Many researchers have contributed to creating Quantum Key Distribution (QKD) since the first protocol BB84 was proposed in 1984. One of the crucial problems in QKD is to guarantee its security with finite-key lengths by Privacy Amplification (PA). However, finite-key analyses show a trade-off between the security of BB84 and the secure key rates. This study analyses two examples to show concrete trade-offs. Furthermore, even though the QKD keys have been perceived to be arbitrarily secure, this study shows a fundamental limitation in the security of the keys by connecting Leftover Hash Lemma and Guessing Secrecy on the QKD keys.
There is an ongoing debate about the fundamental security of existing quantum key exchange schemes. This debate indicates not only that there is a problem with security but also that the meanings of perfect, imperfect, conditional and unconditional (information theoretic) security in physically secure key exchange schemes are often misunderstood. It has been shown recently that the use of two pairs of resistors with enhanced Johnsonnoise and a Kirchhoff-loop ‒ i.e., a Kirchhoff-Law-Johnson-Noise (KLJN) protocol ‒ for secure key distribution leads to information theoretic security levels superior to those of today’s quantum key distribution. This issue is becoming particularly timely because of the recent full cracks of practical quantum communicators, as shown in numerous peer-reviewed publications. The KLJN system is briefly surveyed here with discussions about the essential questions such as (i) perfect and imperfect security characteristics of the key distribution, and (ii) how these two types of securities can be unconditional (or information theoretical).