0 M ay 1 99 9 Alternative quantum

Security of quantum key distribution of existing quantum cryptographic protocols -basically pure state protocols is yet to be unconditionally, unquestionably and realistically proved. We observe that this task, in an alternative way, can reliably be fulfilled if security is guaranteed within the raw protocol. But in presence of noise, raw protocols can not ensure that security since decoherence and eavesdropping (within the decoherence rate ) are intrinsically indistinguishable. To remove this difficulty, using mixed state, we present an alternative procedure of quantum cryptography, where principles of quantum mechanics rule out clandestine eavesdropping both for noisy and noise-free situation in the raw protocol. In this approach, the two different sequences of quantum states, having same density matrix, represent two logical bits. These two sequences, initially shared between the legitimate users, perfectly produce arbitrarily long string of bits in presence of noise without performing any error correction and using classical channel. Removal of classical channel indicates that conceptually quantum mechanics favours mixed state quantum cryptography. This mixed state crypto-system can be implemented over arbitrarily long distance using existing technology. On the basis of seminal work of Wiesner [1], Bennett and Brassard first invented quantum key distribution (QKD) protocol[2] and followed by their work, other QKD protocols[3-9] have been proposed with a view to achieve unconditional security. But noise is hindrance to achieve this goal. So far, considering noise security of QKD has been conditionally proved [10-12]. On the other hand, Mayers, Lo and Chau claim to have proved unconditional security [13-16]. There is no consensus regarding the validity of Mayers’ proofs[13-15] however, what is wrong with those proofs is unknown. The security proof of Lo and Chau[15] is based on fault-tolerant theory of quantum computation (FTQC), which is yet to be experimentally verified. Of course, this is not the end of the row. Relying on FTQC, another proof [17] has recently been given by Lo. We become aware [18] that many people are also actively working to prove security. Since security is an extremely sensitive issue, we make the following observations : 1. Until security is proved directly by the principle(s) of quantum mechanics, the search for the final proof will continue. 2. New theory should be experimentally verified before using it to prove security. Otherwise, if theory is experimentally proved wrong, then security proof will simultaneously crash. These observations puss us to conclude that uncertainty regarding security proofs can be removed if raw protocol provides security depending on established principle(s) of quantum mechanics. Let us see why existing protocols can not fulfill this simple demand. The existing protocols use individual state as a carrier of secret information (CSI) i.e. each single state represents bit. Due to decoherence or eavesdropping of the individual state bits can be corrupted. But raw protocol can not distinguish how the bit has been corrupted. The problem of security begins here. Using mixed state as CSI, we present an alternative approach, where raw protocol(s) can ensure unconditional security. The basic idea of this method is to produce arbitrarily long sequence of BITs randomly choosing the two short sequences, representing logical 0 and 1. In this method, the two sequences are two alternative preparation procedures of a density matrix . The sequences are shared between the legitimate users. As an illustration, let us take the two sequences of quantum states : Sn 0 = {ψ1 ψ1 ψ2 ψ1 ψ2 ψ2 ψ2 ψ1....}; Sn 1 = {φ1 φ2 φ2 φ1 φ1 φ2 φ1 φ2....}, where Sn 0 and Sn 1 stand for bit 0 and 1 respectively and n is the number of states in the sequences. These two sequences Sn 0 and Sn 1 are shared between sender Alice, and receiver Bob. The key, KN , the sequence of sequences is : KN = {Sn 0 Sn 1 Sn 1 Sn 0 Sn 1 Sn 0 Sn 1 Sn 0 Sn 0 Sn 1 ....} , where N is the number of BITs in the key. Alice’s task is to produce the key (KN ) of arbitrary length (at least, N = 2n + 1 ) and Bob’s task is to distinguish Sn 0 and Sn 1 and ultimately the Key (KN ) without taking help of Alice. It is nontrivial to mention that the states in the sequences may or may not be orthogonal and types of states in a sequence can be more than two and their statistical weights are not necessarily same and even two sequences can be prepared just by the same two states (minimal protocol) but the density matrix of the two sequences must be same i.e. ρS0 = ρS1 . We shall construct the equivalent density matrix using two different pairs of nonorthogonal state vectors of four dimensional expanded Hilbert-space. The presented protocol can be used two-party and three-party (even many-party) secure communication and can also be used for the purpose of message splitting[19,20]. Before proceeding further, let us point out that , the security of this crypto-system is based on the following propositions: 1. Sequences of known quantum states representing same density matrix are indistinguishable to all, except to the generator(s) of the sequences. 2. Measurements on single quantum state creates unavoidable disturbance. 3. Noise is a stochastic process. Firstly we describe preparation procedure of the shared sequences. Suppose, in a secret place, Alice and Bob are given 2n number of horizontally polarized (|↔〉) incoherent photons. They divide the photons into two halves to produce two sequences. To produce Sn 0 , they splits the wave function of each of the n photons with a symmetric (50:50) beam splitter. Now they do one of the two things in the path s : toss a coin, and if the result is ”head”, unitarily rotates the polarization by 90(|↔〉s −→ |l〉s) and if ”tail” she does nothing (|↔〉s −→ |↔〉s). In the other path, called r, they do nothing (|↔〉r −→ |↔〉r). The states are : |ψ1〉 = 1/ √ 2(|↔〉r + |↔〉s) |ψ2〉 = 1/ √ 2(|↔〉r + |l〉s) To produce Sn 1 , similarly after splitting the state of each of the remaining n photons, they do one of the two things in the path s : toss a coin; if ”heads”, unitarily rotates by 45(|↔〉s −→ |ր ւ〉s) and if ”tail”, unitarily rotates by 135(|↔〉s −→ |տ ց〉s). Similarly in the other path r, they do nothing. The states are : |φ1〉 = 1/ √ 2(|↔〉r + |ր ւ〉s) |φ2〉 = 1/ √ 2(|↔〉r + |տ ց〉s) These states can be represented by the following base states: |↔〉r; |l〉r; |↔〉s; |l〉s In this basis, the density matrix of the two sequences is,