No Arabic abstract
A security evaluation against the finite-key-size effect was performed for a commercial plug-and-play quantum key distribution (QKD) system. We demonstrate the ability of an eavesdropper to force the system to distill key from a smaller length of sifted-key. We also derive a key-rate equation that is specific for this system. This equation provides bounds above the upper bound of secure key under finite-key-size analysis. From this equation and our experimental data, we show that the keys that have been distilled from the smaller sifted-key size fall above our bound. Thus, their security is not covered by finite-key-size analysis. Experimentally, we could consistently force the system to generate the key outside of the bound. We also test manufacturers software update. Although all the keys after the patch fall under our bound, their security cannot be guaranteed under this analysis. Our methodology can be used for security certification and standardization of QKD systems.
We experimentally demonstrate a hybrid configuration for Quantum Key Distribution, that combines the simplicity of Distributed Phase Reference protocols with the self-referencing features and polarization insensitivity of the so-called Plug & Play system. Additionally, all the components are arranged in a server-client scheme to allow for practical key distribution. Blank, coherent pulse pair trains are generated at the reception end of the link by means of a pulse sequence and an unbalanced interferometer, and sent to the other end. The emitter writes the qubits by erasing one of the pulses from the pair as in a Coherent-One Way protocol. Detection, as well as eavesdropping monitoring is performed at the receiver side, using the same interferometer that was used to generate the initial phase-referenced pulses.
It has been shown that in the asymptotic case of infinite-key length the 2-decoy state QKD protocol outperforms the 1-decoy state protocol. Here, we present a finite-key analysis of the 1-decoy method. Interestingly, we find that for practical block sizes of up to $10^8$ bits, the 1-decoy protocol achieves for almost all experimental settings higher secret key rates than the 2-decoy protocol. Since using only one decoy is also easier to implement, we conclude that it is the best choice for practical QKD.
The continuous-variable version of quantum key distribution (QKD) offers the advantages (over discrete-variable systems) of higher secret key rates in metropolitan areas as well as the use of standard telecom components that can operate at room temperature. An important step in the real-world adoption of continuous-variable QKD is the deployment of field tests over commercial fibers. Here we report two different field tests of a continuous-variable QKD system through commercial fiber networks in Xian and Guangzhou over distances of 30.02 km (12.48 dB) and 49.85 km (11.62 dB), respectively. We achieve secure key rates two orders-of-magnitude higher than previous field test demonstrations. This is achieved by developing a fully automatic control system to create stable excess noise and by applying a rate-adaptive reconciliation protocol to achieve a high reconciliation efficiency with high success probability. Our results pave the way to achieving continuous-variable QKD in a metropolitan setting.
In a continuous-variable quantum key distribution (CV-QKD) protocol, which is based on heterodyne detection at the receiver, the application of a noiseless linear amplifier (NLA) on the received signal before the detection can be emulated by the post-selection of the detection outcome. Such a post-selection, which is also called a measurement-based NLA, requires a cut-off to produce a normalisable filter function. Increasing the cut-off with respect to the received signals results in a more faithful emulation of the NLA and nearly Gaussian output statistics at the cost of discarding more data. While recent works have shown the benefits of post-selection via an asymptotic security analysis, we undertake the first investigation of such a post-selection utilising a composable security proof in the realistic finite-size regime, where this trade-off is extremely relevant. We show that this form of post-selection can improve the secure range of a CV-QKD over lossy thermal channels if the finite block size is sufficiently large and that the optimal value for the filter cut-off is typically in the non-Gaussian regime. The relatively modest improvement in the finite-size regime as compared to the asymptotic case highlights the need for new tools to prove the security of non-Gaussian cryptographic protocols. These results also represent a quantitative assessment of a measurement-based NLA with an entangled-state input in both the Gaussian and non-Gaussian regime.
We present a 625 MHz clocked coherent one-way quantum key distribution (QKD) system which continuously distributes secret keys over an optical fibre link. To support high secret key rates, we implemented a fast hardware key distillation engine which allows for key distillation rates up to 4 Mbps in real time. The system employs wavelength multiplexing in order to run over only a single optical fibre and is compactly integrated in 19-inch 2U racks. We optimized the system considering a security analysis that respects finite-key-size effects, authentication costs, and system errors. Using fast gated InGaAs single photon detectors, we reliably distribute secret keys with rates up to 140 kbps and over 25 km of optical fibre, for a security parameter of 4E-9.