Quantum key distribution (QKD) has unconditional security according to the no-cloning theorem of quantum bits. However, a relatively short communication distance has been always limiting promotion of a practical application of the QKD. In a QKD protocol (BBM92 protocol) based on an entangled state, a photon source at a communication midpoint separately sends one photon to each of two communications parties, and therefore, a communication distance between the two communications parties can be extended to twice as much as that of a conventional BB84 protocol. In practice, however, because it is difficult to implement a perfect entangled photon source, a nonlinear process such as parametric down conversion (PDC) or four-wave mixing (FWM) is generally used to generate one pair of entangled photons in one pulse at a specific probability, or the photon source generates a plurality of pairs of mutually entangled photons in one pulse at a specific probability, and two entangled photons in the photon pair are sent to the two communications parties separately.
However, this phenomenon can cause an eavesdropper (also referred to as Eve) to use a photon-number splitting (PNS) attack to steal one or more of the plurality of pairs of mutually entangled photons without being noticed in order to obtain information about a key of the two communications parties. This greatly reduces a security transmission distance and a generation rate of a security key of the QKD system. A detailed stealing process of Eve is as follows.
(a) Eve performs photon number measurement on pulses sent by Charlie (photon source) to the two communications parties. For pulses that include a plurality of photons, Eve reserves some photons, and then sends remaining photons to the two communications parties through a channel with an extremely low loss.
(b) After communication ends, the two communications parties announce a base of their measurement through a common channel, and in this case, Eve performs measurement, using a base that is the same as that used by the two communications parties, on the photons reserved by Eve in order to obtain a part of the key.
(c) In an extreme condition (in one pulse, a probability at which a plurality of photon pairs is greater than a channel loss), Eve can block all single-photon pulses, and all multi-photon pulses are affected by the PNS attack. In this way, key of the two communication parties are all generated by the multi-photon pulse, and the two communications parties cannot discover a communication exception. In this case, Eve can have the entire key.
It can be learned from the above, for long-distance communications parties, security of an entangled state QKD communication manner is extremely low, and the key can be easily stolen by the eavesdropper.