# Preambles of Quantum Cryptography :

One of the critical requirement for a secure, encyrpted communication is the Quality and distribution of Encryption key.

- An encryption is the binary data-stream that can be used to convert any plain- text into cipher-text and vice-versa respectively. So, both the sender and recipient should share common encrytion key.

**Ideal rules for security :**
- Security is as good as encrypton key.
- Key should not be copied.
- Key Should be random.
- If any key tampering is performed it should be detectable.

But there are no classical solutions to these problems. In digital world, the generation of key and their subsequent distribution are dependent most of the time on "Mathematical Hard Problems".

These methods of security becomes obsolete when we consider computationally unbounded systems. Ex: Some Quantum Algorithms are capable of solving the **Hard Problems** in **polynomial time**.

#### Classical Security vs Quantum Security :

|Classical Security|Quantum Security|
|------------------|----------------|
|computational security| Information theoritic Security|
|Mathematical Hardness|Perturbation on an unknown Quantum state is detectable|
|no solution for secure key distribution|No cloning|
|relies on PRNG|No locality|

# No Cloning Theorem:

It states that **"one cannot duplicate or copy an unknown Quantum State"**.

**NOTE :** There is no unitary operator that can clone arbitrary Qubit.

The proof of this theorem is actually quite simple: it boils down to the observation that the mapping $∣\psi\rangle\otimes∣\phi\rangle\mapsto∣\psi\rangle\otimes∣\psi\rangle$ is not linear in $|\psi\rangle$.

In particular, because $\Sigma$ has at least two elements, we may choose $a,b\in\Sigma$ with $a\neq b$. If there did exist a quantum state $∣\phi\rangle$ of $\mathsf{Y}$ and a unitary operation $U$ on the pair $\mathsf{(X,Y)}$ for which $U(|\psi\rangle \otimes |\phi\rangle) = |\psi\rangle \otimes|\psi\rangle$ for every quantum state $∣\psi\rangle$ of $\mathsf{X}$, then it would be the case that $$U\mathsf{(|a\rangle\otimes|\phi\rangle)\ =|a\rangle\otimes|a\rangle}\hspace{5pt}\text{and}\hspace{5pt}U\mathsf{(|b\rangle\otimes|\phi\rangle)\ =|b\rangle\otimes|b\rangle}.$$

By linearity, meaning specifically the linearity of the tensor product in the first argument and the linearity of matrix-vector multiplication in the second (vector) argument, we must therefore have $$U\biggr(\biggr(\frac{1}{\sqrt{2}}|a\rangle +\frac{1}{\sqrt{2}}|b\rangle\biggr)\otimes|\phi\rangle\biggr)\ =\frac{1}{\sqrt{2}}|a\rangle\otimes|a\rangle + \frac{1}{\sqrt{2}}|b\rangle\otimes|b\rangle.$$

However, the requirement that $U(|\psi\rangle\otimes|\phi\rangle)=|\psi\rangle\otimes|\psi\rangle$ for every Quantum state $|\psi\rangle$ demands that $$\begin{aligned}U\biggr(\biggr(\frac{1}{\sqrt{2}}|a\rangle +\frac{1}{\sqrt{2}}|b\rangle\biggr)\otimes|\phi\rangle\biggr)& \\
&=\biggr(\frac{1}{\sqrt{2}}|a\rangle+\frac{1}{\sqrt{2}}|b\rangle\biggr)\otimes\biggr(\frac{1}{\sqrt{2}}|a\rangle+\frac{1}{\sqrt{2}}|b\rangle\biggr)\\
&=\frac{1}{\sqrt{2}}|a\rangle\otimes|a\rangle +\frac{1}{\sqrt{2}}|a\rangle\otimes|b\rangle + \frac{1}{\sqrt{2}}|b\rangle\otimes|a\rangle+ \frac{1}{\sqrt{2}}|b\rangle\otimes|b\rangle \\
&\neq\frac{1}{\sqrt{2}}|a\rangle\otimes|a\rangle + \frac{1}{\sqrt{2}}|b\rangle\otimes|b\rangle
\end{aligned}$$

Therefore there cannot exist a state $∣\phi\rangle$ and a unitary operation $U$ for which $U(|\psi\rangle\otimes|\phi\rangle)=|\psi\rangle\otimes|\psi\rangle$ for every quantum state vector$∣\psi\rangle$ .

**Non-orthogonal states cannot be descriminated with certainity**

**Non-Commutivity :**
In Quantum mechanics, there exists an operator for every observable like, position, momentum, energy etc.

For example, momentum and position doesn't commute with each other. There they cannot be measured simultaneously with arbitrary accuracy.

This forms a basis for the difficulties in measuring a particle or wave at the same instant.

# Architecture of QKD:

!![QKD_arch.png](attachment:8cd8b901-72e5-4eaa-a74a-ef35a5d483ea.png)

The above diagram represents, the different steps for QKD protocol execution.

In Quantum Data transfer we execute the Quantum Protocol on basically two Hardware Nodes. They are **Transmitter Node** and **Reciever Node**.

- In transmitter node, Quantum States are generated and encoded with some information.
- Then after these states are sent to reciever node through a medium.
- The Quantum states used here are **Photons** (*also known as Flying Qubits*). There photons are used for Quantum Communication.

- The propagation medium can be free-space or fibre cable or anything suitable.

- In reciever node, these Quantum states are demodulated and gets measured.

So in Quantum Data transfer, we essentially perform Quantum communication and the result is a **raw-key** at both the ends. After this some post-processing is performed on output data.
Steps involved in this post-processing are:

1. Shifting
2. Error estimation and Error Correction
3. Analysis of the parameters
4. Privacy Amplification.

After performing all these steps we obtain final key. The length of this **final-key** is subjected to attenuation through the medium of propagation, low detection efficiency, low optical signal strength, system errors, leakage, etc.

In the above snapshot we can see that Quantum Data Tranfer is done inside the Quantum Channnel and Data post-processing is performed in classical channel.

QKD protocol can be categorized into two types on the basis of **nature of protocol**. They are :
1. Prepare & Measure
2. Entanglement Based.

QKD protocol can be categorized into two types on the basis of **Detection Techniques**. They are :
1. Discrete Variable
2. Continuos Variable.

When sender prepares the Quantum state (can be single photons or coherent pulses) and reciever perform measurement then it is called ***Prepare and Measure QKD***. Ex: **BB84**, **B92**, **Differential Phase Shift QKD** etc.
- These protocols makes use of uncertaininty principle  to ensure security.

In Entanglement based QKD protocols, during transmission the parties recieve photon from an entangled photon pair and measure its state in **randoml chosen basis**. Ex: **BBM92**. This protocol makes use of non-local correlations to achieve security. 
- If any local variable exists, which can predict the state of the entangled Qubit pair then non-local correlations are not observed.

**Discrete variable:** In this DV technique they employee single photon detection techniques.

**Continuos Variable:** In CV protocol, Information is encoded in Quadratures of Quantized  Electro-Magnetic field. Homodyne and Heterodyne techniques are used in sunch cases. Such techniques are routinely applied in classical-optial communications.

# Steps of Post Processing :

## Error Correction:

Process of error correction involves
1. Estimating error rate
2. correcting the error bits.

After recieving the **raw-key** we share a segment of received raw-key with sender and sender calculates the **error %** which is denoted by **e**. If this error rate is **greater than** threshold (theoritical value) then we discard the process. Else we will perform **step-2**.

Shannon's Noiseless coding theorem tells us about minimum number of bits **(k)** publicly exchanged to correct the errors **e**.
$$\lim_{n\rightarrow\infty}\frac{k}{n} = -e\log_{2}e - (1-e)\log_{2}(1-e) \equiv h(e)$$

**NOTE :** Error correcting algorithm should be ideally close to the shannon's limit. $n \rightarrow$ is length of raw-key.
- We have considered shifting parameter as **1**.
- Broadly, error correction algorithm can be **"Unidirectional" or "Bidirectional"**. But "Bidirectional" makes error correction easier to approach the value of shannon's limit.

- Since Error correction happens over a public channel, this leaks some information which is Quantifyable.

These analysis are done to enchance the security of **" final-key "**. 

Further we discard the bits that we shared here to estimate error. This step is very important during the practical implementation, since under the "denial of service" kind of attack one can stall a live **QKD link**.

## Privacy amplification:

In this step the **error-corrected key** is compressed to **final-secure key** by a **shrinking factor** $\Large\tau$.

The amount of compression must bound the amount of information leaked **during quantum transmission and error correction**. This means here we are checking the leaking information is lower than the specified value or not.

These calculations are performed using methods of generalized privacy amplification theory. This theory makes the worst case assumption that all errors are potentially caused by eavesdropping.

The result of this theory tells us length of **final-key** 
$$r = n\tau -k -t$$
where ,
- $n \rightarrow$ is length of raw key
- $k \rightarrow$ is no. of bits disclosed during error correction
- $t \rightarrow$ is security parameter
- $\tau \rightarrow$ is Shrinking factor

**Idea of QKD is to generate secure, symmetric encryption keys to distant locations. And Security should not be compromised.**

# BB84 QKD:

![BB84.png](attachment:3f0be0bc-1dcb-446d-80e2-2d6f4f5d6575.png)