Cryptography Reference
In-Depth Information
sent as a single pulse in one spatial mode using two orthogonal polarizations.
This allows for a convenient practical implementation of the protocol and will
later be an important issue for the cryptographic scheme presented below.
Along with coherent states, which are frequently though incorrectly seen
as classical, the nonclassical entangled states were also considered for the
QKD. The first protocol based on entanglement was suggested by Ekert in
1992 [9]. It uses the test of the Bell inequalities to protect the scheme from an
eavesdropper, the invasion of whom would result in entanglement decoher-
ence and can be disclosed by a Bell test of Alice and Bob. The disadvantage
is the same as in the previous protocols: stochastic, inefficient sources and
inefficient slow detectors. The protocol of Ekert is in its essence equivalent to
the BB84 protocol if reformulated in terms of a prepare and measure scheme.
The paper of Ralph [10] marks the starting point of a new era of continuous
variable quantum cryptography [10-17]. These continuous variable crypto-
graphic systems all used squeezed or entangled states. The ultimate goal was
to achieve high bit rates and thus to solve the problem of low efficiency of dis-
crete variable schemes. As already mentioned, there are no reliable, fast, and
deterministically operating single-photon sources available at the moment,
and most implementations of single-photon cryptographic systems use weak
coherent pulses instead. Owing to the problem of multiphoton components
of coherent states in those systems, the effective amplitude has to be very low,
which impairs the performance, resulting in a key rate that scales as the square
of the single-photon transmission efficiency of the quantum channel. A sec-
ond drawback is the lack of fast and efficient single-photon detectors, whereas
homodyne detectors and bright light photoreceivers work with nearly unit
quantum efficiency at high speeds. However, the need for highly nonclassical
squeezed or entangled states, the low loss tolerance, and the absence of an
unconditional security proof for existing schemes had put the practicability
of continuous variable quantum cryptography in question. For a long time it
was believed that nonclassical states are the unavoidable prerequisite for pro-
tecting the system against eavesdroppers. In addition, the achievable range
of key exchange was argued to be restricted to the attenuation length of the
channel (50% loss)[18].
The potential advantages in using fast and efficient homodyne detection
instead of single-photon counters did not remain unnoticed in the community
working with the weak coherent pulse QKD. In 2000 Hirano et al. [19] were
the first to replace single-photon detectors with homodyne detection. They
used the BB84 protocol with phase encoding and weak coherent pulses using
homodyning for detecting quadrature amplitudes. In a way, they progressed
on the track pointed out by Bennett [7], that continuous variable cryptogra-
phy does not necessarily require the use of cumbersome nonclassical states
but can get along with quantum coherent states, which are much easier to
implement. But they kept the established binary single-photon strategy by
extracting binary information from their measured homodyne data. For this
purpose they introduced a certain nonzero threshold to differentiate between
