BB84 is a

quantum key distribution Quantum key distribution (QKD) is a secure communication method that implements a cryptographic protocol involving components of quantum mechanics. It enables two parties to produce a shared random secret key known only to them, which then can b ...

scheme developed by Charles Bennett and

Gilles Brassard Gilles Brassard is a faculty member of the Université de Montréal, where he has been a Full Professor since 1988 and Canada Research Chair since 2001. Education and early life Brassard received a Ph.D. in Computer Science from Cornell Univers ...

in 1984. It is the first

quantum cryptography Quantum cryptography is the science of exploiting quantum mechanical properties to perform cryptographic tasks. The best known example of quantum cryptography is quantum key distribution, which offers an information-theoretically secure soluti ...

protocol Protocol may refer to: Sociology and politics * Protocol (politics) Protocol originally (in Late Middle English, c. 15th century) meant the minutes or logbook taken at a meeting, upon which an agreement was based. The term now commonly refers to ...

. The protocol is

provably secure Provable security refers to any type or level of computer security that can be proved. It is used in different ways by different fields. Usually, this refers to mathematical proofs, which are common in cryptography. In such a proof, the capabilit ...

assuming a perfect implementation, relying on two conditions: (1) the quantum property that information gain is only possible at the expense of disturbing the signal if the two states one is trying to distinguish are not orthogonal (see

no-cloning theorem In physics, the no-cloning theorem states that it is impossible to create an independent and identical copy of an arbitrary unknown quantum state, a statement which has profound implications in the field of quantum computer, quantum computing among ...

); and (2) the existence of an

authenticated Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a ...

public classical channel. It is usually explained as a method of securely communicating a

private key Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...

from one party to another for use in

one-time pad The one-time pad (OTP) is an encryption technique that cannot be Cryptanalysis, cracked in cryptography. It requires the use of a single-use pre-shared key that is larger than or equal to the size of the message being sent. In this technique, ...

encryption. The proof of BB84 depends on a perfect implementation. Side channel attacks exist, taking advantage of non-quantum sources of information. Since this information is non-quantum, it can be intercepted without measuring or cloning quantum particles.

Overview

BB84 QKD system transmits individual photons through a fiber optic cable, with each photon representing a bit of data (zero or one). Polarizing filters on the sender's side set each photon's orientation, while the receiver uses beam splitters to read it. The sender and receiver then compare their photon orientations, with the matching set becoming the cryptographic key.

Description

BB84 QKD protocol - Virtual Lab by Quantum Flytrap

In the BB84 scheme,

Alice Alice may refer to: * Alice (name), most often a feminine given name, but also used as a surname Literature * Alice (''Alice's Adventures in Wonderland''), a character in books by Lewis Carroll * ''Alice'' series, children's and teen books by ...

wishes to send a private key to Bob. She begins with two strings of

bit The bit is the most basic unit of information in computing and digital communication. The name is a portmanteau of binary digit. The bit represents a logical state with one of two possible values. These values are most commonly represented as ...

a

and

b

, each

n

bits long. She then encodes these two strings as a

tensor product In mathematics, the tensor product V \otimes W of two vector spaces V and W (over the same field) is a vector space to which is associated a bilinear map V\times W \rightarrow V\otimes W that maps a pair (v,w),\ v\in V, w\in W to an element of ...

n

qubit In quantum computing, a qubit () or quantum bit is a basic unit of quantum information—the quantum version of the classic binary bit physically realized with a two-state device. A qubit is a two-state (or two-level) quantum-mechanical syste ...

s: :

, \psi\rangle = \bigotimes_^, \psi_\rangle,

where

a_i

and

b_i

are the

i

-th bits of

a

and

b

respectively. Together,

a_ib_i

give us an index into the following four qubit states: :

, \psi_\rangle = , 0\rangle,

, \psi_\rangle = , 1\rangle,

, \psi_\rangle = , +\rangle = \frac, 0\rangle + \frac, 1\rangle,

, \psi_\rangle = , -\rangle = \frac, 0\rangle - \frac, 1\rangle.

Note that the bit

b_i

is what decides which basis

a_i

is encoded in (either in the computational basis or the Hadamard basis). The qubits are now in states that are not mutually orthogonal, and thus it is impossible to distinguish all of them with certainty without knowing

b

. Alice sends

, \psi\rangle

over a public and authenticated

quantum channel In quantum information theory, a quantum channel is a communication channel that can transmit quantum information, as well as classical information. An example of quantum information is the general dynamics of a qubit. An example of classical in ...

\mathcal

to Bob. Bob receives a state

\mathcal(\rho) = \mathcal(, \psi\rangle\langle\psi, )

, where

\mathcal

represents both the effects of noise in the channel and eavesdropping by a third party we'll call Eve. After Bob receives the string of qubits, both Bob and Eve have their own states. However, since only Alice knows

b

, it makes it virtually impossible for either Bob or Eve to distinguish the states of the qubits. Also, after Bob has received the qubits, we know that Eve cannot be in possession of a copy of the qubits sent to Bob, by the

, unless she has made measurements. Her measurements, however, risk disturbing a particular qubit with probability if she guesses the wrong basis. Bob proceeds to generate a string of random bits

b'

of the same length as

b

and then measures the qubits he has received from Alice, obtaining a bit string

a'

. At this point, Bob announces publicly that he has received Alice's transmission. Alice then knows she can now safely announce

b

, i.e., the bases in which the qubits were prepared. Bob communicates over a public channel with Alice to determine which

b_i

and

b'_i

are not equal. Both Alice and Bob now discard the bits in

a

and

a'

where

b

and

b'

do not match. From the remaining

k

bits where both Alice and Bob measured in the same basis, Alice randomly chooses

k/2

bits and discloses her choices over the public channel. Both Alice and Bob announce these bits publicly and run a check to see whether more than a certain number of them agree. If this check passes, Alice and Bob proceed to use information reconciliation and privacy amplification techniques to create some number of shared secret keys. Otherwise, they cancel and start over.

References

{{quantum computing Cryptographic algorithms Quantum information science Quantum cryptography Quantum cryptography protocols de:Quantenkryptografie#BB84-Protokoll

Overview

Description

See also

References