Quantum key distribution: (2) Physical grounds of BB84
Part of my Womanium Global Quantum Project
The interception of a communication channel is basically a set of measurements performed on the channel. The interceptor is a passive listener, eavesdropper, and there is no way to detect passive eavesdropping in the scenario of classical key distribution as the data is never altered. Quantum systems, on the other hand, are governed by Heisenberg uncertainty, which reveals the presence of Charlie in the form of disturbances introduced to the system.
To explain how the Uncertainty principle is employed in QKD together with other physical concepts, we should first discuss a quantum cryptography protocol.
BB84 — A prepare-and-measure protocol
The concept of prepare-and-measure protocols is that Alice prepares the qubits and sends them to Bob to measure them. In BB84, Alice encodes a sequence of classical bits into the polarization of photons so that each polarization corresponds to a certain classical bit as follows:
Alice then sends the polarized photons over a quantum channel to Bob who measures them at rectilinear or diagonal basis randomly (e.g. using a measurement device rectilinearly or diagonally oriented) and records the measurements. It should be noted here that if Bob measures a rectilinearly polarized photon at a diagonal basis, the result will be random, and the information will be lost. That is, he will only get meaningful results when he guesses the polarization correctly.
Alice and Bob then use the classical channel to confirm which photons were received and measured correctly and agree on using them as the key without discussing the bits encoded in them.
To ensure that Charlie did not intercept the transmission, Alice and Bob compares the data of a random set of photons (like one third of photons). If their data for this set agrees, then the rest of the data agrees, and they can use the bits they did not publicly checked as the secure key*. If the measurement by Bob yielded 0 for a photon carrying the information of the classical bit 1, such discrepancy indicates eavesdropping. Alice and Bob then proceed with the error correction process by discarding the bits known to Charlie. This process results in either a corrected secure key or repeating the protocol if Charlie knows much data.
Now the question is: how does the discrepancy occur?
The first security guarantee: Heisenberg uncertainty
The uncertainty principle puts a limit to the certainty with which we can know complementary properties of a particle at the same time. As such, the measurement of one property randomizes the other.
In the scenario of QKD, the key is encoded in the polarization of photons. The complementary properties in this case are the rectilinear and diagonal polarization. When Charlie intercepts the polarized photons sent by Alice to Bob, he measures them, like Bob, in either a rectilinear basis or a diagonal basis randomly. If he guesses the basis correctly, he gets the information Alice originally sent Bob and the photon reaches Bob unaltered. If he chooses an incorrect basis, the photon state gets altered before reaching Bob. Now, even if Bob measures the photon at the same basis Alice used for the polarization, he will get half of the results wrong. Because the measurement Charlie performed randomized the results according to the uncertainty principle.
But can Charlie make a smart move to hide his actions, such as cloning these quantum signals transmitted by Alice to Bob to measure them secretly?
The no-cloning theorem
When I was an undergraduate at Caltech, they had an automated system for requesting copies of articles when you were searching their publication database. I discovered, probably around my junior year, the papers of William Wootters, promptly ordered the automated system to print out every paper Wootters had ever written at that time and my life hasn’t been the same ever since! Wootters thesis is, in my opinion, one of the most interesting results I’ve ever encountered.
— Dave Bacon in his lecture notes on the no-cloning theorem.
It is mathematically proven that ‘A single quantum cannot be cloned’.
The proof was obtained by contradicting the results of two mathematical representation of the process (If you speak bras and kets, see Page 47 of Wolf, Ramona (2021) for a simplified mathematical explanation). Had such process been possible, no discrepancy could have occurred in the outcomes.
The no-cloning theorem states that no device can copy a quantum state (or amplify it) without knowing it beforehand. That is, you can only design a device that copies a certain quantum state and no other unknown states.
In QKD, the transmitted signal is weak and theoretically contains one photon, which entails that Charlie cannot extracts a part of it without causing the loss of signal. He needs to have a perfect copy of it to obtain information about the communication. However, as he knows nothing about the transmitted quantum states, the no-cloning theorem guarantees that he will not be able to even get such copy.
Although these security guarantees are rooted in the laws of physics and thus much stronger, they provide theoretical security. Practically, we find that there is no such a perfect single-photon source. This means that the transmitted pulses contain more than one photon, which is a loophole Charlie can take advantage of and extract single photons from the beam to obtain the information he seeks.
But the laws of physics provide further security guarantees based on the entanglement phenomenon, the basis of the protocol E91 and entanglement-based protocols which will be discussed in the next article.
* This key is a symmetric key like that in AES encryption. So, AES can make use of QKD in the key distribution process before the exchange of cryptograms over classical public channels.
Opinions expressed here, if any, are solely my own and do not represent any entity’s views.
