Effects of preparation and measurement misalignments on the security of the BB84 quantum key distribution protocol

TL;DR

This paper examines how misalignments in state preparation and measurement in BB84 quantum key distribution can be exploited by eavesdroppers, highlighting the importance of realistic assumptions in security analysis.

Contribution

It provides a detailed analysis of the impact of misalignments on BB84 security under individual attacks, emphasizing the need for realistic device modeling.

Findings

Misalignments can be exploited by Eve for increased information gain.

Experimental errors may lead Alice and Bob to falsely believe their key is secure.

Using both x and z bases enhances BB84's robustness against alignment imperfections.

Abstract

The ideal Bennett-Brassard 1984 (BB84) quantum key distribution protocol is based on the preparation and measurement of qubits in two alternative bases differing by an angle of pi/2. Any real implementation of the protocol, though, will inevitably introduce misalignments in the preparation of the states and in the alignment of the measurement bases with respect to this ideal situation. Various security proofs take into account (at least partially) such errors, i.e., show how Alice and Bob can still distil a secure key in the presence of these imperfections. Here, we consider the complementary problem: how can Eve exploit misalignments to obtain more information about the key than would be possible in an ideal implementation? Specifically, we investigate the effects of misalignment errors on the security of the BB84 protocol in the case of individual attacks, where necessary and sufficient conditions for security are known. Though the effects of these errors are small for expected deviations from the perfect situation, our results nevertheless show that Alice and Bob can incorrectly conclude that they have established a secure key if the inevitable experimental errors in the state preparation and in the alignment of the measurements are not taken into account. This gives further weight to the idea that the formulation and security analysis of any quantum cryptography protocol should be based on realistic assumptions about the properties of the apparatus used. Additionally, we note that BB84 seems more robust against alignment imperfections if both the x and z bases are used to generate the key.