When a quantum cryptographic system operates in the presence of background noise, security of the key can be recovered by a procedure called key distillation. A key-distillation scheme effective against so-called individual (bitwise-independent) eavesdropping attacks involves sacrifice of some of the data through privacy amplification. We derive the amount of data sacrifice sufficient to defend against individual eavesdropping attacks in both BB84 and B92 protocols and show in what sense the communication becomes secure as a result. We also compare the secrecy capacity of various quantum cryptosystems, taking into account data sacrifice during key distillation, and conclude that the BB84 protocol may offer better performance characteristics than the B92.
© 1998 Optical Society of America
Boris Slutsky, Ramesh Rao, Pan-Cheng Sun, Ljubiša Tancevski, and Shaya Fainman, "Defense Frontier Analysis of Quantum Cryptographic Systems," Appl. Opt. 37, 2869-2878 (1998)