The universal composable security of quantum key distribution

Michael Ben-Or*, Michal Horodecki, Debbie W. Leung, Dominic Mayers, Jonathan Oppenheim

*Corresponding author for this work

Research output: Contribution to journalConference articlepeer-review

169 Scopus citations


The existing unconditional security definitions of quantum key distribution (QKD) do not apply to joint attacks over QKD and the subsequent use of the resulting key. In this paper, we close this potential security gap by using a universal composability theorem for the quantum setting. We first derive a composable security definition for QKD. We then prove that the usual security definition of QKD still implies the composable security definition. Thus, a key produced in any QKD protocol that is unconditionally secure in the usual definition can indeed be safely used, a property of QKD that is hitherto unproven. We propose two other useful sufficient conditions for composability. As a simple application of our result, we show that keys generated by repeated runs of QKD degrade slowly.

Original languageAmerican English
Pages (from-to)386-406
Number of pages21
JournalLecture Notes in Computer Science
StatePublished - 2005
EventSecond Theory of Cryptography Conference, TCC 2005 - Cambridge, MA, United States
Duration: 10 Feb 200512 Feb 2005


Dive into the research topics of 'The universal composable security of quantum key distribution'. Together they form a unique fingerprint.

Cite this