Abstract
Decoy-state protocols provide a way to defeat photon-number-splitting attacks in quantum cryptography implemented with weak coherent pulses. We point out that previous security analyses of such protocols relied on assumptions about eavesdropping attacks that considered treating each pulse equally and independently. We give an example to demonstrate that, without such assumptions, the security parameters of previous decoy-state implementations could be worse than the ones claimed. Next we consider more general photon-number-splitting attacks, which correlate different pulses, and give an estimation procedure for the number of single-photon signals with rigorous security statements. The impact of our result is that previous analyses of the number of times a decoy-state quantum cryptographic system can be reused before it makes a weak key must be revised.
- Received 22 April 2013
DOI:https://doi.org/10.1103/PhysRevA.87.062330
©2013 American Physical Society