24 August 2004 Entropy estimates for individual attacks on the BB84 protocol for quantum key distribution
Author Affiliations +
The security of quantum key distribution against undetected eavesdropping depends on the key-sharing parties (Alice and Bob) making a probabilistic estimate of the ignorance of a maximally adept eavesdropper (Eve) concerning sifted, error-free bits from which Alice and Bob distill a key. For individual attacks on the BB84 protocol, we show how to generalize the defense function and the defense frontier of Slutsky et al. to take advantage of Cachin’s analysis of Renyi entropy of arbitrary order R, here called R-entropy. For a special case of an attack uniform over all bits, an optimum defense frontier is displayed. Evidence is discussed for the conjecture that this defense frontier in terms of R-entropy holds good not just for uniform attacks but for all individual attacks on BB84. We also show how the entropy estimate fits in to the full suite of key-distillation protocols in a QKD system, in particular how it relates to privacy amplification. After privacy amplification, Eve will have, with high probability, no information about the remaining bits. By choosing the optimal Rényi order R, we can distill secure bits in the presence of a significantly higher error rate.
© (2004) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
John M. Myers, John M. Myers, Tai Tsun Wu, Tai Tsun Wu, David S. Pearson, David S. Pearson, } "Entropy estimates for individual attacks on the BB84 protocol for quantum key distribution", Proc. SPIE 5436, Quantum Information and Computation II, (24 August 2004); doi: 10.1117/12.542534; https://doi.org/10.1117/12.542534

Back to Top