Security of quantum key distribution with iterative sifting

TL;DR

This paper demonstrates that using Azuma's inequality for parameter estimation restores security to quantum key distribution protocols employing iterative sifting, addressing previous vulnerabilities identified with the random sampling theory.

Contribution

The authors show that Azuma's inequality can be used to prove security of iterative sifting QKD protocols, fixing flaws in prior security proofs based on random sampling theory.

Findings

Iterative sifting can be secure with Azuma's inequality.

Random sampling theory may lead to insecure QKD protocols.

Existing security proofs using Azuma's inequality remain valid.

Abstract

Several quantum key distribution (QKD) protocols employ iterative sifting. After each quantum transmission round, Alice and Bob disclose part of their setting information (including their basis choices) for the detected signals. The quantum phase of the protocol then ends when the numbers of detected signals per basis exceed certain pre-agreed threshold values. Recently, however, Pfister et al. [New J. Phys. 18 053001 (2016)] showed that iterative sifting makes QKD insecure, especially in the finite key regime, if the parameter estimation for privacy amplification uses the random sampling theory. This implies that a number of existing finite key security proofs could be flawed and cannot guarantee security. Here, we solve this serious problem by showing that the use of Azuma's inequality for parameter estimation makes QKD with iterative sifting secure again. This means that the existing protocols whose security proof employs this inequality remain secure even if they employ iterative sifting. Also, our results highlight a fundamental difference between the random sampling theorem and Azuma's inequality in proving security.