Cryptology ePrint Archive: Report 2011/588

Another Look at Symmetric Incoherent Optimal Eavesdropping against BB84

Arpita Maitra and Goutam Paul

Abstract: The BB84 protocol is used by Alice (the sender) and Bob (the receiver) to settle on a secret classical bit-string by communicating qubits over an insecure quantum channel where Eve (the Eavesdropper) can have access. In this paper, we revisit a well known eavesdropping technique against BB84. We claim that there exist certain gaps in understanding the existing eavesdropping strategy in terms of cryptanalytic view and we try to bridge those gaps in this paper.

First we refer to the result where it is shown that in the six-state variant of the BB84 protocol (Bru\ss, Phys. Rev. Lett., 1998), the mutual information between Alice (the sender) and Eve (the eavesdropper) is higher when two-bit probe is used compared to the one-bit probe and hence the two-bit probe provides a stronger eavesdropping strategy. However, from cryptanalytic point of view, we show that Eve has the same success probability in guessing the bit transmitted by Alice in both the cases of the two-bit and the one-bit probe. Thus, we point out that having higher mutual information may not directly lead to obtaining higher probability in guessing the key bit.

It is also explained in the work of Bru\ss~that the six-state variant of the BB84 protocol is more secure than the traditional four-state BB84. We look into this point in more detail and identify that this advantage is only achieved at the expense of communicating more qubits in the six-state protocol. In fact, we present different scenarios, where given the same number of qubits communicated, the security comparison of the four and six-state protocols is evaluated carefully.

Category / Keywords: Advantage, BB84, Key Distribution, Optimal Eavesdropping, Quantum Cryptography

Publication Info: Accepted in INDOCRYPT 2012

Date: received 30 Oct 2011, last revised 8 Nov 2012

Contact author: goutam paul at ieee org

Available format(s): PDF | BibTeX Citation

Note: This is a substantially revised version (with a slight change in title) that has been accepted for presentation in INDOCRYPT 2012.

Version: 20121108:105927 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]