Security Issues Associated With Error Correction And Privacy Amplification In Quantum Key Distribution

TL;DR

This paper critically examines the security assumptions in quantum key distribution, revealing that lack of rigorous error correction analysis limits the achievable security and key length, challenging previous optimistic claims.

Contribution

It provides a rigorous analysis of error correction leakages and demonstrates limitations on privacy amplification, establishing a tradeoff between key rate and security in quantum cryptography.

Findings

Error correction leakages undermine security proofs

Privacy amplification cannot produce arbitrarily perfect keys

Tradeoff exists between key rate and security level

Abstract

Privacy amplification is a necessary step in all quantum key distribution protocols, and error correction is needed in each except when signals of many photons are used in the key communication in quantum noise approach. No security analysis of error correcting code information leak to the attacker has ever been provided, while an ad hoc formula is currently employed to account for such leak in the key generation rate. It is also commonly believed that privacy amplification allows the users to at least establish a short key of arbitrarily close to perfect security. In this paper we show how the lack of rigorous error correction analysis makes the otherwise valid privacy amplification results invalid, and that there exists a limit on how close to perfect a generated key can be obtained from privacy amplification. In addition, there is a necessary tradeoff between key rate and security, and the best theoretical values from current theories would not generate enough near-uniform key bits to cover the message authentication key cost in disturbance-information tradeoff protocols of the BB84 variety.