Quantum Key Distribution As a Scheme with Bernoulli Tests

A family of attacks on the BB84 protocol of quantum key distribution is explicitly constructed under which the lower bound of fundamental entropy uncertainty relations is attained in the asymptotic limit of long sequences. All attacks are parameterized by a single parameter Q, which has the meaning of error probability on the receiver side, is known to the eavesdropper, but is reliably unknown to legitimate users. The situation on the receiver side looks like a scheme with classical Bernoulli tests with unknown parameter Q. For the eavesdropper, the situation also looks like a Bernoulli scheme—tossing a coin with quantum states, where each message of the eavesdropper leads to a quantum state that is uniquely determined by the outcome of measurements on the receiver side. A statistical interpretation is given to the estimate of the error probability for Q and the key secrecy parameter ε_δ,n. It is shown that, for a given length n of a series of tests, the width δ of the confidence interval actually determines the accuracy of the estimate for the parameter Q and, accordingly, the key secrecy level—the value of the secrecy parameter \({\varepsilon _{\delta ,n}} = 2{e^{ - 2{\delta ^2}n}}\).