Talk:Quantum key distribution

BB84 protocol
I think that the sentence "the protocol is designed with the assumption that an eavesdropper (referred to as Eve) can interfere in any way with both [channels]" is a too strong statement. I think it's okay for Eve to do anything with the quantum channel and to eavesdrop classical channel but if she could intercept and resend the classical channel when they comapre they measurements she could ruin everything. Panina-manina (talk) 12:28, 15 December 2012 (UTC)
 * Yes, it's laughable that the classical channel has to be secure beforehand to establish secure quantum communications. Bright☀ 19:44, 31 May 2018 (UTC)

Intercept & Resend
I believe the chance of being noticed is 1-(1/2)^n as Alice & Bob will only be comparing bits where their bases match, therefore Eve had a 50% chance of guessing the right basis in this situation. — Preceding unsigned comment added by 195.176.3.122 (talk) 14:34, 9 May 2017 (UTC)

Wrong statement regarding QKD detecting interception
in "Future" it is said that "The major difference of quantum key distribution is the ability to detect any interception of the key, whereas with courier the key security cannot be proven or tested". This is plain wrong considering MITM. An interception can only be detected if you are perfectly sure that the photons arriving are the very same you have send. The only real difference is that, if only eavesdropping has occurred on the very same photons which still arrive, the QKD key will be automatically trash, while classically distributed keys must be manually trashed. Key interception in general (in terms of MITM) must be independently detected for both, QKD and classic key distribution, unlike the above quote hints. — Preceding unsigned comment added by Arrobbe (talk • contribs) 10:57, 22 August 2020 (UTC)

Bruce Schneier's remark is factually incorrect and should be removed
One of the premises of Schneier's remark, appearing very early on in the cited text, is

"The idea behind quantum crypto is that two people communicating using a quantum channel can be absolutely sure no one is eavesdropping. "

This is not the idea behind quantum key distribution (QKD). The idea is that provided that the protocol has been executed correctly the users may upper bound correctly any leaked information. They may then use classical privacy amplification algorithms to distill a secret key or start over if too much information has leaked. The role of quantumness is to guarantee that the upper bound is correct.

A second mistake in this premise is that the users will not use the quantum channel for communication. The classical channel will be used for communication and the quantum channel merely facilitates the sharing of the secret key that will be used to encrypt the classical messages.

I will proceed to remove the sentence quoting Schneier's remark soon if I don't hear otherwise.2001:14BA:A701:79A4:0:0:0:1 (talk) 09:55, 18 April 2022 (UTC)


 * I think you are right about him being wrong. Although, it is a citation from a very prominent cryptographer, and should not be removed, but rather contradicted by another citation. Or just left there, as a quote, and let the reader decide for itself whether it is true or not. To be more clear, the statement "in relation to QKD this famous guy said this-and-that" is true, despite that "this-and-that" might be false. (Wikipedia probably have multiple policies about removing cited stuff, but by inaction, i am willing to break those policies, since I think your version is more pedagogic.)
 * Second, a quantum channel could be used to carry the data. Why not. For example, using superdense coding. Although during this century, humanity will likely be using classical data channels ;) In other words, the statement that the ciphertext messages then are transmitted over only classical channels is false. · · · Omnissiahs hierophant (talk) 14:53, 18 June 2022 (UTC)

Wiki Education assignment: Quantum Information Science and Engineering
— Assignment last updated by Za49 (talk) 05:31, 30 November 2022 (UTC)