Hoi-Kwong Lo

DECOY STATE QUANTUM KEY DISTRIBUTION

There has been much interest in quantum key distribution. Experimentally, quantum key distribution over 150 km of commercial Telecom fibers has been successfully performed. The crucial issue in quantum key distribution is its security. Unfortunately, all recent experiments are, in principle, insecure due to real-life imperfections. Here, we propose a method that can for the first time make most of those experiments secure by using essentially the same hardware. Our method is to use decoy states to detect eavesdropping attacks. As a consequence, we have the best of both worlds--enjoying unconditional security guaranteed by the fundamental laws of physics and yet dramatically surpassing even some of the best experimental performances reported in the literature.

How to Share a Quantum Secret

We investigate the concept of quantum secret sharing. In a (k,thinspn) threshold scheme, a secret quantum state is divided into n shares such that any k of those shares can be used to reconstruct the secret, but any set of k{minus}1 or fewer shares contains absolutely no information about the secret. We show that the only constraint on the existence of threshold schemes comes from the quantum {open_quotes}no-cloning theorem,{close_quotes} which requires that n{lt}2k , and we give efficient constructions of all threshold schemes. We also show that, for k{le}n{lt}2k{minus}1 , then any (k,thinspn) threshold scheme {ital must} distribute information that is globally in a mixed state. {copyright} {ital 1999} {ital The American Physical Society }

Introduction to Quantum Computation Information

From the Publisher: This book aims to provide a pedagogical introduction to the subjects of quantum information and computation. Topics include non-locality of quantum mechanics, quantum computation, quantum cryptography, quantum error correction, fault-tolerant quantum computation as well as some experimental aspects of quantum computation and quantum cryptography. Only knowledge of basic quantum mechanics is assumed. Whenever more advanced concepts and techniques are used, they are introduced carefully. This book is meant to be a self-contained overview. While basic concepts are discussed in detail, unnecessary technical details are excluded. It is well-suited for a wide audience ranging from physics graduate students to advanced researchers.

Measurement-device-independent quantum key distribution.

How to remove detector side channel attacks has been a notoriously hard problem in quantum cryptography. Here, we propose a simple solution to this problem--measurement-device-independent quantum key distribution (QKD). It not only removes all detector side channels, but also doubles the secure distance with conventional lasers. Our proposal can be implemented with standard optical components with low detection efficiency and highly lossy channels. In contrast to the previous solution of full device independent QKD, the realization of our idea does not require detectors of near unity detection efficiency in combination with a qubit amplifier (based on teleportation) or a quantum nondemolition measurement of the number of photons in a pulse. Furthermore, its key generation rate is many orders of magnitude higher than that based on full device independent QKD. The results show that long-distance quantum cryptography over say 200 km will remain secure even with seriously flawed detectors.

Is Quantum Bit Commitment Really Possible

Work on quantum cryptography was started by S. J. Wiesner in a paper written in about 1970, but remained unpublished until 1983 [1]. Recently, there have been lots of renewed activities in the subject. The most wellknown application of quantum cryptography is the socalled quantum key distribution (QKD) [2–4], which is useful for making communications between two users totally unintelligible to an eavesdropper. QKD takes advantage of the uncertainty principle of quantum mechanics: Measuring a quantum system in general disturbs it. Therefore, eavesdropping on a quantum communication channel will generally leave unavoidable disturbance in the transmitted signal which can be detected by the legitimate users. Besides QKD, other quantum cryptographic protocols [5] have also been proposed. In particular, it is generally believed [4] that quantum mechanics can protect private information while it is being used for public decision. Suppose Alice has a secret x and Bob a secret y. In a “two-party secure computation” (TPSC), Alice and Bob compute a prescribed function f(x,y) in such a way that nothing about each party’s input is disclosed to the other, except for what follows logically from one’s private input and the function’s output. An example of the TPSC is the millionaires’ problem: Two persons would like to know who is richer, but neither wishes the other to know the exact amount of money he/she has. In classical cryptography, TPSC can be achieved either through trusted intermediaries or by invoking some unproven computational assumptions such as the hardness of factoring large integers. The great expectation is that quantum cryptography can get rid of those requirements and achieve the same goal using the laws of physics alone. At the heart of such optimism has been the widespread belief that unconditionally secure quantum bit commitment (QBC) schemes exist [6]. Here we put such optimism into very serious doubt by showing

Practical Decoy State for Quantum Key Distribution

Decoy states have recently been proposed as a useful method for substantially improving the performance of quantum key distribution (QKD). Here, we present a general theory of the decoy state protocol based on only two decoy states and one signal state. We perform optimization on the choice of intensities of the two decoy states and the signal state. Our result shows that a decoy state protocol with only two types of decoy states---the vacuum and a weak decoy state---asymptotically approaches the theoretical limit of the most general type of decoy state protocol (with an infinite number of decoy states). We also present a one-decoy-state protocol. Moreover, we provide estimations on the effects of statistical fluctuations and suggest that, even for long-distance (larger than 100 km) QKD, our two-decoy-state protocol can be implemented with only a few hours of experimental data. In conclusion, decoy state quantum key distribution is highly practical.

Efficient Quantum Key Distribution Scheme and a Proof of Its Unconditional Security

AbstractWe devise a simple modification that essentially doubles the efficiency of the BB84 quantum key distribution scheme proposed by Bennett and Brassard.We also prove the security of our modified scheme against the most general eavesdropping attack that is allowed by the laws of physics. The first major ingredient of our scheme is the assignment of significantly different probabilities to the different polarization bases during both transmission and reception, thus reducing the fraction of discarded data. A second major ingredient of our scheme is a refined analysis of accepted data: We divide the accepted data into various subsets according to the basis employed and estimate an error rate for each subset separately. We then show that such a refined data analysis guarantees the security of our scheme against the most general eavesdropping strategy, thus generalizing Shor and Preskill’s proof of security of BB84 to our new scheme. Until now, most proposed proofs of security of single-particle type quantum key distribution schemes have relied heavily upon the fact that the bases are chosen uniformly, randomly, and independently. Our proof removes this symmetry requirement.

Secure quantum key distribution

An overview is given of the state-of-the-art research into secure communication based on quantum cryptography. The present security model together with its assumptions, strengths and weaknesses is discussed. Recent experimental progress and remaining challenges are surveyed as are the latest developments in quantum hacking and countermeasures.

Quantum hacking : Experimental demonstration of time-shift attack against practical quantum-key-distribution systems

Quantum-key-distribution (QKD) systems can send quantum signals over more than

Experimental quantum key distribution with decoy states.

100\phantom{\rule{0.3em}{0ex}}\mathrm{km}