Skip to Content

Obtaining the Devetak-Winter bound for Quantum Key Distribution in Terms of Entanglement Distillation


Bennett and Brassard proposed the first QKD protocol in 1984, but it was not until the work of Dominic Mayer in 1996 that it was proven to be unconditionally secure. One of the noticeable advances in the security proof technique was accomplished by Lo and Chau, followed by Shor and Preskill, when they related BB84 to entanglement distillation. Subsequently, techniques for unconditional security proofs have greatly evolved. One of the most complete security proofs for QKD protocols using single photon encoding and one-way communication has been proposed by Renner, Gisin and Kraus.

In standard entanglement distillation proofs and in the original paper by Renner, Kraus and Gisin, the quantum state prior to the raw key measurement is or could be diagonalized in the Bell-basis. Excluding pre-processing, the secret key generation rate obtained in that manner is asymptotically close to 1-H(p_{uv}) where H(p_{uv}) is the Shannon entropy of the bit and the phase error rate of the system representing the key. However, for some QKD protocols, there are other symmetrizations that give a better lower bound for secret key generation rates derived using only one-way communication.

An improved secure rate for some QKD protocols involving measurements of non-orthogonal states can be calculated by symmetrizing the state "earlier" in the protocol, as was acknowledged recently by Kraus et al. for the case of SARG04. As we show for the case of spherical code and the Singapore protocol where the QKD protocol follows some symmetries (i.e. the effective channel is dephasing), the symmetrization proposed by Renner, Gisin and Kraus can be done before a so-called filtering operation. In the absence of such symmetry, the quantum de Finetti theorem as described in Renner's thesis can be used instead to obtain a state that is close to separable. Applying the Devetak-Winter lower bound to such state, we obtain a secret key rate that can be higher than 1-H(p_{uv})  (i.e. the Devetak and Winter bound is given by I(X:B)-I(X:E), where I(X:B) or I(X:E) is the mutual information between Alice and Bob, or Alice and Eve, supposing that Alice, Bob and Eve share by a cqq state).

One of our contributions is to derive this improved bound from the perspective of entanglement distillation. To do so, it is necessary to introduce the concept of a shield, which is a system that Eve cannot access and that does not contain the key. We show that for the prepare-and-measured QKD protocol, the state of the shield can be written approximately as \sigma^ v where v describes the phase error pattern, and that the secret key generation rate is given by 1-H(p_{u})-H(p_{v})+\chi(\sigma_v, p_v), where \chi is the Holevo information. We also show that this rate is equivalent to the Devetak and Winter bound.

Joint work with J.-M. Renes.