Introduction

A central problem in cryptography is the distribution among distant users of secret keys that can be used, for example, for the secure encryption of messages. This task is impossible in classical cryptography unless assumptions are made on the computational power of the eavesdropper. Quantum key distribution (QKD), on the other hand, offers security against adversaries with unbounded computing power1.

The ultimate level of security provided by QKD was made possible, thanks to a change of paradigm. Although in classical cryptography security relies on the hardness of certain mathematical problems, in QKD it relies on the fundamental laws of quantum physics. A side effect of this change of paradigm, however, is that although the security of classical cryptography is based on the mathematical properties of the key itself—how the key was actually generated in practice being, in principle, irrelevant to the security of the scheme—in QKD, the security crucially depends on the physical properties of the key generation process, for example, on the fact that the key was produced by measuring the polarization of a single photon along well-defined directions. But then, how can one asses the level of security provided by a real-life implementation of QKD, which will inevitably differ in inconspicuous ways from the idealized, theoretical description2? Errors in the encoding of the signals of Alice3, for instance, or features of the detectors not taken into account in the theoretical analysis4 can be exploited to break the security of real-life QKD schemes.

Device-independent QKD (DIQKD)5 aims at closing the gap between theoretical analyses and practical realizations of QKD by designing protocols whose security does not require a detailed characterization of the devices used to generate the secret key (such as, for example, the dimension of the Hilbert space of the quantum signals or the type of measurements performed on them)5,6,7,8. This stronger form of cryptography is possible if it is based on the observation of a Bell-inequality violation, which guarantees that the data produced by the quantum devices possess some amount of secrecy, independently of how exactly these data were generated9,10. In some sense, DIQKD combines the advantage of classical and quantum cryptography: security against unbounded adversaries based on the law of quantum physics, but which does not rely on the physical details of the generation process. A fully device-independent demonstration of QKD, however, still represents, at present, an experimental challenge11.

In this work, we provide a general formalism for proving the security of DIQKD protocols. This is done in terms of the strongest notion of security, universally composable security, according to which the secret key generated by the protocol is indistinguishable from an ideal secret key12. Our approach can be applied to protocols based on arbitrary Bell inequalities and is valid against the most general attacks available to an eavesdropper. The DIQKD model that we consider, however, is partly restricted as it supposes that the measurement processes generating the different bits of the raw key are causally independent of each other (though they could be arbitrarily correlated). This independence condition is necessarily satisfied in a physical realization in which the N bits of the raw key are generated by N separate pairs of devices used in parallel. Our analysis therefore shows that secure fully DIQKD is, in principle, possible. Note that our measurement independence condition and the level of security provided here is equivalent to the one considered in refs 13, 14, 15, 16. The difference with respect to refs 14, 15, 16 is that our proof does not rely only on the no-signalling principle but also on the validity of the quantum formalism. This results in much better key rates, comparable to those of standard QKD.

Results

General structure of a DIQKD protocol

Let us start by presenting the class of protocols that we consider here, which are the variations of Ekert's QKD protocol9,17. Alice and Bob share a quantum channel that distributes entangled states and they both have a quantum apparatus to measure their incoming particles. These apparatuses take an input (the measurement setting) and produce an output (the measurement outcome). We label the inputs and outputs x and a for Alice, and y and b for Bob, and assume that they take a finite set of possible values.

The first step of the protocol consists in measuring the pairs of quantum systems distributed to Alice and Bob. In most of the cases (say N), the inputs are set to fixed values xi=xraw and yi=yraw and the corresponding outputs a=(a1,...aN) and b=(b1,...bN) constitute the two versions of the raw key. In the remaining systems, which represent a small random subset of all measured pairs (of size say Nest≈√N), the inputs x and y are chosen uniformly at random. From these Nest pairs, Alice and Bob determine the relative frequencies q (ab|xy) with which the outputs a and b are obtained when using inputs x and y. These relative frequencies quantify the degree of non-local correlations between Alice and Bob's system through the violation of the Bell inequality associated to the DIQKD protocol. This Bell inequality is defined by a linear function g of the input–output correlations q (ab|xy):

where gabxy are the coefficients defining the Bell inequality and gloc is its local bound. A particular example of a Bell inequality is the Clauser–Horne–Shimony–Holt (CHSH) inequality18

where a, b, x, y{0, 1}.

After this initial 'measure and estimate' phase, the rest of the protocol is similar to any other QKD protocol. Alice publishes an Npub-bit message about a, which is used by Bob to correct his errors bb′, such that b′=a with arbitrarily high probability. Alice and Bob then generate their final secret key k by applying a two-universal random function to a and b′, respectively19.

The DIQKD model

In the DIQKD approach, we do not assume that the devices behave according to predetermined specifications. For instance, the state emitted by the source of particles may be modified by the eavesdropper, or the implementation of the measuring devices may be imperfect. To analyse the security of a DIQKD protocol, we must therefore first specify how we model the N pairs of systems used to generate the raw key.

These N pairs of systems are eventually all measured using the inputs x=xraw and y=yraw, but as they were initially selected at random and each of them could have been part of the Nest pairs used to estimate the Bell violation, we must also consider what would have happened for any other inputs x and y. Let therefore P(ab|xy) denote the previous probability to obtain outcomes a and b if measurements x=(x1,...xN) and y=(y1,...yN) are made on these N pairs. This unknown probability distribution characterizes the initial system at the beginning of the protocol.

In the theoretical model that we consider here, we view the N bits of the raw key as arising from N commuting measurements on a joint quantum system ρAB. That is, we suppose that the probabilities P(ab|xy) can be written as

where Ai (ai|xi) are operators describing the measurements made by Alice on her ith system if she select input xi (they thus satisfy Ai (ai|xi)≥0 and ), where, similarly, Bi (bi|yi) are operators describing the measurements made by Bob, and where these measurement operators satisfy the commutation relations

and

for all i, j and a, a′, b, b′, x, x′. Apart from the conditions (4) and (5), the state ρAB and the operators Ai (ai|xi) and Bi (bi|yi) are arbitrary and unspecified. The only constraint on them is that they should return measurement probabilities (3) compatible with the statistics of the Nest randomly selected pairs, characterized by the observed Bell-inequality violation g.

In quantum theory, measurement operators that commute represent compatible measurements that do not influence each other and which can be performed independently of each other. The commutation relations (4) between the operators Ai (ai|xi) describing Alice's measurement devices and the operators Bi (bi|yi) describing Bob's measurement devices are thus a necessary part of any DIQKD model; security cannot be guaranteed without them.

The commutation relations (5) between the operators Ai (ai|xi) within Alice's location, and the commutation relations between the operators Bi (bi|yi) within Bob's location, represent, on the other hand, additional constraints specific to the DIQKD model considered here. These commutation relations are satisfied in an implementation in which the N bits of the raw key are generated by N separate and non-interacting pairs of devices used in parallel.

In the extreme adversarial scenario wherein the provider of the devices is not trusted (for example, if the provider is the eavesdropper itself), this independence condition can be guaranteed by shielding the N devices in such a way that no communication between them occurs during the measurement process. One could also consider a setup in which the measurements performed by the N devices define space-like separated events. However, even in a space-like separated configuration, the ability to shield the devices is required if the provider of the devices is untrusted, as we cannot guarantee through other means that the devices do not send directly unwanted information to the adversary. But, then, the ability to shield the devices is already sufficient by itself to guarantee (5).

In a more practical implementation, in which the raw key is generated by repeatedly performing measurements in sequence on a single pair of devices, the commutation relation (5) expresses the condition that the functioning of the devices should not depend on any internal memory storing the quantum states and measurement results obtained in previous rounds. In the most general DIQKD model, the quantum devices could possess a quantum memory such that the state of the system after the ith measurement is passed to the successive round i+1 (this state could also contain classical information about the measurement inputs and outputs of step i). If denotes the state of the system before measurement i, the non-normalized state passed to round i+1 in the event that Alice and Bob use inputs xi and yi and obtain outputs ai and bi would then be where and are generalized measurement operators describing Alice's and Bob's measurements and satisfying . In such a model, the probabilities P(ab|xy) are then given by

where ρAB denotes the initial state at the beginning of the protocol, and the order in the products is relevant. Imposing commutation relations between all operators pertaining to different rounds corresponds to neglect the causal order in (6) due to memory effects. We then recover a model of the form (3) by defining and .

Security proof

We now establish a bound on the secret-key rate that can be achieved against an unrestricted eavesdropper Eve for a QKD protocol satisfying the description (3), (4), (5). The information available to Eve can be represented by a quantum system that is correlated with the systems of Alice and Bob. We denote by ρABE the corresponding (2N+1)-partite state, with trEρABE=ρAB. This state describes the 2N+1 systems at the beginning of the protocol. After the N systems of Alice have been measured, the joint state of Alice and Eve is described by the classical-quantum state

where ρE|a is the reduced state of Eve conditioned on Alice having observed the outcomes a.

The length of the secret key k obtained by processing the raw key a with an error-correcting protocol and a two-universal random function is, up to terms of order √N, lower bounded by Hmin (a|E)−Npub, where Hmin (a|E) is the min-entropy of a conditioned on Eve's information for the state (7) and Npub is the length of the message published by Alice in the error-correcting phase. It is shown in ref. 20 that the length of the public message necessary for correcting Bob's errors is Npub=NH (a|b), up to terms of order √N. The quantity H (a|b) is the conditional Shannon entropy20, defined by

where is the average probability with witch the pair of outcomes a and b are observed. Computing the key rate of the DIQKD protocol, thus essentially amounts to determine the min-entropy Hmin (a|E). We show in the following how to put a bound on this quantity as a function of the estimated Bell violation g. This bound is independent of which type of quantum systems and measurements are used by Alice and Bob, implying that our security proof is device independent.

Intuitively, we want to understand how the observed Bell violation limits the predictability of Alice's outcomes a. We start by considering the simpler case of one pair of systems (N=1) uncorrelated to the adversary and characterized by the joint probabilities

If P(a|xraw)<1 for all a, then the outcome of the measurement xraw cannot be perfectly predicted. The degree of unpredictability of a can be quantified by the probability to correctly guess a21. This guessing probability is equal to

as the best guess that one can make about a is to output the most probable outcome. If Pguess(a)=1 then the outcome of the measurement xraw can be predicted with certainty, whereas lower values for Pguess(a) imply less predictability.

Let denote the expected quantum violation of the Bell inequality (1) for the pair of systems described by (9), where

is the Bell operator associated to the inequality g and to the measurements A(a|x) and B(b|y). Independently of the precise form of the state ρ and of the measurement operators A(a|x) and B(b|y), the value of the Bell expectation gexp imposes a constraint on the guessing probability (10). In the case of the CHSH inequality, for instance, the following (tight) bound holds (Methods, see also ref. 22)

for any of the two possible values xraw=0 or 1 entering in the CHSH definition (2).

More generally, let

be a bound between the guessing probability and the Bell violation, where f is a concave and monotically decreasing function. Such a bound can always be obtained using the semidefinite programming (SDP) method introduced in refs 23 and 24. Indeed, the maximal value of the guessing probability Pguess (a) for a given value of the Bell expectation gexp corresponds to the solution of the following optimization problem

where the maximum is taken over all quantum states ρ and measurement operators A(a|x) and B(b|y). Following refs 23 and 24, one can introduce a hierarchy of SDP relaxations of the problem (14). The solution to any of these SDP relaxations yields an upper-bound to the optimal solution of (14) and thus a bound of the form (13), as illustrated on Figure 1 for different Bell inequalities. The resulting function f is then always concave and monotonically decreasing, as follows from the convex nature of the problem (14) and of its associated SDP relaxations. Note that relaxations higher in the hierarchy necessitate more computational resources but yield better upper-bounds. In the asymptotic limit, one has the guarantee that these upper-bounds will converge to the exact maximum of (14), though usually a few steps in the hierarchy already give the optimal bound (this is the case for instance for the CHSH inequality).

Figure 1: Guessing probability versus Bell violation.
figure 1

The figure shows the guessing probability Pguess (a) versus the Bell violation gexp for (a) the CHSH inequality, (b) the chained inequality with n=3 inputs25 and (c) the Collins–Gisin–Linden–Massar–Popescu (CGLMP) inequality with d=3 outputs29. Note that the symmetry of these inequalities implies that the bounds on the guessing probabilities are the same for any inputs xraw entering into their definition. The horizontal scale represents the relative violation ranging from the local bound gloc to the maximal quantum bound gq. The CHSH curve is given by the function (12), the chained and CGLMP inequalities curves have been obtained by solving the problem (14) using the SDP relaxations introduced in refs 23 and 24. These last two curves upper-bound the optimal values by at most O (10−4). The solid line represents a linearization of the form (15) of the CHSH function around a point g0.

Full size image

As the function f is concave, it can be upper-bounded by its linearization around any point g0

where μ (g0)=f (g0)−f′ (g0)g0, ν (g0)=f′ (g0). From concavity, it also follows that

The bound (13) is thus equivalent to the family of inequalities P(a|xraw)≤μ (g0)+ν (g0)gexp for all a and g0. As these inequalities are satisfied by any quantum distribution (9), and thus in particular by any state ρ, they are equivalent to the operator inequalities

valid for all a, g0, and any set of measurements A(a|x) and B(b|y). A proof of the bound (13) for the CHSH inequality based on such operator inequalities is given in Methods. In general, the validity of any linear operator inequality of the form (17) can be established, independently of the Hilbert space dimension, using the dual formulation24 of the SDP techniques introduced in refs 23 and 24.

We now move to the case of N pairs of systems described by (3) and (7) and evaluate the probability with which Eve can correctly guess the raw key a by measuring her side information E. Suppose thus that Eve performs some measurement z on her system E and obtains an outcome e. Let P(a|xraw, ez) denote the probability distribution of a conditioned on Eve's information. On average, her probability to correctly guess a is given by and her optimal correct-guessing probability (optimized over all measurements z) is21:

Denote by ρAB|ez the 2N-partite state prepared when Eve measures z and obtains the outcome e (with ), and write , so that

Consider the following N-partite Bell operator

where . The single-copy operator inequality (17) implies that for all a and g0

To show this, write . We thus want to establish that . Inequality (17) implies that for all i, . Defining , note then that . Inequality (21) then follows from the fact that each term in this sum is positive as it is the product of operators that are positive and, according to (5), commuting.

Using inequality (21) in (18), we find

where to deduce the first inequality we used, in addition to (21), the positivity of ρAA|ez.

Note now that the quantity tr[ρABG(g0)] is a function of the marginal distributions P(ab|xy) of Alice and Bob only and does not involve directly the system of Eve. It is shown in ref. 15, that Alice and Bob can estimate (with high probability) this quantity from the Bell violation g observed on the randomly chosen Nest pairs. More precisely, Lemma 5 from ref. 15 implies that the inequality

holds except with probability exponentially small in Nest. This, (22), and (16) imply that

Finally, it is shown in ref. 21 that the (quantum) min-entropy Hmin (a|A) of a state of the form (7) is given by

which implies the asymptotic secret-key rate

This bound on the secret-key rate constitutes the main result of our work. As mentioned previously, the second term H (a|b) is standard and quantifies the amount of communication needed for the error-correcting phase. The non-trivial part of our bound corresponds to the first term, which quantifies the knowledge of Eve and thus the amount of privacy amplification needed to make her information arbitrarily small.

Key rate of specific protocols

We now illustrate the above formalism on two DIQKD protocols, based, respectively, on the chained inequality17,25 for n=2 and n=3 inputs. This inequality reads

where a, b{0,1} and x, y{0,1,...n−1}; the δ(y)=1 when y=−1 and zero otherwise. Note that for n=2, the chained inequality reduces to the CHSH inequality.

In both protocols, the observed correlations P(ab|xy) are obtained by measuring a two-qubit maximally entangled state |φ〉=|00〉+|11〉 along n possible directions for Alice and n+1 for Bob. The inputs xraw=n−1 and yraw=n correspond to measurements in the computational basis {|0〉, |1〉} and are used to generate the raw key. The chained inequality violation is estimated using the inputs x, y{0,...,n−1} and the corresponding measurement directions are setup to obtain the maximal violation of the chained inequality given by 2√2 and 3√3 for the cases n=2 and n=3, respectively. For the sake of illustration, let us assume that the effect of the noise in the protocol amounts to the distribution of an entangled state ν|φ〉〈φ|+(1−ν)1/4 of visibility ν. The conditional Shannon entropy H (a|b) is then equal to h[(1−ν)/2], where h(x)=−xlog2(x)−(1−x)log2(1−x) is the binary entropy, and the observed Bell violations are equal to g=2√2ν and g=3√3ν. For the CHSH inequality, we then obtain using (12) and (26) the key rate

The value of the visibility such that this bound is equal to zero corresponds to a quantum-bit-error rate of 5%. The key rate for the chained inequality for n=3 is plotted in Figure 2, based on the SDP bound of Figure 1. The critical visibility corresponds to a quantum-bit-error rate of 7.5%, comparable to those obtained for standard QKD. Numerical evidence suggests that the chained inequalities for a larger number of settings, n>3, provide worse lower bounds on the key rate.

Figure 2: Key rate versus visibility.
figure 2

The figure shows the key rate as a function of the visibility for (a) the CHSH inequality and (b) the chained inequality with three inputs. The key rate is given by the formula (26) where the function f is given by (12) for the CHSH inequality and has been obtained by solving the problem (14) using the SDP relaxations introduced in refs. 23, 24 for the chained inequality (see Fig. 1). Interestingly for the particular type of noise illustrated here, the chained inequality leads to better key rate than CHSH.

Full size image

Discussion

We have shown how to compute a bound on the key rate of a large class of DIQKD protocols (it is easy to see that our security proof can also be adapted to cover the less efficient protocols introduced in refs 7 and 27, or protocols with pre-processing of the raw key17). Our approach is based on a fundamental relation between the amount by which two quantum systems violate a Bell inequality and the unpredictability of their local measurement outcomes, as illustrated in Figure 1. A similar relation has been used in the context of device-independent randomness generation22.

Compared with the security proof given in refs 5, 8 and 13, which is restricted to protocols based on the CHSH inequality18, our approach is completely general and can be applied to protocols based on arbitrary Bell inequalities. This is particularly interesting from a practical point of view. As shown in Figure 2, using inequalities other than CHSH may lead to better key rates in the presence of noise. It could also be very useful to improve the resistance of DIQDK protocols to photon detection inefficiencies11, as relevant improvements over CHSH can be obtained in realistic situations27.

To derive our security proof, we have used the fact that the behaviour of N uses of the quantum devices is represented by probabilities of the form (3) with measurement operators satisfying the commutation relations (5). These commutation relations can be satisfied in a physical realization in which N pairs of separated and non-interacting devices are used to generate the N symbols of the raw key. If necessary, these commutation relations can be enforced by shielding the devices in such a way that no communication between them occurs during the measurement process. Note that if the provider of the quantum apparatuses is untrusted, shielding of the devices is anyway required to guarantee that they do not send unwanted information to the adversary. Admittedly, a realization requiring N different devices for the generation of N raw-key symbols is impractical. Our results nevertheless show that secure fully device-independent QDK with key rates comparable to those of traditional QKD is in principle possible.

In a more realistic implementation, the raw key is generated by repeatedly performing measurements on a single pair of devices. In such a sequential implementation, the description provided by equations (3) and (5) corresponds to the assumption that the functioning of the measuring devices does not depend on an internal memory storing the quantum states and measurement results obtained at previous steps. Although it would be desirable to extend our security proof to cover such possible memory effects, it may be reasonable to expect our no-memory condition to be satisfied in a variety of practical setups. After all, this no-memory condition is assumed in standard QKD, in which the description of the devices fits in the formalism of equations (3), (4), (5). But although we make here no assumptions at all on the measurement operators Ai (ai|xi), Bi (bi|yi) (nor on the Hilbert spaces on which they are defined), in standard QKD one assumes that these measuring operators have a fixed and known value, which is identical for all i—an idealized assumption difficult to verify in practise. From this perspective, the DIQKD model considered here clearly represents a relaxation of standard QKD, and thus can only be more secure.

Note that the no-memory assumption allows for devices whose behaviour may vary with time (as implied by the dependence of Ai (ai|xi) on the subindex i), it only excludes, for example, that the response of the devices at step j depends on the particular measurement input at step jk. Such kind of memory effects can arguably be excluded if no explicit memory has been introduced in the devices or if an 'initialization' procedure is performed before every measurement, based on an estimation of the apparatus memory characteristics. It may thus be legitimate to assume for particular implementations that no imperfections, failures or implementation weaknesses would create detrimental memory effects (even though imperfections could be exploited in other ways by an eavesdropper). From this perspective, our work contributes to narrow the gap between theoretical security proofs and practical realizations of QKD.

While this manuscript was in preparation, closely related results to those presented here were independently obtained28.

Methods

Guessing probability versus CHSH inequality violation

In this section, we show how a tight bound on the guessing probability (10) can be derived from the CHSH inequality. Let P(a,b|x,y) with a, b, x, y{0,1} be a quantum distribution of the form

and let be the corresponding CHSH expectation. We establish here that

for all a, x{0,1}, which implies inequality (12) of the main text. We consider only the case a=0 and x=0 (the argument applies by symmetry to the other cases as well).

Let . Following the discussion after equation (15) in the main text, inequality (30) is equivalent for g0[2,2√2] to the series of operator inequalities

since . By increasing the dimension of the Hilbert space, we can always take the measurement operators A(a|x) and B(b|y) to be projection operators. Define then operators Ax=A(a=0|x)−A(a=1|x) and By=B(b=0|y)−B(b=1|y). It is easily verified that these new operators are hermitian and satisfy and . In term of these operators, we can rewrite inequality (31) as

where G=A0B0+A0B1+A1B0−A1B1 We now prove this operator inequality. For this, let and , and define the following four operators

Using the fact that , and [Ax, By]=0, the following algebraic idendity is easily verified

Note now that as the left hand side is a sum of square, it is necessarily positive semidefinite, that is, , which immediately implies (32). Note that we have established inequality (30) only for g0[2,2√2[. The bound for g0=2√2 follows from the fact that the function f(g) corresponding to the right-hand side of (30) is concave and monotonically decreasing and hence .

Finally, we show that inequality (30) is optimal, that is, that there exists quantum states and operators that saturate the inequality. Consider the two-qubit state cos θ|00〉+sin θ|11〉, and the measurement operators A0=σz1, A1=σx1, B0=1cos φσz+sin φσx and B1=1cos φσz−sin φσx, where tan φ=sin 2θ and . It is straightforward to see that the corresponding quantum probabilities P(ab|xy) saturate the inequality (30) for all values of g[2, 2√2].

Additional information

How to cite this article: Masanes, L. et al. Secure device-independent quantum key distribution with causally independent measurement devices. Nat. Commun. 2:238 doi: 10.1038/ncomms1244 (2011).