Security of Decoy-State Protocols for General Photon-Number-Splitting Attacks

TL;DR

This paper analyzes the security of decoy-state quantum cryptography protocols against more general photon-number-splitting attacks, revealing that previous security estimates may be overly optimistic and need revision.

Contribution

It introduces a new estimation procedure for security parameters under correlated attacks, extending the security analysis beyond independent pulse assumptions.

Findings

Previous security bounds may be overly optimistic under correlated attacks

A new estimation method provides rigorous security guarantees against general PNS attacks

Reassessment of how often decoy-state systems can be securely reused

Abstract

Decoy-state protocols provide a way to defeat photon-number splitting attacks in quantum cryptography implemented with weak coherent pulses. We point out that previous security analyses of such protocols relied on assumptions about eavesdropping attacks that considered treating each pulse equally and independently. We give an example to demonstrate that, without such assumptions, the security parameters of previous decoy-state implementations could be worse than the ones claimed. Next we consider more general photon-number splitting attacks, which correlate different pulses, and give an estimation procedure for the number of single photon signals with rigorous security statements. The impact of our result is that previous analyses of the number of times a decoy-state quantum cryptographic system can be reused before it makes a weak key must be revised.