Table of Contents
- Introduction
- Historical Context and Significance
- Basic Idea Behind BB84
- Classical vs Quantum Key Distribution
- Qubit Encoding in BB84
- Polarization Bases Used
- Step-by-Step Procedure
- Basis Reconciliation
- Sifting Process
- Error Rate Estimation
- Eavesdropping Detection
- Privacy Amplification
- Security Proofs
- Mathematical Description
- Photon Polarization Representations
- Real-World Implementations
- Device Considerations
- Limitations of BB84
- Photon Loss and Noise
- Countermeasures for Attacks
- Side-Channel Attacks
- Decoy State Method
- Satellite-Based BB84
- BB84 vs E91 and Other Protocols
- Conclusion
1. Introduction
The BB84 protocol, introduced by Charles Bennett and Gilles Brassard in 1984, is the first and most famous quantum key distribution (QKD) protocol. It enables two parties (traditionally named Alice and Bob) to generate a shared secret key with security guaranteed by quantum mechanics.
2. Historical Context and Significance
BB84 was the first protocol to demonstrate the practical utility of quantum mechanics in secure communication. It paved the way for quantum cryptography, allowing unconditionally secure key exchange.
3. Basic Idea Behind BB84
The key idea is that measuring a quantum system disturbs it, allowing the detection of eavesdropping attempts. This distinguishes BB84 from classical key exchange methods.
4. Classical vs Quantum Key Distribution
| Aspect | Classical Key Exchange | BB84 Protocol |
|---|---|---|
| Security basis | Computational hardness | Physical laws |
| Eavesdropper detection | No | Yes |
| Vulnerability to quantum | Yes | No |
5. Qubit Encoding in BB84
Information is encoded into qubits using two non-orthogonal bases:
- Rectilinear (Z-basis): \( |0\rangle, |1\rangle \)
- Diagonal (X-basis): \( |+\rangle = \frac{1}{\sqrt{2}}(|0\rangle + |1\rangle), |-\rangle = \frac{1}{\sqrt{2}}(|0\rangle – |1\rangle) \)
6. Polarization Bases Used
In practical photonic implementations:
- Horizontal (\( |0\rangle \)) and Vertical (\( |1\rangle \))
- +45° (\( |+\rangle \)) and -45° (\( |-\rangle \))
7. Step-by-Step Procedure
- Alice randomly chooses a bit (0 or 1) and a basis (Z or X), and sends a polarized photon.
- Bob measures each photon in a randomly chosen basis (Z or X).
- Alice and Bob publicly announce their bases (not their bits).
- They keep only the results where their bases matched — this is the sifted key.
8. Basis Reconciliation
Alice and Bob communicate over a classical public channel to compare which bases they used. Only measurements where the bases match are kept.
9. Sifting Process
About 50% of the bits are discarded during the sifting step because Alice and Bob used different bases.
10. Error Rate Estimation
They compare a small portion of the sifted key to estimate the Quantum Bit Error Rate (QBER). If it’s too high (typically >11%), they abort the protocol.
11. Eavesdropping Detection
Eavesdropping causes detectable disturbances in the qubit state due to the no-cloning theorem and measurement-induced collapse.
12. Privacy Amplification
Even if some information is leaked, Alice and Bob can use privacy amplification techniques (e.g., hashing) to compress the key and remove leaked parts.
13. Security Proofs
Security of BB84 has been rigorously proven under both:
- Individual attacks
- Collective and coherent attacks
Using tools like entropic uncertainty relations and composable security frameworks.
14. Mathematical Description
Let Alice send \( |\psi\rangle \) randomly chosen from:
\[
|0\rangle, |1\rangle \text{ (Z-basis)} \
|+\rangle = \frac{1}{\sqrt{2}}(|0\rangle + |1\rangle),\quad |-\rangle = \frac{1}{\sqrt{2}}(|0\rangle – |1\rangle) \text{ (X-basis)}
\]
Bob randomly measures in Z or X. If the basis matches, Bob gets the correct bit with high probability.
15. Photon Polarization Representations
| Logical Bit | Basis | Polarization |
|---|---|---|
| 0 | Z | Horizontal |
| 1 | Z | Vertical |
| 0 | X | +45° |
| 1 | X | -45° |
16. Real-World Implementations
BB84 has been implemented in:
- Fiber-optic networks (up to 500 km)
- Free-space optical links
- Satellite-based QKD (e.g., Micius satellite)
17. Device Considerations
Key hardware components include:
- Single-photon sources
- Beam splitters and polarizers
- Single-photon detectors
- Timing synchronization systems
18. Limitations of BB84
- Photon loss in fibers
- Detector noise
- Imperfect devices can leak information (side channels)
19. Photon Loss and Noise
Loss leads to lower key generation rates. Noise increases QBER and limits communication distance.
20. Countermeasures for Attacks
- Decoy state protocols to prevent photon-number splitting attacks
- Device-independent QKD to account for hardware imperfections
21. Side-Channel Attacks
Examples include:
- Time-shift attacks
- Detector blinding
- Trojan horse attacks
22. Decoy State Method
Introduces dummy photons to monitor for photon-number splitting attacks. Widely adopted in practical BB84 implementations.
23. Satellite-Based BB84
Implemented by China’s Micius satellite, enabling secure quantum communication between ground stations over 1,000+ km distances.
24. BB84 vs E91 and Other Protocols
| Feature | BB84 | E91 |
|---|---|---|
| Entanglement | Not required | Required |
| Implementation | Simpler | More complex |
| Security Basis | Basis mismatch | Bell inequality |
25. Conclusion
The BB84 protocol remains a cornerstone of quantum cryptography. Its blend of theoretical elegance and practical implementability makes it the de facto standard in QKD. With enhancements like decoy states and satellite delivery, BB84 is poised to secure communications in the emerging quantum age.