Table 7.1 presents the QKD parameters which we measured and are later used in the security analysis. These parameters are loss, QBER,Psprobability of detecting a signal and Pd dead time probability and V, visibility.
The number of photons n, in the pulse is Poisson distributed with a mean photon number, µ. Therefore, the probability of finding n photons in a pulse P(n, µ) can be
53
Loss (dB) QBER Ps Pd Visibility
1 0.0098324 0.1393725 0.0000500 99.65 2 0.0102556 0.1245905 0.0000596 99.55 3 0.0104741 0.1130995 0.0000545 99.30 4 0.0107115 0.105114 0.0000536 99.18 5 0.0109773 0.0947909 0.0000540 98.46 6 0.0110112 0.0856511 0.0000552 97.24 7 0.0110323 0.0417971 0.0000560 94.83
Table 7.1: Experimentally measured QKD parameters for the set-up shown in Fig 7.2.
The parameters are; Loss(dB), which is achieved by varying the attenuation of the signal, Quantum Bit Error Rate (QBER) which is obtained by using Equation (7.5.6);
Pt refers to the overall probability of photon detection on Bob’s side. This probability is evaluated from Equation (7.5.4); Pdrefers to the dark count probability and V is the visibility of the quantum channel in percentage.
expressed as [14]
P(n, µ) = µne−µ
n! . (7.5.1)
The signals sent through an optical fibre, in practice, suffer from losses as distance of transmission increases. This loss is mainly due to scattering in the fibre. The most important parameter which needs to be evaluated in any QKD system is the raw key rate, Rraw [14]. The Rraw between Alice and Bob is expressed as
Rraw =qvµtABtBηB, (7.5.2)
where q relies on the implementation, v is the repetition frequency, µ is the average number of photons per pulse, tAB is the transmission on the line between Alice and Bob, tBis Bob’s internal transmission per pulse andηBis the Bob’s detection efficiency (tB ≈ 0.67) andηB is Bob’s detection efficiency (ηB ≈0.1). The transmittivity t, of a fibre is given by t = 10−αd/10, where α is the attenuation constant and is currently optimal at α = 0.2 andd is the transmission distance in km [14]. The overall transmission can be expressed similarly as η = tcηB where tc is the channel transmission. The probability Ps of detecting a signal at the detector is expressed as
Ps= 1−e−ηµ. (7.5.3)
Now, we can evaluate the overall detection probability, Pt which can be expressed as Pt = Ps+Pd−PsPd
∼= Ps+Pd, (7.5.4)
wherePdis the dark count probability andPsPd is the coincidence of detection between signal and dark count and is usually neglected in the experiment.
In order to test the quality of our QKD scheme we use the quantum bit error rate (QBER). The QBER is an important parameter in QKD because it is used to investigate
the security in QKD protocols [14]. The QBER is simply the fraction of error bits fc to the total number of bits tc. The QBER which is expressed as
QBER= fc
tc (7.5.5)
where fc are false counts and tc are total counts. The false counts, fc = e0Pd +Ps where e0 is the error detection due to background and signal respectively while tc=Pt. This is achieved through the use of some extra classical post-processing steps in order to extract the secret key. The QBER can also be written as
QBER=QBERopt+QBERdark+QBERafter+QBERstray. (7.5.6) In this expression, QBERopt is the probability that a photon hits the wrong detector.
This can also be used as a way to determine the optical alignment of the polarization components and the stability of the fibre link. This is expressed as
QBERopt = 1−V
2 , (7.5.7)
whereV is the visibility. TheQBERdarkis the error due to dark counts. TheQBERdark is expressed as
QBERdark ∼= pdark
µtABtBηB. (7.5.8)
The QBERdark forms the most important parameter in the sense that it increases with distance and therefore limits the range of key distribution. Based on Table 7.1, as the loss increases the QBER increases as well as the dark count probability. This leads to a decrease in the secret key rate as distances increases. This is shown in Figure 7.3. The QBERafter is the error due to after pulses. It is expressed as
QBERafter∼=
n=1/pdet
X
n=0
pafter(τ+ n
v), (7.5.9)
Due to the unavailability of a single photon source, we use a weak laser source. However, this comes with costs as it is associated with some attacks from an eavesdropper called the photon number splitting attacks [153]. This allows her to get full information without being detected.
Based on our measured parameters, we can calculate the secret key generation rate r, against the PNS attacks as
r =Pt[(1−ξ0)β−fECh(Q)], (7.5.10) where ξ0 =ξ(Q/β) and againξ(Q) = log2(1 + 4Q−4Q2), β= (Pt−P0)/Pt,fEC = 1.05 is the error correction efficiency and Q is the QBER. Again, in the expression, ξ is the fraction of key discarded during privacy amplification and P0 = 1−(1 +µ+µ2/2 + µ3/12)Q−µ. The term h(Q) is the binary entropy function and is expressed as h(Q) =
−Qlog2(Q)−(1−Q) log2(1−Q). The variation of the secret rate against distance for the B92 protocol is shown in Figure 7.3. The secret key rate obtained is slightly lower than that of BB84 protocol as expected [23], however it still scales similarly with that
55
7 7.2 7.4 7.6 7.8 8 8.2 8.4
5 10 15 20 25 30 35
r (bits/s)×104
d (km) B92
BB84
Figure 7.3: Experimental secret key rate for the B92 and BB84 protocols as a function of distance. In order to find the key rates, we use formalism developed in Ref [2].
of the standard BB84 protocol. The difference between the two mutual informations is given as
ηdist=I(A:B)−I(A:E), (7.5.11) where I(A:B) = 1 +Dlog2D+ (1−D) log2(1−D) and Dis equal to the total QBER andI(A:E)∼= 0.03+I2v. I2v is a consequence of multi-photon pulses and is about 0.06, 014 and 0.40 for 5, 10 and 20dB losses respectively for µ=0.25dB/km. In Figure 7.4, we show the variation of Shannon mutual information between Alice and BobI(A:B) and between Alice and Eve I(A : E) against optical loss. As the optical loss increases the amount of noise in the channel also increases. This leads to an increase in the amount of information which the eavesdropper gains. For simplicity, we attribute all the noise to the eavesdropper. The secret key can only be extracted if I(A : B) > I(A : E).
Therefore, as I(A:E) increases the amount of secret key decreases as shown in Figure 7.3.