Sifting problems in finite-size quantum key distribution Extended Abstract

Quantum key distribution (QKD) allows for unconditionally secure communication between two parties (Alice and Bob). A recent breakthrough in the theory of QKD is the treatment of finite-key scenarios, pioneered by Renner and collaborators (see [1], for example). This has made QKD theory practically relevant, since the asymptotic regime associated with infinitely many exchanged quantum signals is often an insu cient description of actual experiments. In practice, Alice and Bob have limited time and/or dim light sources that limit the number of photons they can exchange. For example, in satellitebased QKD where, say, Bob is on the satellite and Alice is on the ground, the time allotted for exchanging quantum signals corresponds to the time for the satellite to pass overhead Alice’s laboratory on the ground. Finite-key analysis attempts to rigorously establish the security of finite-size keys extracted from finite raw data. A systematic framework for such analysis was developed by Tomamichel et al. [2] involving the smooth entropy formalism. This framework was later extended to a decoy-state protocol by Lim et al. [3]. An alternative framework was developed by Hayashi and collaborators [4, 5]. Other extensions of the finite-key framework include the treatment of device-independent protocols by Curty et al. [6] and Lim et al. [7], and continuous-variable protocols by Furrer et al. [8] and Leverrier [9]. The framework used in the aforementioned works, relying on some fairly technical results,1 represents the current state-ofthe-art in the level of mathematical rigor for QKD security proofs. These theoretical advances have led to experimental implementations with finite-key analysis. Some examples of such experiments include Refs. [10–12]. One can argue that all real QKD implementations are of finite size. It is therefore of utmost importance to fully understand the subtleties of finite-size e↵ects. We point out that this understanding is required not only for theoretical satisfaction but also for the correct calculation of practically relevant quantities such as the key rate or the noise tolerance of a QKD protocol.