Quantum Key Distribution (QKD) Security

Table of Contents

1. Introduction
2. What Is QKD Security?
3. Security Paradigm Shift: Classical vs Quantum
4. Physical Principles Behind QKD Security
5. Security from the No-Cloning Theorem
6. Measurement Disturbance Principle
7. Eavesdropping Detection in QKD
8. Quantum Bit Error Rate (QBER)
9. Error Thresholds in QKD Protocols
10. Privacy Amplification
11. Information Reconciliation
12. Composable Security Framework
13. Individual, Collective, and Coherent Attacks
14. Security Proofs Against Coherent Attacks
15. Device-Independent Security
16. Finite-Key Security Analysis
17. Entropic Uncertainty Relations
18. Side-Channel Attacks and Countermeasures
19. Trojan Horse Attacks
20. Photon Number Splitting (PNS) Attacks
21. Decoy State Method
22. Authentication of Classical Channels
23. Post-Quantum Cryptography vs QKD
24. Regulatory and Practical Considerations
25. Conclusion

1. Introduction

Quantum Key Distribution (QKD) offers unconditional security based on the laws of quantum physics, not computational hardness. This makes it resilient even against adversaries with quantum computers.

2. What Is QKD Security?

QKD security is the guarantee that any eavesdropping attempt will be detected, and that a secret key can still be distilled with provable bounds on the amount of leaked information.

3. Security Paradigm Shift: Classical vs Quantum

4. Physical Principles Behind QKD Security

QKD relies on:

• The no-cloning theorem
• The disturbance caused by measurement
• The uncertainty principle

5. Security from the No-Cloning Theorem

The no-cloning theorem ensures that an unknown quantum state cannot be duplicated:

\[
|\psi\rangle \nrightarrow |\psi\rangle \otimes |\psi\rangle
\]

Eavesdroppers cannot copy quantum bits undetectably.

6. Measurement Disturbance Principle

Measuring a quantum state collapses it. If Eve tries to intercept and measure a qubit, it changes the qubit’s state, introducing detectable errors.

7. Eavesdropping Detection in QKD

By publicly comparing a subset of their key, Alice and Bob can compute the Quantum Bit Error Rate (QBER). If the QBER exceeds a threshold, they abort the protocol.

8. Quantum Bit Error Rate (QBER)

The fraction of mismatches between Alice’s and Bob’s raw key:

\[
\text{QBER} = \frac{\text{Number of Errors}}{\text{Total Bits Compared}}
\]

A high QBER indicates potential eavesdropping.

9. Error Thresholds in QKD Protocols

• BB84 tolerates QBER up to ~11%
• E91 tolerates up to ~7–10% depending on implementation
• Beyond these, key generation is insecure

10. Privacy Amplification

A post-processing step to remove leaked information by compressing the raw key using universal hash functions.

11. Information Reconciliation

Before privacy amplification, Alice and Bob must:

• Reconcile bit discrepancies
• Use error correction (e.g., Cascade, LDPC codes)
• Minimize information revealed to Eve

12. Composable Security Framework

Security proofs today ensure composable security:

• Security holds even when QKD is part of a larger protocol
• Guarantees hold when keys are reused or chained

13. Individual, Collective, and Coherent Attacks

• Individual attacks: one qubit at a time
• Collective attacks: measure all qubits independently, store for joint analysis
• Coherent attacks: interact with multiple qubits jointly — most powerful and general

14. Security Proofs Against Coherent Attacks

Modern QKD security proofs use:

• Entropic uncertainty relations
• Quantum de Finetti theorems
• Smooth min-entropy bounds

To prove security even against the most general attacks.

15. Device-Independent Security

Device-Independent QKD (DI-QKD) uses Bell inequality violations to ensure security, even if devices are untrusted or malicious.

16. Finite-Key Security Analysis

Real systems exchange a finite number of bits. Finite-key analysis provides tight bounds on security parameters using statistics and confidence levels.

17. Entropic Uncertainty Relations

A generalization of Heisenberg’s principle that quantifies the uncertainty Eve must have if Alice and Bob share strong correlations.

18. Side-Channel Attacks and Countermeasures

Real devices can leak unintended info:

• Time-shift attacks
• Detector blinding
• Phase remapping

Countermeasures include:

• Monitoring device behavior
• Introducing randomness
• Using Measurement-Device-Independent QKD (MDI-QKD)

19. Trojan Horse Attacks

Eve sends light into Alice/Bob’s device and analyzes the reflected light to learn settings. Prevented by:

• Optical isolators
• Filters
• Watchdog detectors

20. Photon Number Splitting (PNS) Attacks

When weak coherent pulses are used, Eve may split off a photon. Decoy state QKD prevents this by randomizing signal intensity.

21. Decoy State Method

Alice sends random decoy pulses to detect PNS attacks by monitoring the yield and QBER of different intensities.

22. Authentication of Classical Channels

The classical communication channel must be authenticated using:

• Pre-shared keys
• MACs (Message Authentication Codes)
• Post-quantum secure digital signatures

23. Post-Quantum Cryptography vs QKD

24. Regulatory and Practical Considerations

• NIST and ETSI are developing QKD standards
• Cost and infrastructure limit widespread use
• Integration with classical networks is active research

25. Conclusion

QKD security is grounded in the unassailable laws of quantum physics. With defenses against even the most sophisticated attacks — including future quantum adversaries — it offers unmatched cryptographic strength. While practical deployment faces challenges, QKD is already securing some of the world’s most sensitive communications, laying the groundwork for a truly quantum-secure future.