Quantum key distribution with an unknown and untrusted source

TL;DR

This paper provides a rigorous security analysis for quantum key distribution protocols with unknown and untrusted sources, demonstrating that secure key rates are achievable even when the source is controlled by an eavesdropper.

Contribution

It offers the first quantitative security proofs for QKD protocols with untrusted sources, including BB84 and decoy state protocols, with derived key rate bounds.

Findings

Security bounds are rigorously established for untrusted source QKD protocols.

Numerical simulations show key rates are close to those with trusted sources.

The analysis applies to standard and decoy state QKD protocols.

Abstract

The security of a standard bi-directional "plug & play" quantum key distribution (QKD) system has been an open question for a long time. This is mainly because its source is equivalently controlled by an eavesdropper, which means the source is unknown and untrusted. Qualitative discussion on this subject has been made previously. In this paper, we present the first quantitative security analysis on a general class of QKD protocols whose sources are unknown and untrusted. The securities of standard BB84 protocol, weak+vacuum decoy state protocol, and one-decoy decoy state protocol, with unknown and untrusted sources are rigorously proved. We derive rigorous lower bounds to the secure key generation rates of the above three protocols. Our numerical simulation results show that QKD with an untrusted source gives a key generation rate that is close to that with a trusted source.