B. Slutsky, P. C. Sun, Y. Mazurenko, R. Rao, Y. Fainaman, “Effect of channel imperfection on the secrecy capacity of a quantum cryptographic system,” J. Mod. Opt. 44, 953–961 (1997).

[CrossRef]

E. Biham, T. Mor, “Security of quantum cryptography against collective attacks,” Phys. Rev. Lett. 78, 2256–2259 (1997).

[CrossRef]

E. Biham, T. Mor, “Bounds on information and the security of quantum cryptography,” Phys. Rev. Lett 79, 4034–4037 (1997).

[CrossRef]

C. Cachin, U. M. Maurer, “Linking information reconciliation and privacy amplification,” J. Cryptol. 10, 97–110 (1997).

[CrossRef]

C. A. Fuchs, N. Gisin, R. B. Griffiths, C.-S. Niu, A. Peres, “Optimal eavesdropping in quantum cryptography. I. Information bound and optimal strategy,” Phys. Rev. A 56, 1163–1172 (1997).

[CrossRef]

C. A. Fuchs, A. Peres, “Quantum-state disturbance versus information gain: uncertainty relations for quantum information,” Phys. Rev. A 53, 2038–2045 (1996).

[CrossRef]
[PubMed]

H. Yuen, “Quantum amplifiers, quantum duplicators, and quantum cryptography,” Quantum Semiclass. Opt. 8, 939–949 (1996).

[CrossRef]

C. H. Bennett, G. Brassard, C. Crepeau, U. M. Maurer, “Generalized privacy amplification,” IEEE Trans. Inf. Theory 41, 1915–1923 (1995).

[CrossRef]

B. Huttner, N. Imoto, N. Gisin, T. Mor, “Quantum cryptography with coherent states,” Phys. Rev. A 51, 1863–1869 (1995).

[CrossRef]
[PubMed]

A. K. Ekert, B. Huttner, G. M. Palma, A. Peres, “Eavesdropping on quantum cryptographical systems,” Phys. Rev. A 50, 1047–1056 (1994).

[CrossRef]
[PubMed]

C. H. Bennett, G. Brassard, N. D. Mermin, “Quantum cryptography without Bell’s theorem,” Phys. Rev. Lett. 68, 557–559 (1992).

[CrossRef]
[PubMed]

C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, J. Smolin, “Experimental quantum cryptography,” J. Cryptol. 5, 3–28 (1992).

[CrossRef]

C. H. Bennett, “Quantum cryptography using any two nonorthogonal states,” Phys. Rev. Lett. 68, 3121–3124 (1992).

[CrossRef]
[PubMed]

A. K. Ekert, “Quantum cryptography based on Bell’s theorem,” Phys. Rev. Lett. 67, 661–663 (1991).

[CrossRef]
[PubMed]

C. H. Bennett, G. Brassard, C. Crepeau, U. M. Maurer, “Generalized privacy amplification,” IEEE Trans. Inf. Theory 41, 1915–1923 (1995).

[CrossRef]

C. H. Bennett, G. Brassard, N. D. Mermin, “Quantum cryptography without Bell’s theorem,” Phys. Rev. Lett. 68, 557–559 (1992).

[CrossRef]
[PubMed]

C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, J. Smolin, “Experimental quantum cryptography,” J. Cryptol. 5, 3–28 (1992).

[CrossRef]

C. H. Bennett, “Quantum cryptography using any two nonorthogonal states,” Phys. Rev. Lett. 68, 3121–3124 (1992).

[CrossRef]
[PubMed]

C. H. Bennett, G. Brassard, “Quantum cryptography: public key distribution and coin tossing,” in Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing (IEEE, New York, 1984), pp. 175–179.

C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, J. Smolin, “Experimental quantum cryptography,” J. Cryptol. 5, 3–28 (1992).

[CrossRef]

E. Biham, T. Mor, “Security of quantum cryptography against collective attacks,” Phys. Rev. Lett. 78, 2256–2259 (1997).

[CrossRef]

E. Biham, T. Mor, “Bounds on information and the security of quantum cryptography,” Phys. Rev. Lett 79, 4034–4037 (1997).

[CrossRef]

C. H. Bennett, G. Brassard, C. Crepeau, U. M. Maurer, “Generalized privacy amplification,” IEEE Trans. Inf. Theory 41, 1915–1923 (1995).

[CrossRef]

C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, J. Smolin, “Experimental quantum cryptography,” J. Cryptol. 5, 3–28 (1992).

[CrossRef]

C. H. Bennett, G. Brassard, N. D. Mermin, “Quantum cryptography without Bell’s theorem,” Phys. Rev. Lett. 68, 557–559 (1992).

[CrossRef]
[PubMed]

C. H. Bennett, G. Brassard, “Quantum cryptography: public key distribution and coin tossing,” in Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing (IEEE, New York, 1984), pp. 175–179.

C. Cachin, U. M. Maurer, “Linking information reconciliation and privacy amplification,” J. Cryptol. 10, 97–110 (1997).

[CrossRef]

C. H. Bennett, G. Brassard, C. Crepeau, U. M. Maurer, “Generalized privacy amplification,” IEEE Trans. Inf. Theory 41, 1915–1923 (1995).

[CrossRef]

A. K. Ekert, B. Huttner, G. M. Palma, A. Peres, “Eavesdropping on quantum cryptographical systems,” Phys. Rev. A 50, 1047–1056 (1994).

[CrossRef]
[PubMed]

A. K. Ekert, “Quantum cryptography based on Bell’s theorem,” Phys. Rev. Lett. 67, 661–663 (1991).

[CrossRef]
[PubMed]

B. Slutsky, P. C. Sun, Y. Mazurenko, R. Rao, Y. Fainaman, “Effect of channel imperfection on the secrecy capacity of a quantum cryptographic system,” J. Mod. Opt. 44, 953–961 (1997).

[CrossRef]

B. Slutsky, R. Rao, P.-C. Sun, Y. Fainman, “Security of quantum cryptography against individual attacks,” Phys. Rev. A (to be published).

C. A. Fuchs, N. Gisin, R. B. Griffiths, C.-S. Niu, A. Peres, “Optimal eavesdropping in quantum cryptography. I. Information bound and optimal strategy,” Phys. Rev. A 56, 1163–1172 (1997).

[CrossRef]

C. A. Fuchs, A. Peres, “Quantum-state disturbance versus information gain: uncertainty relations for quantum information,” Phys. Rev. A 53, 2038–2045 (1996).

[CrossRef]
[PubMed]

C. A. Fuchs, N. Gisin, R. B. Griffiths, C.-S. Niu, A. Peres, “Optimal eavesdropping in quantum cryptography. I. Information bound and optimal strategy,” Phys. Rev. A 56, 1163–1172 (1997).

[CrossRef]

B. Huttner, N. Imoto, N. Gisin, T. Mor, “Quantum cryptography with coherent states,” Phys. Rev. A 51, 1863–1869 (1995).

[CrossRef]
[PubMed]

C. A. Fuchs, N. Gisin, R. B. Griffiths, C.-S. Niu, A. Peres, “Optimal eavesdropping in quantum cryptography. I. Information bound and optimal strategy,” Phys. Rev. A 56, 1163–1172 (1997).

[CrossRef]

B. Huttner, N. Imoto, N. Gisin, T. Mor, “Quantum cryptography with coherent states,” Phys. Rev. A 51, 1863–1869 (1995).

[CrossRef]
[PubMed]

A. K. Ekert, B. Huttner, G. M. Palma, A. Peres, “Eavesdropping on quantum cryptographical systems,” Phys. Rev. A 50, 1047–1056 (1994).

[CrossRef]
[PubMed]

B. Huttner, N. Imoto, N. Gisin, T. Mor, “Quantum cryptography with coherent states,” Phys. Rev. A 51, 1863–1869 (1995).

[CrossRef]
[PubMed]

C. Cachin, U. M. Maurer, “Linking information reconciliation and privacy amplification,” J. Cryptol. 10, 97–110 (1997).

[CrossRef]

C. H. Bennett, G. Brassard, C. Crepeau, U. M. Maurer, “Generalized privacy amplification,” IEEE Trans. Inf. Theory 41, 1915–1923 (1995).

[CrossRef]

D. Mayers, “Quantum key distribution and string oblivious transfer in noisy channels,” in Advances in Cryptology, CRYPTO’96, N. Kobitz, ed., Vol. 1109 of Springer Lecture Notes in Computer Science Series (Springer, New York, 1996), pp. 343–357.

B. Slutsky, P. C. Sun, Y. Mazurenko, R. Rao, Y. Fainaman, “Effect of channel imperfection on the secrecy capacity of a quantum cryptographic system,” J. Mod. Opt. 44, 953–961 (1997).

[CrossRef]

C. H. Bennett, G. Brassard, N. D. Mermin, “Quantum cryptography without Bell’s theorem,” Phys. Rev. Lett. 68, 557–559 (1992).

[CrossRef]
[PubMed]

E. Biham, T. Mor, “Bounds on information and the security of quantum cryptography,” Phys. Rev. Lett 79, 4034–4037 (1997).

[CrossRef]

E. Biham, T. Mor, “Security of quantum cryptography against collective attacks,” Phys. Rev. Lett. 78, 2256–2259 (1997).

[CrossRef]

B. Huttner, N. Imoto, N. Gisin, T. Mor, “Quantum cryptography with coherent states,” Phys. Rev. A 51, 1863–1869 (1995).

[CrossRef]
[PubMed]

C. A. Fuchs, N. Gisin, R. B. Griffiths, C.-S. Niu, A. Peres, “Optimal eavesdropping in quantum cryptography. I. Information bound and optimal strategy,” Phys. Rev. A 56, 1163–1172 (1997).

[CrossRef]

A. K. Ekert, B. Huttner, G. M. Palma, A. Peres, “Eavesdropping on quantum cryptographical systems,” Phys. Rev. A 50, 1047–1056 (1994).

[CrossRef]
[PubMed]

C. A. Fuchs, N. Gisin, R. B. Griffiths, C.-S. Niu, A. Peres, “Optimal eavesdropping in quantum cryptography. I. Information bound and optimal strategy,” Phys. Rev. A 56, 1163–1172 (1997).

[CrossRef]

C. A. Fuchs, A. Peres, “Quantum-state disturbance versus information gain: uncertainty relations for quantum information,” Phys. Rev. A 53, 2038–2045 (1996).

[CrossRef]
[PubMed]

A. K. Ekert, B. Huttner, G. M. Palma, A. Peres, “Eavesdropping on quantum cryptographical systems,” Phys. Rev. A 50, 1047–1056 (1994).

[CrossRef]
[PubMed]

B. Slutsky, P. C. Sun, Y. Mazurenko, R. Rao, Y. Fainaman, “Effect of channel imperfection on the secrecy capacity of a quantum cryptographic system,” J. Mod. Opt. 44, 953–961 (1997).

[CrossRef]

B. Slutsky, R. Rao, P.-C. Sun, Y. Fainman, “Security of quantum cryptography against individual attacks,” Phys. Rev. A (to be published).

C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, J. Smolin, “Experimental quantum cryptography,” J. Cryptol. 5, 3–28 (1992).

[CrossRef]

B. Slutsky, P. C. Sun, Y. Mazurenko, R. Rao, Y. Fainaman, “Effect of channel imperfection on the secrecy capacity of a quantum cryptographic system,” J. Mod. Opt. 44, 953–961 (1997).

[CrossRef]

B. Slutsky, R. Rao, P.-C. Sun, Y. Fainman, “Security of quantum cryptography against individual attacks,” Phys. Rev. A (to be published).

C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, J. Smolin, “Experimental quantum cryptography,” J. Cryptol. 5, 3–28 (1992).

[CrossRef]

B. Slutsky, P. C. Sun, Y. Mazurenko, R. Rao, Y. Fainaman, “Effect of channel imperfection on the secrecy capacity of a quantum cryptographic system,” J. Mod. Opt. 44, 953–961 (1997).

[CrossRef]

B. Slutsky, R. Rao, P.-C. Sun, Y. Fainman, “Security of quantum cryptography against individual attacks,” Phys. Rev. A (to be published).

H. Yuen, “Quantum amplifiers, quantum duplicators, and quantum cryptography,” Quantum Semiclass. Opt. 8, 939–949 (1996).

[CrossRef]

C. H. Bennett, G. Brassard, C. Crepeau, U. M. Maurer, “Generalized privacy amplification,” IEEE Trans. Inf. Theory 41, 1915–1923 (1995).

[CrossRef]

C. Cachin, U. M. Maurer, “Linking information reconciliation and privacy amplification,” J. Cryptol. 10, 97–110 (1997).

[CrossRef]

C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, J. Smolin, “Experimental quantum cryptography,” J. Cryptol. 5, 3–28 (1992).

[CrossRef]

B. Slutsky, P. C. Sun, Y. Mazurenko, R. Rao, Y. Fainaman, “Effect of channel imperfection on the secrecy capacity of a quantum cryptographic system,” J. Mod. Opt. 44, 953–961 (1997).

[CrossRef]

C. A. Fuchs, A. Peres, “Quantum-state disturbance versus information gain: uncertainty relations for quantum information,” Phys. Rev. A 53, 2038–2045 (1996).

[CrossRef]
[PubMed]

C. A. Fuchs, N. Gisin, R. B. Griffiths, C.-S. Niu, A. Peres, “Optimal eavesdropping in quantum cryptography. I. Information bound and optimal strategy,” Phys. Rev. A 56, 1163–1172 (1997).

[CrossRef]

B. Huttner, N. Imoto, N. Gisin, T. Mor, “Quantum cryptography with coherent states,” Phys. Rev. A 51, 1863–1869 (1995).

[CrossRef]
[PubMed]

A. K. Ekert, B. Huttner, G. M. Palma, A. Peres, “Eavesdropping on quantum cryptographical systems,” Phys. Rev. A 50, 1047–1056 (1994).

[CrossRef]
[PubMed]

E. Biham, T. Mor, “Bounds on information and the security of quantum cryptography,” Phys. Rev. Lett 79, 4034–4037 (1997).

[CrossRef]

E. Biham, T. Mor, “Security of quantum cryptography against collective attacks,” Phys. Rev. Lett. 78, 2256–2259 (1997).

[CrossRef]

C. H. Bennett, “Quantum cryptography using any two nonorthogonal states,” Phys. Rev. Lett. 68, 3121–3124 (1992).

[CrossRef]
[PubMed]

A. K. Ekert, “Quantum cryptography based on Bell’s theorem,” Phys. Rev. Lett. 67, 661–663 (1991).

[CrossRef]
[PubMed]

C. H. Bennett, G. Brassard, N. D. Mermin, “Quantum cryptography without Bell’s theorem,” Phys. Rev. Lett. 68, 557–559 (1992).

[CrossRef]
[PubMed]

H. Yuen, “Quantum amplifiers, quantum duplicators, and quantum cryptography,” Quantum Semiclass. Opt. 8, 939–949 (1996).

[CrossRef]

This condition is unavoidable because a perfect single-photon state is fundamentally impossible to prepare (although a good approximation can be produced with phenomena such as parametric downconversion).

Strictly speaking, the total number of multiphoton bit cells is a Gaussian random variable, and only its average and variance are determined. Still, based on these parameters, it can be bounded from above with any desired confidence level.

B. Slutsky, R. Rao, P.-C. Sun, Y. Fainman, “Security of quantum cryptography against individual attacks,” Phys. Rev. A (to be published).

D. Mayers, “Quantum key distribution and string oblivious transfer in noisy channels,” in Advances in Cryptology, CRYPTO’96, N. Kobitz, ed., Vol. 1109 of Springer Lecture Notes in Computer Science Series (Springer, New York, 1996), pp. 343–357.

Inconclusive bits are those whose value is not revealed with certainty by Bob’s measurement, for example, those measured in the wrong BB84 basis by Bob.1 Inconclusive bits are an integral feature of quantum cryptographic protocols, even in the absence of channel and detector imperfections.

Eve cannot use group information such as block checksums, revealed later in the protocol, because, by assumption, she must attack each bit independently of other bits.

The B92 curves in Fig. 5 are qualitatively similar to those in Fig. 4 of Ref. 20, although the latter are computed based on a suboptimal family of eavesdropping strategies and with Shannon rather than Renyi entropy.

Because individual bits are transmitted and received independently of one another, errors are distributed uniformly throughout raw data, regardless of the quantum cryptosystem used.

C. H. Bennett, G. Brassard, “Quantum cryptography: public key distribution and coin tossing,” in Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing (IEEE, New York, 1984), pp. 175–179.