As usual, this was a busy week! I wouldn’t blame you if you felt a strong sense of accomplishment: you’ve reach the point where you can describe, understand and analyze the most important protocol in quantum cryptography, the BB’84 protocol for quantum key distribution.

To see how much ground we’ve covered since ’84, it is instructive to look at the original paper, “Quantum cryptography: Public key distribution and coin tossing” (available here). Reading the paper will give you a better sense of how novel the idea was at the time.

Proofs of security of QKD were hard to come by. Mayers is usually credited for the first complete proof of security, but there are many alternative approaches known; a popular one is the proof by Shor and Preskill: with a title such as “Simple Proof of Security of the BB84 Quantum Key Distribution Protocol“, it’s hard to resist!

A thorough, modern proof, including the use of the conditional min-entropy and a discussion of its importance, can be found in the Ph.D. thesis of Renato Renner. We can also recommend the recent analysis by Tomamichel and Leverrier, which provides a very comprehensive and fine-grained analysis.

Although BB’84 is by far the most widely studied, and used – for all that QKD is used, but as you saw in the guest video by Nicolas Gisin, it is used – but there are others. We will discover a prominent one, the Ekert’91 protocol, next week. Another is the B’92 protocol by Bennett, which has some practical advantages.

For much more on authentication, both in the private-key (MACs) and public-key (digital signatures), we refer you to Chapter 5 in the excellent lecture notes by Pass and Shelat. Of course, for further discussion of the material discussed in the videos, don’t forget to check out our own lecture notes!