Abstract
We find that the generally accepted security criteria are flawed for a whole class of protocols for quantum cryptography. This is so because a standard assumption of the security analysis, namely that the so-called square-root measurement is optimal for eavesdropping purposes, is not true in general. There are rather large parameter regimes in which the optimal measurement extracts substantially more information than the square-root measurement.
- Received 23 October 2003
DOI:https://doi.org/10.1103/PhysRevA.70.032306
©2004 American Physical Society