Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Phase error rate estimation in QKD with imperfect detectors

Devashish Tupkary, Shlok Nahar, Pulkit Sinha, Norbert Lütkenhaus

TL;DR

This work delivers a finite-size security proof for the decoy-state BB84 QKD protocol against coherent attacks using entropic uncertainty relations in the presence of imperfect detectors and basis-efficiency mismatch. It introduces the metrics $\delta_1$ and $\delta_2$ to quantify deviations from ideal detector behavior and derives high-confidence bounds on the phase error rate without requiring basis-independent loss. The analysis extends to decoy-state BB84, provides a practical recipe for computing key rates under detector imperfections, and demonstrates the beneficial effect of detector random-swapping on key rates. The framework also addresses detector side-channels and considers correlated detector effects, offering a modular, variable-length security approach that improves practicality for real-world QKD deployments.

Abstract

We present a finite-size security proof of the decoy-state BB84 QKD protocol against coherent attacks, using entropic uncertainty relations, for imperfect detectors. We apply this result to the case of detectors with imperfectly characterized basis-efficiency mismatch. Our proof works by obtaining a suitable bound on the phase error rate, without requiring any new modifications to the protocol steps or hardware. It is applicable to imperfectly characterized detectors, and only requires the maximum relative difference in detection efficiencies and dark count rates of the detectors to be characterized. Moreover, our proof allows Eve to choose detector efficiencies and dark count rates in their allowed ranges in each round, thereby addressing an important problem of detector side channels. We prove security in the variable-length framework, where users are allowed to adaptively determine the length of key to be produced, and number of bits to be used for error-correction, based on observations made during the protocol. We quantitatively demonstrate the effect of basis-efficiency mismatch by applying our results to the decoy-state BB84 protocol.

Phase error rate estimation in QKD with imperfect detectors

TL;DR

This work delivers a finite-size security proof for the decoy-state BB84 QKD protocol against coherent attacks using entropic uncertainty relations in the presence of imperfect detectors and basis-efficiency mismatch. It introduces the metrics and to quantify deviations from ideal detector behavior and derives high-confidence bounds on the phase error rate without requiring basis-independent loss. The analysis extends to decoy-state BB84, provides a practical recipe for computing key rates under detector imperfections, and demonstrates the beneficial effect of detector random-swapping on key rates. The framework also addresses detector side-channels and considers correlated detector effects, offering a modular, variable-length security approach that improves practicality for real-world QKD deployments.

Abstract

We present a finite-size security proof of the decoy-state BB84 QKD protocol against coherent attacks, using entropic uncertainty relations, for imperfect detectors. We apply this result to the case of detectors with imperfectly characterized basis-efficiency mismatch. Our proof works by obtaining a suitable bound on the phase error rate, without requiring any new modifications to the protocol steps or hardware. It is applicable to imperfectly characterized detectors, and only requires the maximum relative difference in detection efficiencies and dark count rates of the detectors to be characterized. Moreover, our proof allows Eve to choose detector efficiencies and dark count rates in their allowed ranges in each round, thereby addressing an important problem of detector side channels. We prove security in the variable-length framework, where users are allowed to adaptively determine the length of key to be produced, and number of bits to be used for error-correction, based on observations made during the protocol. We quantitatively demonstrate the effect of basis-efficiency mismatch by applying our results to the decoy-state BB84 protocol.
Paper Structure (55 sections, 22 theorems, 126 equations, 8 figures, 2 tables)

This paper contains 55 sections, 22 theorems, 126 equations, 8 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Relation to other work on basis-efficiency mismatch
  3. Protocol Description
  4. Requirements on phase error estimation procedure and variable-length security
  5. Phase error estimation with basis-independent loss assumption
  6. Protocol Measurements
  7. Constructing an equivalent protocol
  8. Sampling
  9. Phase error estimation without basis-independent loss assumption
  10. Protocol Measurements
  11. Constructing an equivalent protocol
  12. Testing Rounds after basis-independent Filter
  13. Key Generation Rounds after basis-independent Filter
  14. Cost of removing the basis-independent loss assumption
  15. Sampling
  16. ...and 40 more sections

Key Result

Theorem 1

[Variable-length security of BB84 with qubit source] Suppose eq:req is satisfied and let $\lambda_\text{EC}(n_{X},n_{K},e^{\text{obs}}_{X} ,e^{\text{obs}}_Z )$ be a function that determines the number of bits used for error-correction. Define where $h(x)$ is the binary entropy function for $x\leq 1/2$, and $h(x) = 1$ otherwise. Then the variable-length QKD protocol that produces a key of length

Figures (8)

  • Figure 1: Schematic for the two-step measurement procedure from \ref{['lemma:twostep']}. Note that the second step measurement $\{G_k\}_{k \in \mathcal{A}_i}$ depends on the outcome of the first step measurement.
  • Figure 2: Protocol flowchart for the equivalent protocol from \ref{['sec:perfectdetectors']}, where basis-independent loss assumption (\ref{['eq:bobcondition']}) is satisfied. The dotted arrows and boxes represent virtual measurements that do not actually happen in the real protocol. Connections between different boxes are highlighted using curved arrows. We use the Serfling bound (\ref{['lemma:sampling']}) to obtain a bound on the phase error rate from observations. The phase error rate is then used to bound the smooth min entropy using the EUR statement. We use $\bm{N}_P$ to denote the number of $P$ measurement outcomes, where $P$ denotes a POVM element. For clarity, we have omitted the conditioning on events in the figure (but not in our proof). The basis used for measurements is indicated in each box, and refers to the basis used by both Alice and Bob.
  • Figure 3: Protocol flowchart for the equivalent protocol from \ref{['sec:imperfectdetectors']}, where basis-independent loss assumption (\ref{['eq:bobcondition']}) is not satisfied. The dotted arrows and boxes represent virtual measurements that do not actually happen in the real protocol. Connections between the error rates in different boxes are highlighted using curved arrows. We use $\bm{N}_P$ to denote the number of $P$ measurement outcomes, where $P$ denotes a POVM element. For the POVMs, the reader may refer to \ref{['table:povms']} or \ref{['subsec:protmeasure']}. For clarity, we have omitted the conditioning on events in the figure (but not in our proof). Compared to \ref{['fig:virtualprot']}, the testing and key generation rounds go through an additional second step filtering measurement that depends on the basis used, which typically results in a few rounds being discarded, before undergoing the final measurement. The basis used in these measurements in indicated in each box, and indicates the basis used by both Alice and Bob.
  • Figure 4: Finite-size key rates in the presence of basis-efficiency mismatch, for the decoy-state BB84 protocol, against loss. We plot key rates for $N_\text{tot} = 10^{12}$ number of total signals sent, for various values of $\Delta_{\eta},\Delta_{\text{dc}}$. We find that random swapping of the $0$ and $1$ detectors drastically improves the key rates obtained.
  • Figure 5: Finite-size key rates in the presence of basis-efficiency mismatch, for the decoy-state BB84 protocol against loss. We plot key rates for various values of total number of signals sent ($N_\text{tot}$), for $\Delta_{\eta}=\Delta_{\text{dc}}=0.05$.
  • ...and 3 more figures

Theorems & Definitions (51)

  • Remark 5
  • Theorem 1
  • Lemma 1
  • Lemma 2
  • Remark 6
  • Remark 7
  • Remark 8
  • Remark 9
  • Theorem 2: Sampling with different filtering measurements
  • Remark 10
  • ...and 41 more