Page 1 of 10
European Journal of Applied Sciences – Vol. 10, No. 6
Publication Date: December 25, 2022
DOI:10.14738/aivp.106.13549.
Liu, J., Zhang, T., Wu, X. L., & Kang, G. (2022). Two-Way Quantum Key Distribution Under Fully Measurement-Device-Independent
Assumption. European Journal of Applied Sciences, 10(6). 361-370.
Services for Science and Education – United Kingdom
Two-Way Quantum Key Distribution Under Fully Measurement- Device-Independent Assumption
Jie Liu
School of Physics and Mechanical and Electrical Engineering
Jishou University, Jishou 416000, China
Ting Zhang
School of Physics and Mechanical and Electrical Engineering
Jishou University, Jishou 416000, China
Xiao-Lu Wu
School of Computer Science and Engineering, Jishou University
Jishou 416000, China
School of Physics and Mechanical and Electrical Engineering
Jishou University, Jishou 416000, China
Guo-Dong Kang*
School of Computer Science and Engineering, Jishou University
Jishou 416000, China
School of Physics and Mechanical and Electrical Engineering
Jishou University, Jishou 416000, China
Key Laboratory of Low Dimensional Quantum Structures
and Quantum Control of Ministry of Education
College of Physics and Information Science, Hunan Normal University
Changsha, Hunan 410081, China
Email:gdkang@jsu.edu.cn
ABSTRACT
In this paper, we prove the security of the LM05’s two-way quantum key
distribution (TWQKD) under the assumption that detector devices in both Alice’s
and Bob’s sides are controlled by eavesdroppers. Using a relatively simple method,
more practical, we give an analytical proof that LM05’s TWQKD is measurement- device-independent (MDI) security in both the quantum forward channel and the
quantum backward channel. This is the first work shows that TWQKD has fully MDI
characteristic, thus makes it immune to all possible detector-device-attacks in two- quantum-way in actual implementations.
Keywords: Two-way quantum key distribution; Fully measurement-device-independent;
Security proof.
INTRODUCTION
Quantum key distribution (QKD) allows two distant parties, usually called Alice and Bob, to
share a secrete key. Its unconditional security is guaranteed by the fundamental laws of
Page 2 of 10
362
European Journal of Applied Sciences (EJAS) Vol. 10, Issue 6, December-2022
Services for Science and Education – United Kingdom
quantum physics. After the pioneering work presented by Bennett and Brassard in 1984(BB84)
[1], most works have focused on the security proofs in theory and the main performances
(limited distances and key rates) improvement in practice. Over the last decades, the
unconditional security proofs for these standard one-way quantum channel protocols have
been solved with idea settings [2-5], and in practice, the longest transmission distance of one- way QKD has been implemented over 421km with ultralow-loss optical fiber and 1200km
satellite to ground [6-7]. However, the powerful eavesdropper Eve may still be able to crack the
practical QKD by exploiting device imperfections [8-11]. To remove the threats of Eve’s
detector-side-channel attacks completely, Lo et al. proposed the measurement-device- independent QKD(MDI-QKD) [12]. A few experimental demonstrations of MDI-QKD have been
implemented [13–16], and the limited distance of MDI-QKD is extended to 404km [17]. Quite
recently, the Phase-Maching MDI-QKD(PM-MDIQKD) and the twin-field MDI-QKD(TF- MDIQKD) have been implemented over 500km of standard optical fiber [18-21].
On the other hand, about one decade after BB84, QKD with two-way quantum
channel(TWQKD), which amends nondeterministic factor of most one-way QKD schemes, was
proposed out. In TWQKD, the preparation and decoding of quantum states are both carried out
in Bob’s side, and therefore, being deterministic. The two paradigmatic TWQKD schemes
proposed to date are the Ping-Pong(PP) protocol and the LM05 [22, 23]. Security proofs for the
LM05 and a deterministic TWQKD(DQKD) protocol inspired on it are given in Refs. [24, 25]
under idea-device settings. A simple and analytic security proof for a general version of TWQKD
is given by us [26]. However detectors in TWQKD in both sides of Alice (for check model) and
Bob (for decoding) makes it more vulnerable to Eve’s detector-side-channel attacks. Therefore,
removing Eve’s detector-side-channel attacks in TWQKD systems is necessary and interesting.
Cai et al have proved that two-way DQKD is MDI security in Bob’s side, while the detectors in
Alice’s side are assumed to be idea and non-blinded in their work [27]. However, the MDI
security proof in Alice’s side is still missing. And latter in this paper we will show that, in their
protocol, contrary to the MDI security characteristic in Bob’s side, it is insecure if the similar
assumption of moving the detectors in Alice’s side to the hands of Eve is taken. So in this paper,
we focus on analyzing the MDI security of the LM05’s protocol in both the quantum forward
channel(QFC) and the quantum backward channel(QBC). The main contribution of this paper
is to give an analytic proof, which is relatively simple and practice compared to other proof
principles, of the fully MDI security characteristic for the LM05’s protocol.
The rest of this paper are arranged as follows. In Sect. 2 we review the LM05’s protocol briefly
under fully MDI assumptions, whose analytical security proof in a relatively simple way is given
in Sect.3. Finally, a conclusion is made in Sect. 4. While we present detail calculations for
security proof in the Appendix.
FULLY MDI SECURITY OF THE LM05’S PROTOCOL
The protocol in Fully MDI scenario
Let us start with presenting the Fully MDI version of the LM05’s TWQKD protocol [see Fig.1].
Page 3 of 10
363
Liu, J., Zhang, T., Wu, X. L., & Kang, G.(2022). Two-Way Quantum Key Distribution Under Fully Measurement-Device-Independent Assumption.
European Journal of Applied Sciences, 10(6). 361-370.
URL: http://dx.doi.org/10.14738/aivp.106.13549
Figure 1. Schematic illustration of the MDI-LM05’s protocol.
(1) Bob prepares n qubits|�⟩ = ∑ ⊗ |�!⟩ "
!#$ where |�!⟩ denotes the state of the i-th qubit
randomly in one of the four states, |0⟩, |1⟩ and|+⟩, |−⟩ (where |0⟩, |1⟩ represents the eigenstate
of Pauli operator Z and |±⟩ = $
√& (|0⟩ ± |1⟩) ). |�⟩ will be sent to Alice’s side through the
quantum forward channel (QFC).
(2) After receiving each |�!⟩ , Alice randomly switches the communication between the
control(check) mode with the probability of �' and the encoding mode with the probability of
�( with �(=3/4, �'=1/4 .
(3) In the encoding mode (EM), Alice randomly performs with two operations � and ��(each
with equal probability) on the k-th qubit |�)⟩ to encode bits lk (kε[1 n]) that will be used as raw
key bits, where the unitary operation � = |0⟩⟨0| +|1⟩⟨1| encodes bit 0, and �� = �� =
|0⟩⟨1| −|1⟩⟨0| encodes bit 1. �� flips on all of the four prepared states as follows: ��{|0⟩, |1⟩} =
{−|1⟩, |0⟩} ��{|+⟩, |−⟩} = {|−⟩, −|+⟩}.
(4) In the control mode(CM), Alice randomly varies the received qubits in the X basis or the Z
basis, and then sends them back to Bob’s side through the quantum backward channel (QBC).
Here we should point out that, different from the protocol in [27], no actual detectors such as
avalanche-photo-diodes (APD) are needed to project qubits into classical bits. Alice only
permutes (or not permutes) the basis of the j-th qubit =�*> for ensuring the security, where i≠j.
(5) Instead of measuring the returned qubits by Bob himself, he delegates the measurement
process to the third party Eve (Charlie) and tells Eve (Charlie) the basis of each n qubits used
in preparation process after Alice has received the qubits |�!⟩ . That is to say, Eve (Charlie)
controls the detectors on Bob’s side, measures each of Alice’s qubit using Bob’s basis and
reports all of the measurement results, i.e., n classic bits to Bob.
(6) Alice announces the j-th qubit =�*> and the measurement basis that has been used on it in
the CM. According to Alice’s announcement, Bob computes the error rates (denoted as Qf ) of