Ph.D Thesis

Ph.D StudentLiss Rotem
SubjectSecurity of Quantum Key Distribution Protocols
DepartmentDepartment of Computer Science
Supervisor ASSOCIATE PROF. Tal Mor
Full Thesis textFull thesis text - English Version


The counter-intuitive features of quantum mechanics make it possible to solve problems and perform tasks that are beyond the abilities of non-quantum (classical) computers and communication devices. The field of quantum information processing studies how we can achieve such improvements by representing information as quantum states.

One of the early achievements of quantum information processing is the development of quantum key distribution (QKD). QKD protocols allow two participants (Alice and Bob) to achieve the classically-impossible task of generating a secret shared key even if their adversary is computationally unlimited.

Unfortunately, the security promises of QKD are true only in theory; practical implementations of QKD deviate from the theoretical protocols, and many of these deviations give rise to practical attacks. In this research thesis, we study the security properties of various QKD protocols in many practical settings:

First, we study practical security of semiquantum key distribution (SQKD) protocols, where either Alice or Bob is non-quantum (classical). Following practical security problems in previous SQKD protocols, we suggest a new SQKD protocol (the "Mirror protocol") which can be securely implemented, and we prove it robust and secure against a wide range of attacks (the "uniform collective attacks").

Then, we study "composable security" of the first QKD protocol created by Bennett and Brassard (BB84). BB84 has its unconditional security proved against adversaries performing the most general attacks in a theoretical (idealized) setting; however, some security approaches do not prove "composable security", which requires the secret key to remain secret even when Alice and Bob actually use it for cryptographic purposes. We generalize an algebraic security approach for BB84, making it prove composable security of BB84 (and many variants of BB84) against the most general attacks.

Finally, we analyze an important practical attack (named "Bright Illumination"), showing how it can be modeled as a theoretical "Reversed-Space" attack.

Overall, all results aim to enhance our understanding on how to bridge the gap between theory and practice in various sub-fields of QKD, and they may help solve a major open problem in the field of QKD: constructing a realistic QKD implementation that can be proved truly and unconditionally secure against any possible attack.