A Comparison of Several Implementations of B92 Quantum Key Distribution Protocol

This paper presents the development, comparison, and analysis of several implementations of the B92 Quantum Key Distribution (QKD) protocol. To achieve this goal three prototypes which consists of traditional simulators (non-quantum) were created, one for the B92 protocol, one for the B92 protocol with an eavesdropper, and one for the B92 protocol with the Quantum Bit Travel Time (QBTT) eavesdropper detection method. The principles of quantum mechanics were studied, as a foundation of quantum cryptography, for the implementation of the simulation programs that were written in C++, focusing mainly on the B92 protocol and QBTT eavesdropper detection method. We compared the Quantum Bit Error Rate (QBER) for the implementation of the B92 protocol without an eavesdropper, the B92 protocol with an eavesdropper and the B92 protocol with the QBTT eavesdropper detection method and found that the latest one significantly reduces the QBER from the final key.


I. INTRODUCTION
In this paper we will present the development, comparison, and analysis of several implementations of the B92 Quantum Key Distribution (QKD) protocol. We developed our own simulation programs, written in C++, to compare the Quantum Bit Error Rate (QBER) from the final key obtained by the B92 protocol without eavesdropper, the B92 protocol with an eavesdropper and the B92 protocol with Quantum Bit Travel Time (QBTT) eavesdropper detecting method. The QBTT eavesdropper detecting method that is proposed in [1] was successful in improving the Quantum Bit Error Rate for the BB84 Quantum Key Distribution protocol. We compared the Quantum Bit Error Rate (QBER) for implementation of the B92 protocol without an eavesdropper, the B92 protocol with an eavesdropper, and the B92 protocol with QBTT eavesdropper detection method. The results showed that QBER for the B92 protocol without an eavesdropper is approximately 75%, the QBER for the B92 protocol with an eavesdropper is around 89%, and the QBER for B92 protocol with QBTT eavesdropper detection method is at 75% thus we can say that the QBTT eavesdropper detection method significantly reduces the QBER from the final key.
The Quantum Key Distribution protocol B92, proposed by Charles Bennett in [2] allows two entities, the Sender and the Receiver, to establish a perfect secret, a common and unique key sequence using polarized photons -qbits, and also, due to the principles of quantum mechanics, it could detect if an Eavesdropper intercepted the quantum channel.
The unconditional security of the B92 quantum key distribution system has been demonstrated only for a mathematical model in [3] and [4]. In practice, this unconditional security cannot be achieved due to the technical imperfections of the devices involved in the exchange of quantum keys, either used for polarization or for the reading of the polarization of the photons.
The security of the quantum key distribution systems is also given by the effectiveness of the methods used for detecting possible attacks. There are also several methods of detecting attacks on quantum key distribution systems [5], but the most reliable is the Quantum Bit Travel Time (QBTT) detection method as shown in [1]. The QBTT eavesdropper detection method can be implemented in any quantum key distribution system and has the advantage that the enemy can be detected accurately and especially immediately after it has read a qbit, during the quantum transmission.

II. THE B92 QKD PROTOCOL -ESSENTIALS
Quantum cryptography uses polarize photons -qbits -to represent the bits from the primary key. A photon can be polarized rectilinear (R) in one of the states (0°, 90°), diagonal (D) in one of the states (45°, 135°) and circular (left -spin L, right -spin R).
In the B92 quantum key distribution system, Sender will encode classical bits in two non-orthogonal states, figure 1 and Receiver will measure the qbits in all four states used in BB84 protocol as shown in [2] and [6], figure 2.  According to the laws of quantum mechanics, no type of measurement can distinguish between two polarized photons in non-orthogonal bases, as a result the corresponding bits cannot be identified with certainty. On the other hand, any attempt to intercept the transmitted qbits will alert the two communicating parties [6].
To implement the B92 quantum key distribution system, the Sender and the Receiver will use for the bit coding respectively for photon reading the convention set out in the table I.
The Sender eliminates from s the corresponding bit where the Receiver detected '0'.

B. Detecting eavesdropper's presence
For an Eavesdropper detection, B92 quantum key distribution system uses the QBER -Quantum Bit Error Rate method which involves calculating the percentage of errors in the final key [7], obtained at the end of the quantum transmission.
Quantum bit error rate is defined as: where QI represents the number of qbits from primary key, and QF represents the number of qbits from final key.

In the absence of the Eavesdropper, for the qbit in the i th position if we have s'[i] ≠ ?, then s'[i] = s[i].
If the Eavesdropper tried to read the qbit in the ith position, then the probability Pr{s[i] = ?} increases.
In conclusion, the Sender and the Receiver will detect the Eavesdropper presence, due to the growth of the number of errors in the raw key and therefore the QBER value will increase.

C. Stages of B92 protocol
B92 quantum key distribution protocol has two communication stages [8]: Stage 1: The quantum channel, a one-way communication through optical fiber. During this stage the primary key, encoded as qbits is transmitted from the Sender to the Receiver through the optical fiber. To implement through software simulation the B92 quantum key distribution protocol without an eavesdropper, the Sender and the Receiver will communicate through different TCP/IP ports and sockets, via a switch, that will simulate both the quantum and the classical channel.
This software application, that we developed in C++, consists of 4 objects: Sender, Receiver, Quantum Channel and Classic Channel.
At the end of the quantum transmission, the Sender and the Receiver will communicate through the classical channel and execute the steps: Detecting Eavesdropper presence, Secret key reconciliation and Privacy amplification.

A. Hardware setup
Block diagram of the B92 without an Eavesdropper implementation is presented in figure 3. To implement the B92 protocol without an Eavesdropper we used: 2 workstations and 1 switch (a router can also be used).
The workstations represent the Sender and the Receiver. Static IPs are used so that workstations can communicate through the switch. Specific simulation software, developed by us, is installed on each workstation.

B. Software setup
For this simulation, each object (Sender, Receiver, Quantum Channel and Classic Channel) plays different role, as shown in figure 4.  (Strings s and s' are divided in small blocks of bits and their parity are compared. If the parity does not match, they are divided into smaller blocks and their parities are compared again, repeating this process until the exact location of the error is found. Once the error is found the corresponding bit from s and s' are discarded.)

d) Step 4 -Privacy Amplification:
Sender and Receiver: Apply random type of permutation in s and s'.
(A binary transformation -usually a random permutation -is applied to s and s', and a subset of bits are discarded from them).

D. Flowchart of B92 protocol
Flowchart of the B92 of quantum key distribution protocol is presented in figure 5.

E. Experimental results
After running the B92 without an eavesdropper simulation program 10 times, for a 512 bits primary key, the results from table II are obtained. Analyzing these data, we can see that the QBER value is approximately 75%, as shown in figure 6.

IV. IMPLEMENTATION OF THE B92 PROTOCOL WITH EAVESDROPPER
For implementation through software simulation of the B92 quantum key distribution protocol with an eavesdropper present, the Sender, Receiver and an Eavesdropper will communicate through different TCP/IP ports and sockets, via a switch, that will simulate the quantum and the classical channel.
This software application, that we developed in C++, consists of 5 objects: Sender, Receiver, Eavesdropper, Quantum Channel and Classical Channel.

A. Eavesdropper attack method
The Eavesdropper use an Intercept-Resend attack [9] in which it will interrupt the quantum channel as shown in figure  7, intercept those qbits, read them and send to the Receiver other qbits according to its randomly choice of bases. The Receiver will acquire those modified qbits from the Eavesdropper through the quantum channel and read them according to its randomly choice of bases.
At the end of the quantum transmission, the Sender and the Receiver will communicate through the classical channel and execute the steps: Detecting Eavesdropper presence, Secret key reconciliation and Privacy amplification [8].

B. Hardware setup
The block diagram of the B92 protocol implementation is presented in figure 8. To implement the B92 protocol with an Eavesdropper we used: 3 workstations and 1 switch.
Each workstation represents the Sender, the Receiver and the Eavesdropper. Static IPs are used so that workstations can communicate via the switch. As described above, specific simulation software, developed by us, is installed on each workstation.

C. Software setup
For this simulation, each of object (Sender, Receiver, Eavesdropper, Quantum Channel and Classic Channel) play different role, as shown in figure 9.

D. Experimental results
After running the B92 with an eavesdropper simulation program 10 times, for a 512 bits primary key, we obtain for the raw key, the final key and the quantum bit error rate -QBER the results from table III. Analyzing these data, we can see that QBER for B92 with eavesdropper is approximately 89%, figure 10, with 14% greater than QBER for B92 without eavesdropper, because an eavesdropper tapped the quantum channel. For implementation through software simulation of the B92 protocol with QBTT eavesdropper detection method, we developed the software in C++ language. The Sender and the Receiver will communicate through the quantum channel and classical channel with or without the presence of the Eavesdropper.

A. Hardware setup
The block diagram of the B92 protocol with QBTT eavesdropper detection method implementation is presented in figure 9.
Devices used in this implementation are 3 workstations and 1 switch.

B. Software setup
For this simulation, only the appropriate function is executed on each of workstation, depends on its role: Sender, Receiver, Eavesdropper, Quantum channel or Classical channel, as shown in figure 11. For each transmitted qbit, Sender also sends to the Receiver the timestamp T of transmission.
The receiver, for each measured qbit, calculates ΔT = T' -T, where T' represents the timestamp of the received qbit. If the delay time ΔT is not within normal limits, limits that were established by earlier lab communications tests [1], the Receiver will stop the transmission.
The QBTT eavesdropper detection method allows Receiver to detect the Eavesdropper's presence at any time during quantum transmission, after each received qbit, not only at the end of it [1]. Interactive binary search for errors in s and s'. (Strings s and s' are divided in small blocks of bits and their parities are compared. If the parity does not match, they are divided into smaller blocks and their parities are compared again, repeating this process until the exact location of the error is found. Once the error is found. Once the error is found the corresponding bits from s and s' are discarded.) c) Step 4 -Privacy Amplification: Sender and Receiver: Apply random type of permutation in s and s'. (A binary transformation -usually a random permutation -is applied to s and s', and a subset of bits are discarded from them).

D. Experimental results
After running the B92 with QBTT simulation program 10 times, for a 512 bits primary key, the results from table IV were obtained. Analyzing these data, we can see that QBER value is approximately 75%, figure 12, same QBER as in simulation of B92 algorithm without eavesdropper, although the eavesdropper was present.

CONCLUSIONS
These software simulation programs are meant to give an alternative to physical implementation of the quantum devices used in quantum transmission. This paper presents a comparison of the Quantum Bit Error Rate (QBER), obtained at the end of quantum transmission, between the B92 protocol without an eavesdropper, the B92 protocol with an eavesdropper and the B92 protocol with QBTT eavesdropper detection method, figure 13.
The results showed that QBER for B92 protocol without an eavesdropper is approximately 75%, the QBER for B92 protocol with eavesdropper is around 89% and the QBER for B92 protocol with QBTT eavesdropper detection method is at 75% thus we can say that the QBTT eavesdropper detection method, implemented in the B92 protocol, significantly reduces the QBER from the final key. We can observe the advantages of the implementation of Quantum Bit Travel Time -QBTT eavesdropper detection method in B92 protocol by reducing the percentage of the Quantum Bit Error Rate -QBER from the final key and the instant detection of the eavesdropper during the quantum transmission.
As we shown in [1], that QBTT eavesdropper detection method can be implemented in the BB84 protocol. As a future work we consider implementing QBTT eavesdropper detection method in a quantum entanglement scheme like E91.