Security of Quantum Key Distribution

TL;DR

This paper critically examines the security of quantum key distribution (QKD), highlighting fundamental issues, analyzing security criteria, and questioning the common perception of near-perfect security in QKD protocols.

Contribution

It provides a detailed critique of existing QKD security proofs, emphasizing the importance of operational success probabilities and clarifying misconceptions about security levels.

Findings

Success probabilities are fundamental security criteria.

Current security proofs have validity and completeness issues.

QKD security is less robust than commonly believed.

Abstract

The security issues facing quantum key distribution (QKD) are explained, herein focusing on those issues that are cryptographic and information theoretic in nature and not those based on physics. The problem of security criteria is addressed. It is demonstrated that an attacker's success probabilities are the fundamental criteria of security that any theoretic security criterion must relate to in order to have operational significance. The errors committed in the prevalent interpretation of the trace distance criterion are analyzed. The security proofs of QKD protocols are discussed and assessed in regard to three main features: their validity, completeness, and adequacy of the achieved numerical security level. Problems are identified in all these features. It appears that the QKD security situation is quite different from the common perception that a QKD-generated key is nearly perfectly secure. Built into our discussion is a simple but complete quantitative description of the information theoretic security of classical key distribution that is also applicable to the quantum situation. In the appendices, we provide a brief outline of the history of some major QKD security proofs, a rather unfavorable comparison of current QKD proven security with that of conventional symmetric key ciphers, and a list of objections and answers concerning some major points of the paper.