Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
41 views5 pages

BB84 Device Independence

The document discusses the degrees of device independence in the BB84 Quantum Key Distribution (QKD) protocol, outlining fully characterized, device-independent, partially device-independent, one-sided device-independent, and semi-device-independent categories. It explains how the standard BB84 protocol operates under one-sided device independence, allowing for security even if one party's device is uncharacterized. Additionally, it highlights potential vulnerabilities in the BB84 protocol, particularly in scenarios where both Alice and Bob's devices are sabotaged, enabling an eavesdropper to gain access to the secret key without detection.

Uploaded by

Alex
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
41 views5 pages

BB84 Device Independence

The document discusses the degrees of device independence in the BB84 Quantum Key Distribution (QKD) protocol, outlining fully characterized, device-independent, partially device-independent, one-sided device-independent, and semi-device-independent categories. It explains how the standard BB84 protocol operates under one-sided device independence, allowing for security even if one party's device is uncharacterized. Additionally, it highlights potential vulnerabilities in the BB84 protocol, particularly in scenarios where both Alice and Bob's devices are sabotaged, enabling an eavesdropper to gain access to the secret key without detection.

Uploaded by

Alex
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Degree of device-independence in the

BB84 QKD protocol


Degrees of Device Independence of QKD
Fully characterized (i.e. not device independent) aka “Standard”-QKD (S-QKD)
◦ Provable security only when the exact quantum state preparations and measurements are assumed to
have specific behavior (i.e. the internal behavior is fully characterized).

(Fully) Device independent:


◦ Provable security without any assumptions about the internal functioning of any devices. QKD Protocols
◦ Security is established by measurement of Bell nonlocal correlations Fully Characterized
◦ With DI, QKD protocol can be robust to unintended and maliciously introduced faults. These faults will
be automatically detectable.

Partially-device independent: Device partially-DI


◦ Provable security only if some devices are characterized. At least some devices are allowed to be (fully Independent (DI) One-sided
or partially) “uncharacterized” (any faults in the uncharacterized devices will be automatically DI
detected as in the DI case.)
Semi-DI
◦ Measurement device independence (MDI) is a form of semi-device independence.

One-sided device independent: MDI


◦ One of the parties (Alice or Bob) can have a completely uncharacterized device.

Semi-device independent:
◦ The devices are uncharacterized but are assumed to only produce quantum systems of a given
dimension. I.e. in BB84 Alice’s photon is in a 2-level quantum state in the polarization DoF and has no
information in any other DoF. That, is we assume operation in a 2-level Hilbert space.

09/27/2023 ULTRAFAST OPTICS AND OPTICAL FIBER COMMUNICATIONS LABORATORY 3


BB84 Protocol (standard version: prepare-and-measure)
Alice generates two random strings of bits, string and , both length-. Alice will use these strings
to prepare qubits. Bit will determine what basis she encodes the th bit in and bit determines
which state the qubit is in. I.e.

Alice sends to Bob over a public, authenticated quantum channel . Bob receives the state
(Alice’s state, subject to noise and eavesdropping). Bob randomly creates a length- string and
uses this string to determine the basis he measures each of the qubits in.
After Bob’s reception and measurement of the quantum state, he and Alice announce and
publicly, they retain the bits where they measured/prepared in the same basis. Alice and Bob
agree on bits to share so that the error rate can be checked. An error rate below a certain
threshold indicate that Eve has not obtained significant information on the quantum
transmission. The remaining bits (with error reconciliation) are used as the key.

09/27/2023 ULTRAFAST OPTICS AND OPTICAL FIBER COMMUNICATIONS LABORATORY 4


Device independence of BB84 protocol
BB84 is originally described in a “fully characterized” fashion (no
device independence assumed):
◦ Alice is limited to transmitting one of four states, of known behavior
◦ Bob is limited to detecting in one of two known (orthogonal) basis

However:
The usual BB84 protocol (prepare-and-measure, see previous slide) is actually one-sided device
independent. [Bob’s device need not be characterized.] That is, we assume only that Alice transmits in
each of the expected four states.
There is an entanglement-based BB84 protocol which is semi-device independent. That is, the security
proof assumes Alice device operates on a two-level Hilbert space.
◦ If we think of Alice’s measurement in the entanglement-based protocol as “preparing” the state the way Alice
would in the prepare-and-measure protocol, these requirements (one-sided DI vs semi-DI) are essentially the
same.

Following slide gives a straightforward example of a worst case prepare-and-measure BB84 attack.

09/27/2023 ULTRAFAST OPTICS AND OPTICAL FIBER COMMUNICATIONS LABORATORY 5


QKD Security Failure, BB84 prepare-and-measure
Expectations Attack (via device sabotage)
◦ Alice prepares a state using two parameters, and . ◦ Alice’s system has been sabotaged. Her device
determines the information she sends and the actually prepares the quantum states
encoding basis used. Alice believes her device
produces quantum state quantum state

◦ Bob receives Alices quantum state he then randomly ◦ Bob’s system has been sabotaged. His
chooses which basis to measure in, . His results are measurement device returns results

◦ or with probability 0.5

◦or withof
probability 0.5
The behavior the sabotaged system, in terms of the measurement results obtained by Bob (given , and ) perfectly replicates that of the expected
system. This was achieved by attacking both Alice and Bob’s devices. Indeed, as BB84 is one-sided device independent, an attack requires that both
devices are compromised.
Eve knows that the system is sabotaged. On its way from Alice to Bob, Eve intercepts the state , measures it in its actual computational basis , and
records her result. She then reproduces the quantum state and sends it to Bob. Her behavior is undetectable and she has gained perfect knowledge of
and without affecting the quantum bit error rate. Eve has all of Alice’s information and will be able to determine the secret key Alice and Bob are about
to generate using the public channel.

09/27/2023 ULTRAFAST OPTICS AND OPTICAL FIBER COMMUNICATIONS LABORATORY 6

You might also like