here we fill this gap and provide a rigorous security proof against general attacks in the finite-key regime. This is obtained by applying large deviation theory, specifically the Chernoff bound, to perform parameter estimation. For the first time we demonstrate the feasibility of long-distance implementations of measurement-device-independent quantum key distribution within a reasonable time frame of signal transmission.

Concise security bounds for practical decoy-state quantum key distribution

Due to its ability to tolerate high channel loss, decoy-state quantum key distribution (QKD) has been one of the main focuses within the QKD community. Notably, several experimental groups have demonstrated that it is secure and feasible under real-world conditions. Crucially, however, the security and feasibility claims made by most of these experiments were obtained under the assumption that the eavesdropper is restricted to particular types of attacks or that the finite-key effects are neglected. Unfortunately, such assumptions are not possible to guarantee in practice. In this work, we provide concise and tight finite-key security bounds for practical decoy-state QKD that are valid against general attacks.

Device-Independent Quantum Key Distribution with Local Bell Test

Device-independent quantum key distribution (DIQKD) in its current design requires a violation of a Bell’s inequality between two parties, Alice and Bob, who are connected by a quantum channel. However, in reality, quantum channels are lossy and current DIQKD protocols are thus vulnerable to attacks exploiting the detection loophole of the Bell test. Here, we propose a novel approach to DIQKD that overcomes this limitation. In particular, we propose a protocol where the Bell test is performed entirely on two casually independent devices situated in Alice’s laboratory. As a result, the detection loophole caused by the losses in the channel is avoided.

Self-testing quantum random number generator.

The generation of random numbers is a task of paramount importance in modern science. A central problem for both classical and quantum randomness generation is to estimate the entropy of the data generated by a given device. Here we present a protocol for self-testing quantum random number generation, in which the user can monitor the entropy in real time. Based on a few general assumptions, our protocol guarantees continuous generation of high quality randomness, without the need for a detailed characterization of the devices. Using a fully optical setup, we implement our protocol and illustrate its self-testing capacity. Our work thus provides a practical approach to quantum randomness generation in a scenario of trusted but error-prone devices.

Security of distributed-phase-reference quantum key distribution.

Distributed-phase-reference quantum key distribution stands out for its easy implementation with present day technology. For many years, a full security proof of these schemes in a realistic setting has been elusive. We solve this long-standing problem and present a generic method to prove the security of such protocols against general attacks. To illustrate our result, we provide lower bounds on the key generation rate of a variant of the coherent-one-way quantum key distribution protocol. In contrast to standard predictions, it appears to scale quadratically with the system transmittance.

Provably secure and high-rate quantum key distribution with time-bin qudits

Information encoded in high-dimensional quantum states can achieve ultrahigh rates over metropolitan distances. The security of conventional cryptography systems is threatened in the forthcoming era of quantum computers. Quantum key distribution (QKD) features fundamentally proven security and offers a promising option for quantum-proof cryptography solution. Although prototype QKD systems over optical fiber have been demonstrated over the years, the key generation rates remain several orders of magnitude lower than current classical communication systems. In an effort toward a commercially viable QKD system with improved key generation rates, we developed a discrete-variable QKD system based on time-bin quantum photonic states that can generate provably secure cryptographic keys at megabit-per-second rates over metropolitan distances. We use high-dimensional quantum states that transmit more than one secret bit per received photon, alleviating detector saturation effects in the superconducting nanowire single-photon detectors used in our system that feature very high detection efficiency (of more than 70%) and low timing jitter (of less than 40 ps). Our system is constructed using commercial off-the-shelf components, and the adopted protocol can be readily extended to free-space quantum channels. The security analysis adopted to distill the keys ensures that the demonstrated protocol is robust against coherent attacks, finite-size effects, and a broad class of experimental imperfections identified in our system.

Random Variation of Detector Efficiency: A Countermeasure Against Detector Blinding Attacks for Quantum Key Distribution

In the recent decade, it has been discovered that QKD systems are extremely vulnerable to side-channel attacks. In particular, by exploiting the internal working knowledge of practical detectors, it is possible to bring them to an operating region whereby only certain target detectors are sensitive to detections. Crucially, the adversary can use this loophole to learn everything about the secret key without introducing any error to the quantum channel. In this paper, as a step toward overcoming detector blinding attacks, we focus on an experimentally convenient countermeasure, where the efficiency of the detectors is randomly varied.

Detector-device-independent quantum key distribution

Recently, a quantum key distribution (QKD) scheme based on entanglement swapping, called measurement-device-independent QKD (mdiQKD), was proposed to bypass all measurement side-channel attacks. While mdiQKD is conceptually elegant and offers a supreme level of security, the experimental complexity is challenging for practical systems. For instance, it requires interference between two widely separated independent single-photon sources, and the secret key rates are dependent on detecting two photons—one from each source. Here, we demonstrate a proof-of-principle experiment of a QKD scheme that removes the need for a two-photon system and instead uses the idea of a two-qubit single-photon to significantly simplify the implementation and improve the efficiency of mdiQKD in several aspects.