Breaking the system-frequency limitation of quantum key distribution
Feng-Yu Lu, Jia-Xuan Li, Ze-Hao Wang, Shuang Wang, Zhen-Qiang Yin, Alvaro Navarrete, Marcos Curty, Wei Chen, De-Yong He, Guang-Can Guo, Zheng-Fu Han

TL;DR
This paper introduces a new protocol and techniques to overcome bandwidth limitations in quantum key distribution, enabling higher secret key rates without increased device costs or security compromises.
Contribution
The authors propose a comprehensive countermeasure and new protocol that break the bandwidth-limited secret key rate barrier in quantum key distribution.
Findings
Achieved lowest correlated deviation compared to similar works.
Successfully broke the bandwidth-limited secret key rate barrier.
Demonstrated practical feasibility with an experimental setup.
Abstract
Enhancing the system performance has been the primary mission in the domain of quantum key distributions in recent years. Higher performance necessitates a higher repetition frequency, which is, however, strictly limited by the bandwidth. Excessive increase in the repetition frequency is not justifiable since it leads to misaligned and correlated modulation, resulting in compromised security and significant errors. Meanwhile, replacing devices with higher bandwidth means more technique challenges and more expense, which is detrimental to practical implementations. In this work, we propose a comprehensive countermeasure to overcome the bandwidth limitation. We present a new protocol addressing the aforementioned loopholes to ensure security and achieve superior performance compared to previous approaches. Additionally, we address the challenges associated with characterizing and…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsQuantum Information and Cryptography · Molecular Communication and Nanonetworks · Quantum Mechanics and Applications
Fault-Tolerant Quantum Key Distribution: Enabling Overclocked Modulation
Feng-Yu Lu
These authors contributed equally to this work
Jia-Xuan Li
These authors contributed equally to this work
Ze-Hao Wang
These authors contributed equally to this work
CAS Key Laboratory of Quantum Information, University of Science and Technology of China, Hefei, Anhui 230026, P. R. China
CAS Center for Excellence in Quantum Information and Quantum Physics, University of Science and Technology of China, Hefei, Anhui 230026, P. R. China
Shuang Wang
Zhen-Qiang Yin
CAS Key Laboratory of Quantum Information, University of Science and Technology of China, Hefei, Anhui 230026, P. R. China
CAS Center for Excellence in Quantum Information and Quantum Physics, University of Science and Technology of China, Hefei, Anhui 230026, P. R. China
Álvaro Navarrete
Marcos Curty
Vigo Quantum Communication Center, University of Vigo, Vigo E-36310, Spain
Escuela de Ingeniería de Telecomunicación, Department of Signal Theory and Communications, University of Vigo, Vigo E-36310, Spain
AtlanTTic Research Center, University of Vigo, Vigo E-36310, Spain
Wei Chen
De-Yong He
Guang-Can Guo
Zheng-Fu Han
CAS Key Laboratory of Quantum Information, University of Science and Technology of China, Hefei, Anhui 230026, P. R. China
CAS Center for Excellence in Quantum Information and Quantum Physics, University of Science and Technology of China, Hefei, Anhui 230026, P. R. China
Hefei National Laboratory, University of Science and Technology of China, Hefei 230088, China
Abstract
Implementation security, higher generation rate, and lower cost are primary missions in the domain of quantum key distributions in recent years. However, simultaneously achieving robust security, high speed, and low cost often resembles an “impossible triangle”. This is largely because the modulation system, a core component of the QKD transmitter, imposes a strict bandwidth limitation. Pushing a low-cost modulator to a high repetition frequency inevitably introduces correlations and misalignment, which can create security loopholes. Conversely, operating at a conservative rate fails to exploit the system’s potential, while adopting ultra-high-bandwidth components is often expensive for practical implementation, forcing a perpetual trade-off among implementation security, key rate, and cost. In this work, we propose a comprehensive countermeasure to overcome this modulation bandwidth bottleneck. We present a protocol specifically designed to address the security loopholes arising from modulation imperfections, ensuring security even in overclocked modulation systems. Furthermore, we develop two practical techniques to characterize and mitigate the detrimental correlations. Our experimental setup demonstrates that the proposed method achieves the lowest correlated deviation reported in similar studies, while maintaining a high secret key rate using a bandwidth-limited modulation system. By simultaneously enhancing security, performance, and practicality, this work releases QKD systems from the traditional performance-cost trade-off in the near term, paving the way for widespread deployment. In the long run, this work can be readily integrated with high-bandwidth components to further push the boundaries of system performance.
I INTRODUCTION
As one of the most successful technologies in the field of quantum information science, quantum key distribution (QKD) [2, 24, 48, 46, 41] allows two distant parties, usually referred to as Alice and Bob, to share information-theoretically secure keys in the presence of a technologically unbounded eavesdropper, Eve.
As a technology for encryption, security is the fundamental requirement for any QKD setup [25, 4, 52, 66, 35, 61, 29, 55, 44, 5, 40, 53, 60, 9, 59, 36]; as a system for communication, the pursuit of higher secret-key rates [33, 54, 71, 1, 22, 3, 58, 23, 10] is the inevitable tendency for the development of the QKD domain; as a technique for practical applications, lower cost would be a great advantage for its deployment [45, 49, 50, 63, 73]. In practice, however, achieving high speed, robust security, and low cost simultaneously often resembles an ‘impossible triangle’. Many experiments [69, 43, 27, 18, 28, 8, 64, 56] have shown that when low-cost modulation systems are used to force high-speed modulation, the QKD transmitter inevitably suffers from correlation and misalignment issues, which may create security loopholes if not properly addressed. Meanwhile, operating the system at a conservative frequency fails to fully exploit its potential, while high-bandwidth systems, although capable of high speed and security, remain expensive for practical deployment. This limitation forces us to navigate trade-offs among security, key rate, and cost.
Numerous efforts have been undertaken to address this challenge. Some efforts [20, 52, 16, 34, 29] efficiently mitigate the impact of static state preparation flaws (SPFs). Other efforts address side channels resulting from mode dependencies (including Trojan-horse attacks) [61, 38]. Furthermore, several protocols or proofs tackle correlated modulation, also known as the patterning effect [69, 39, 72, 51, 18, 28]. However, these studies typically address only one or a few of the aforementioned issues in isolation: most works fail to account for the presence of correlations; some studies only consider correlated intensity sources [69, 72, 51]; and some focus solely on correlated bit and basis encoding in ideal single-photon systems [39]. Moreover, some studies have attempted to address this problem from a technical standpoint, including data post-processing [69], pre-processing [18, 28], and correlation-mitigating modulators [43, 27, 8]. However, these latter approaches only consider intensity correlations and their performance requires further improvement.
To address the challenge of the ‘impossible triangle’, it is essential to account for all the above imperfections together to realize a modulation overclocking. Additionally, characterizing, measuring, and subsequently suppressing these imperfections is crucial for avoiding the performance decrease. In this study, we introduce a fault-tolerant protocol that can handle SPFs, mode-dependent side channels, and pulse correlations holistically, thereby allowing QKD systems to work at a higher frequency without losing their security. Furthermore, our protocol outperforms previous approaches with bandwidth-limited modulation systems. In addition, we have developed several techniques in this study to reduce the misalignment and correlation errors, thus avoiding the decrease of SKR. One of the techniques, named ‘deviation microscope’, successfully addresses the challenge of measuring weak-intensity correlations. This enables the measurement of correlations of the vacuum state and time-bin encoding. Another technique, termed ‘double suppressing’, mitigates correlated deviations to an ultra-low level, which represents the state-of-the-art suppression when compared to other similar works [69, 43, 27, 18, 28, 8]. Importantly, our theory provides a precise estimation of information leakage, while our techniques minimize misalignment and correlated errors in bandwidth-limited modulators. Therefore, both security and performance aspects are addressed through our theoretical and technical advancements. Building on these achievements, we experimentally demonstrate an overclocked QKD system and successfully overcome the key rate limitations imposed by modulation bandwidth. In summary, our work makes it possible to develop high-quality QKD systems while reducing their complexity and cost, thus paving the avenue for QKD’s practical applications, especially for further field and network applications. Meanwhile, in the long run, this work can be readily integrated with high-bandwidth components to further push the boundaries of system performance.
II Theoretical framework
Based on previous theoretical and experimental results [39, 72, 51, 69, 43, 27, 18, 28, 8], we introduce a practical transmitter model. This model accounts for all the aforementioned imperfections with a small set of assumptions, representing a significant advancement over previous models.
Our protocol is described as follows (see Box. 1): In each round , Alice randomly selects a bit/basis encoding setting and an intensity setting and prepares a phase-randomized coherent state accordingly. However, due to the modulation bandwidth limitation, both the actual encoding and the actual intensity of the transmitted pulse may differ from her ideal selection and depend on the settings selected in previous rounds. In particular, here we shall consider that this dependence has a finite range (referred to as -order correlation) meaning that and may depend on the settings and with , but they are unaffected by those with [39, 72, 51, 18]. Importantly, we note that the security analysis could be extended to the case of an infinite correlation length by incorporating the results of [37]. Most previous works typically assume the actual bit/basis preparation (intensity) is solely influenced by the previous bit/basis encoding (intensity) settings, expressed as and . Phase-encoding and polarization-encoding schemes typically adhere to this scenario, as phase and polarization modulation are often regarded as independent of the intensity modulation. In this work, we consider the more general scenario in which both and may be affected by the full sequence of previous settings , expressed as and . Time-bin encoding usually adheres to this scenario, given that time-bin bit/basis encoding fundamentally involves intensity modulation [57, 68, 3]. Another example that may adhere to this scenario is chip-based QKD, independently of the encoding [21, 65].
Based on the model of the bandwidth-limited modulations, we propose a fault-tolerant QKD protocol that remains secure in the presence of the aforementioned imperfections and considerably reduces the required assumptions (see Box. 1). For this, prior to the protocol execution, Alice accurately characterizes the quantum states of the transmitted pulses to determine the correlation range , as well as the actual bit/basis encoding and the actual intensities for each sequence . This enables Alice and Bob to post-process their raw keys in a fine-grained manner. That is, they not only classify the measurement statistics based on the single-round setting choices , but also take into account Alice’s previous setting choices .
Specifically, pulse correlations are incorporated into the model through a series of constraints that restrict the deviations between the actual intensity and state preparation from an idealized scenario with no correlations. These constraints are validated by Alice during the transmitter characterization step prior to the protocol execution, and serve as inputs for the security proof. We refer the reader to the Supplementary Information for further details.
Additionally, SPFs are accommodated via the rejected-data analysis [52], which allows to tightly estimate the detection statistics of some virtual states that are required to compute the phase-error rate of the protocol. Importantly, due to the presence of information leakage, the states of the single-photon contributions do not lie in a qubit space, preventing us from directly calculating the phase-error rate. To solve this, we rely on the so-called CS inequality [39, 72] to estimate the measurement statistics of an auxiliary state—that lies within the qubit space spanned by the -basis states—which is sufficiently close to the test state (i.e., to the single-photon state encoding ). Moreover, we employ a refined decoy-state method which uses linearized CS constraints [72, 51] to bound the single-photon yields and error rates in the presence of intensity correlations. By combining these tools, we can realize the modulation overclocking.
In the asymptotic regime of infinitely many rounds, the SKR can be approximated as [72]
[TABLE]
where , , and denote, respectively, a lower bound on the probability of emitting a single-photon pulse when Alice selects the intensity setting , a lower bound on the single-photon yield, and an upper bound on the single-photon phase-error rate (both in the basis), averaged over all possible -length setting sequences; denotes the Shannon binary entropy function; is the error correction efficiency; is the gain of the overall signal states in the -basis; and is the quantum bit-error rate of the sifted key in the -basis.
To validate the performance of an overclocked system using our protocol, we simulate an ideal BB84 scheme with a maximum secure frequency of 250 MHz [18, 28]—i.e., this is the highest frequency at which the system can operate without inducing pulse correlations—and compare it with a double-frequency overclocked system (500 MHz) and a quadruple-frequency overclocked system (1 GHz), introduce correlations of range 1 and 3, respectively. The systems with and without cross-correlation are both validated by simulation. The results indicate that the overclocked systems obtain significantly higher SKRs before approaching the maximum distance. In particular, Fig. 1a shows that the overclocked system has a SKR boost close to a multiple of the overclocking in the range of up to 10 dB (i.e., 50 km for standard fiber loss). Moreover, Fig. 1b shows that the quadruple-frequency overclocked system still has a 3-times higher SKR in the 10 dB range even if cross correlations are considered. In the Supplementary Information we define various different parameters that characterize the strength of the correlations. For simplicity, in this figure we set all the different types of to the same value . Notably, for the overclocked system still obtains a superior SKR at 25 dB total loss, which for standard optical fiber corresponds to km and km when using single-photon avalanche detectors (SPAD) and superconducting-nanowire single-photon detectors (SNSPD), respectively.
III Experimental Demonstration of the Qverclocked QKD
To experimentally validate our protocol in the presence of pulse and cross correlations, we employ overclocked devices to build a time-bin-encoding QKD setup operating at 1 GHz (the conservative frequency is 250 MHz). The experiment comprises three parts. The first part involves building the overclocked modulation system and forcing it to operate at the desired 1 GHz repetition rate. In the second part, we accurately characterize the correlations with our ‘pattern microscope’. Finally, in the third part we suppress the correlations to an ultra-low level by using our ‘double suppressing’ method. We refer the reader to the Methods section for further information.
The experimental setup for the QKD system is illustrated in Fig. 2. On the source side, a gain-switched laser diode (LD, WT-LD100) generates PRWCPs with a pulse width of 50 ps and separated in intervals of 1 ns. The pulses are fed to the modulation system, which contains the decoy-state module and the bit/basis encoding module. The decoy-state module consists of a high-speed intensity modulator (IM) accompanied with its driving circuit. The IM is a commercial -based integrated Mach-Zehnder interferometer (MZI) that operates at 1 GHz to probabilistically generate the three different intensities.
In the encoding module, the pulses are first directed to a Sagnac interferometer (SI) [43, 7, 29], which comprises a customized beamsplitter (BS) with splitting ratio, a phase modulator (PM) placed off-center, and polarization-maintaining fibers for connecting the BS and PM. The output intensity ratio of the SI at its constructive and destructive interference points is 2:1, and both working points have been proven to be essentially insensitive to electronic disturbance [43, 27]. The SI operates at its constructive and destructive interference points for the and bases, respectively, serving as a low-correlation IM to balance the intensity of the two bases. Following the SI, an AMZI with 500 ps path difference splits each pulses in two—early and late—bins. A phase shifter (PS) is inserted in the long arm of the AMZI to compensate the reference-frame drift [20, 57, 32]. After the AMZI, an optical switch (OS)—which is also a commercial based integrated MZI—is used to selectively block the pulses based on Alice’s encoding: if the bit 0 (1) in the basis is selected, the OS blocks the late (early) bin of the signal, whereas both pulses pass through if the encoding is selected. Note that this encoding process halves the intensity of the -basis states, this being the reason for employing the preceding SI. After modulation, the pulses are attenuated to the single-photon level and transmitted through the channel.
At the receiver, a 50:50 BS passively distributes [3, 30, 13] the incoming pulses into two different measurement units (MUs). In MU-Z, two homemade SPDs [12] are gated [12, 42, 70] at 1 GHz, one being activated during the early bin (bit 0) and the other during the late bin (bit 1). In MU-X, a Faraday-Michelson interferometer (FMI) with the same path difference as the transmitter’s AMZI interferes the early and late bins, and two homemade SPDs gated at 1 GHz—to filter out dark counts and inter-round noise—record the -basis bits. The bit 0 (1) corresponds to constructive (destructive) interference. The output signals of the four SPDs are sent to a time-digital converter (TDC) to generate the raw key.
The modulation system in our experiment has been proven to be bandwidth-limited at 1 GHz frequency in [18, 28]. The correlation length has been measured as when operated at 1 GHz [18]. This implies that when implementing conventional protocols like BB84, the conservative modulation frequency is 250 MHz (or less). In the experiment, we characterize the imperfections with our ‘deviation microscope’ and subsequently strongly mitigate them with our ‘double suppressing’ method. Afterward, we characterize the residual imperfections and use this information to properly set values for the parameters required in the security analysis. Specifically, in the Supplementary Material we define certain classes of parameters , , and (, and ) that constrain the impact of previous bit/basis encoding (intensity) settings on the current transmitted state (for formal definitions, see the Supplementary Material). These parameters are initially computed in a fine-grained manner—i.e., we compute each for all possible sequences of settings—by performing tomography on the intensity of the emitted time bins [14, 15, 28]. Note that, in a time-bin scheme, this method allows characterization of not only the actual intensity of each signal but also the actual bit/basis encoding. To simplify subsequent calculations, we conservatively select the worst-case scenario among these fine-grained parameters, an approach that introduces no significant performance degradation.
We operate the setup for several channel losses by employing a 5 km fiber spool and an electronic variable optical attenuator (EVOA). The overall detection efficiency—which comprises all losses at the detection side—is ( dB of overall loss). The raw data is processed under two different scenarios: one in which all correlations are accounted for, and another in which cross-correlations are ignored. As shown in Fig. 3, the experimental results are consistent with the simulations. We obtain a 1.1 Mbps SKR at 5 km, which doubles that of the simulated BB84 (or loss-tolerant [52, 38]) protocol operated at the safe 250 MHz clock rate. At 11 dB channel loss ( km) we obtain a 69.3 kbps SKR, which is still 1.3 times higher than provided by the simulated ideal system. Indeed, the simulations suggest that our overclocked system would maintain its superiority at intercity distances ( km) by using SNSPDs [11] at the receiver side.
IV CONCLUSION
In summary, we have proposed a protocol and several techniques to realize the modulation overclock, which is one of the fundamental challenges of QKD systems. On the one hand, the performance of a QKD setup directly depends on its repetition rate, on the other hand, the system must be operated at a limited rate to avoid errors and information leakage due to a correlated and misaligned modulation. The protocol presented in this work considers all these potential security loopholes and provides a method to reduce their magnitude to ultra low levels and obtain a much tighter parameter estimation in bandwidth-limited scenarios. The simulation results indicate that our protocol allows an overclocked system to achieve a secret-key rate that is several times higher than that of a system operated at the original frequency at metropolitan or intercity distance. We have also experimentally demonstrated the protocol by establishing a overclocked system and obtaining a result in agreement with the theory, which confirms the ability to overcome the modulation bandwidth limitation. This study provides a solution to avoid the trade-off between performance and cost in QKD and opens a path towards practical QKD applications.
Acknowledgements.
This work was supported in part by the National Natural Science Foundation of China under Grant 62301524, Grant 62425507, Grant 62271463, Grant 62105318, Grant 61961136004, and Grant 62171424, in part by the Fundamental Research Funds for the Central Universities, and in part by China Postdoctoral Science Foundation under Grant 2022M723064, in part by the Natural Science Foundation of Anhui under Grant 2308085QF216, and in part by the Innovation Program for Quantum Science and Technology under Grant 2021ZD0300700. M. C. and A. N. acknowledge support from the Galician Regional Government (consolidation of research units: atlanTTic), the Spanish Ministry of Economy and Competitiveness (MINECO), the Fondo Europeo de Desarrollo Regional (FEDER) through the grant No. PID2024-162270OB-I00, MICIN with funding from the European Union NextGenerationEU (PRTR-C17.I1) and the Galician Regional Government with own funding through the “Planes Complementarios de I+D+I con las Comunidades Autonomas” in Quantum Communication, the “Hub Nacional de Excelencia en Comunicaciones Cuanticas” funded by the Spanish Ministry for Digital Transformation and the Public Service and the European Union NextGenerationEU, the European Union’s Horizon Europe Framework Programme under the project “Quantum Security Networks Partnership” (QSNP, grant agreement No 101114043) and the European Union via the European Health and Digital Executive Agency (HADEA) under the Project QuTechSpace (grant 101135225).
Appendix A Modulation
To drive Alice’s modulators, we employ a 5 GS/s-sampling-rate arbitrary waveform generator (AWG, Tektronix AWG5208) accompanied by a radio frequency power amplifier (RFPA). This electronic system has been proven to be bandwidth-limited at 1 GHz in previous works [18, 28], leading to a correlation range .
As illustrated in the red dashed-line box in Fig. 4, the RF signal used for the decoy-state modulation is a square waveform with a duration of 1 ns. The different amplitudes of the modulation signal are fine-tuned by our calibration algorithm according to the full sequence . The RF signals used for the bit/basis encoding are illustrated in the blue dashed-line box. In the SI, the clockwise and counterclockwise pulses pass through the PM sequentially, being modulated by positive and negative voltages, respectively. The PM is driven by a calibrated RF signal [69, 43, 27] whose amplitude is fine-tuned according to the encoding bases selected in the current and three preceding rounds—which is essentially determined by the settings . The amplitude of the () basis corresponds to a relative phase [math] () between the clockwise and the counterclockwise pulses inside the modulator.
In contrast to the previous IM , the OS is operated at 2 GHz to independently modulate the early and late time bins in each round. The amplitude of its driving RF signal depends on the current configuration of the OS—on or off—and is fine-tuned according to its previous six configurations. That is, when the current pulse belongs to a late bin, the amplitude is fine-tuned according to the current early bin and the previous two and a half encoding settings; when the current pulse belongs to an early bin, the amplitude is fine-tuned according to the previous three encoding settings. In particular, the bit/basis encoding settings [math], , and correspond to the OS configurations on-off, off-on, and on-on, respectively (see Fig. 4).
Appendix B Deviation microscope
A precise characterization of the correlations is crucial for fine-tuning the RF signals that are fed to the modulators. In our time-bin scheme, correlations affecting both the bit/basis encoding and the decoy intensity of a signal can be examined by measuring the intensities of its two time bins. However, detecting intensity deviations in weak pulses poses a significant challenge. To overcome this obstacle, we devised a technique we term ‘deviation microscope’. The key idea is to focus on the most sensitive points of the response curve of the modulators, where intensity deviations can be measured with much higher precision. The technique can be divided in two steps: characterizing the ‘sensitivity curve’ of the modulator, and measuring the output intensity at a sensitive point. Precisely, we define the ‘sensitivity’ as
[TABLE]
where denotes the working point of the modulator; denotes the normalized (i.e., ) output of the modulator; is the derivative of ; and denotes the detection noise. Note that Eq. 2 quantifies the instantaneous rate of change of the output intensity relative to its current value, rather than the absolute rate of change [69, 43, 27].
Let us consider a commercial MZI-based IM or OS as an example. The response curve of this type of devices follows a sinusoidal form [67, 31]:
[TABLE]
where is the input intensity, denotes the bias of the modulator [67, 31], and represents the unavoidable background intensity. As shown in Fig. 5, the working point with highest sensitivity is very close to the vacuum intensity . Unfortunately, measuring the intensity near the vacuum point is challenging in practice because the output signal is typically overwhelmed by noise, substantially reducing the signal-to-noise ratio (SNR). Indeed, this is the primary reason why the correlations of the vacuum intensity have been neglected in previous studies.
To address this challenge, we built a setup to test the decoy module and encoding modules independently. The setup is depicted in Fig. 6, where the blue capsule represents the currently tested module, and the brown capsule represents a detection module that can be adapted to the tested module. The calibration process proceeds as follows. Each round, a RF signal chosen at random from the pre-decided set is fed into the IM to determine its working point . To measure the correlations of the target intensity, say , the IM is biased to make correspond to a highly sensitive point according to Eq. 2. In the detection module, an SPD is employed due to its proven superiority in detecting weak signals [6, 19, 47]. The SPD is gated such that it is only active when the intensity setting is selected, which filters out dark counts and afterpulses. Moreover, this selective gating effectively filters out unwanted responses from non-target intensities, preventing detector count saturation. As a result, it allows the user to reduce the attenuation of the EVOA (see Fig. 6), thereby enhancing the SNR and enabling the observation of correlations even at weak intensities. The fine-grained detection statistics at the sensitive point are then classified according to the previous settings and subsequently used to calibrate the RF signals. Finally, the original bias voltage is recovered to obtain the correlation-suppressed signals.
Appendix C Double suppressing:
Previous studies have demonstrated that optical stable points significantly mitigate the intensity deviations caused by correlations to a level as low as [43, 27]. Moreover, an electronic compensating algorithm have been demonstrated to suppress such deviations to a level of [18, 28]. In this work, we address a critical technical challenge, which is the fact that the intensity deviations at the optical stable points are too small to be reliably estimated for the compensating algorithms. By overcoming this limitation, we achieve the double suppression that combines the optical solution and the electronic compensation algorithm.
Specifically, the target modulator is first biased to leverage the deviation microscope, allowing the intensity deviations to be observed at sensitive points. Subsequently, the compensating algorithm is executed to suppress the deviations by adjusting the RF signal. After the algorithm is completed, the additional bias is removed, ensuring that the output remains at the stable point while the distortions are compensated. This method can further reduce the deviations at the stable point by an order of magnitude. We employ it to suppress the deviations at the IM and OS, achieving an exceptionally low level of deviations. For the remaining active components of the transmitter, we simply employ either the deviation microscope or the compensating algorithm [28].
In the experiment, we employ Bob’s SPDs to measure the deviations. Since our homemade SPDs can only operate at 1 GHz, we reduce the pulse rate of the laser source to 200 MHz while keeping the modulators operating at their original frequency. This means that each ‘pulse round’ is followed by four ‘empty rounds’. To characterize the deviations for the target intensity, say , we load into the IM in the ‘pulse rounds’ and select random intensities in the ‘empty rounds’. As the correlation range is three, this procedure allows to observe all relevant patterns. Then, we classify the measurement statistics according to the previous three selections and compute the yield —i.e., the probability to observe a detection given that Alice selects the settings and the previous three settings —for each group. We use here the letter to differentiate the yield in the correlation measurements from that of the QKD experiments (for which we use the letter ). As illustrated in Fig. 7, prior to compensation, the deviations for are all below , which is an acceptable range. This is possible because is generated at a stable point of the IM. To further suppress the deviations, we bias the IM to measure the yields at a sensitive point. There, we observe significant deviations on the order of , with a maximum deviation reaching . By compensating the RF signal at this point and removing the bias voltage, we finally obtain deviations of , with maximum at . This demonstrates a level of performance that is state-of-the-art when compared to similar works.
The reference list from the paper itself. Each links out to its DOI / PubMed record.
- 1[1] D. Bacco and M. Colautti (2023) High secret key rate goes a long way . Nature Photonics 17 ( 5 ), pp. 378–379 . Cited by: §I .
- 2[2] C. H. Bennett and G. Brassard (1984) Quantum cryptography: public key distribution and coin tossing . In Proceedings of IEEE International Conference on Computers, Systems and Signal Processing , pp. 175–179 . Cited by: §I .
- 3[3] A. Boaron, G. Boso, D. Rusca, C. Vulliez, C. Autebert, M. Caloz, M. Perrenoud, G. Gras, F. Bussières, M. Li, et al. (2018) Secure quantum key distribution over 421 km of optical fiber . Physical Review Letters 121 ( 19 ), pp. 190502 . Cited by: §I , §II , §III .
- 4[4] S. L. Braunstein and S. Pirandola (2012) Side-channel-free quantum key distribution . Physical Review Letters 108 ( 13 ), pp. 130502 . Cited by: §I .
- 5[5] M. Curty, F. Xu, W. Cui, C. C. W. Lim, K. Tamaki, and H. Lo (2014) Finite-key analysis for measurement-device-independent quantum key distribution . Nature Communications 5 , pp. 3732 . Cited by: §I .
- 6[6] P. Eraerds, M. Legré, J. Zhang, H. Zbinden, and N. Gisin (2010) Photon counting OTDR: advantages and limitations . Journal of Lightwave Technology 28 ( 6 ), pp. 952–964 . Cited by: Appendix B .
- 7[7] G. Fan-Yuan, F. Lu, S. Wang, Z. Yin, D. He, W. Chen, Z. Zhou, Z. Wang, J. Teng, G. Guo, et al. (2022) Robust and adaptable quantum key distribution network without trusted nodes . Optica 9 ( 7 ), pp. 812–823 . Cited by: §III .
- 8[8] Y. Gao and Z. Yuan (2023) Suppression of patterning effect using IQ modulator for high-speed quantum key distribution systems . Optics Letters 48 ( 4 ), pp. 1068–1071 . Cited by: §I , §I , §I , §II .
