Quantum key distribution (QKD) offers a theoretically secure method for distributing secret keys between two parties (Alice and Bob) over a public channel, even in the presence of an eavesdropper (Eve). Continuous-variable (CV) QKD, leveraging the amplitude and phase quadratures of optical fields, is particularly attractive due to its potential for integration with existing telecommunication infrastructure. However, a crucial requirement for practical QKD is universal composability, ensuring that any cryptographic application using the generated key remains secure. Existing CVQKD protocols based on coherent states have struggled to demonstrate composability due to the large number of quantum states (N) required by existing security proofs for successful key generation. This paper addresses this challenge by presenting a novel CVQKD system and improved security analysis that enables composable key generation with a significantly smaller N, making CVQKD more practical and robust.

Previous work on composable security in CVQKD has primarily focused on two-mode squeezed states or coherent states with dual quadrature detection. While composable proofs exist for these systems, they either suffer from limited communication distance (in the case of squeezed states) or require a substantially larger number of quantum states for practical key generation (in the case of coherent states with dual quadrature detection). Existing coherent-state CVQKD implementations have not yet demonstrated composability, hindered by stringent security bounds, the need for a large number of quantum state transmissions, and tight requirements on excess noise. This research builds upon prior work in CVQKD protocols, addressing the limitations of existing security proofs and experimental implementations.

The researchers developed a Gaussian-modulated coherent state CVQKD system with a low-complexity setup. Alice encodes information by modulating the optical signal field, while Bob uses coherent detection facilitated by a local oscillator (LO). The protocol involves quantum state preparation and transmission, followed by classical post-processing steps (information reconciliation, parameter estimation, and privacy amplification). The core innovation lies in a novel method for establishing confidence intervals compatible with collective attacks, allowing for smaller block sizes. Alice generates coherent states using a single electro-optical in-phase and quadrature (IQ) modulator, encoding Gaussian information in frequency sidebands. Bob decodes the information using RF heterodyning and digital signal processing (DSP). A machine learning framework is implemented for phase compensation. A rigorous security analysis, accounting for finite-size effects, was performed to determine the composable secret key length using tools from previous research, including an improved penalty for the asymptotic equipartition property (AEP) and tighter confidence intervals based on the Beta distribution. The system’s excess noise was meticulously analyzed and minimized through careful parameter selection and noise reduction techniques, such as avoiding spurious noise peaks through frequency management and using a pilot tone for phase referencing. The experiment was conducted over a 20 km fiber-optic channel, with parameters such as modulation strength (mean photon number μ), trusted noise, and trusted transmittance meticulously calibrated. Information reconciliation utilized multi-dimensional schemes with multi-edge-type low-density-parity-check (LDPC) error-correcting codes. The effects of digitization are considered, acknowledging the limitations in generating a perfectly Gaussian distribution in practice. A total of 10⁹ complex symbols were used, with a significant portion used for error correction and parameter estimation.

The researchers successfully demonstrated the generation of composable keys secure against collective attacks with a relatively small number of transmitted coherent states (N ≈ 2 × 10⁶). With N ≥ 10⁷, over 41 Mbits of composably secure key material was obtained. The improved confidence intervals, derived using the Beta distribution, were crucial in achieving this result, reducing the required N by an order of magnitude compared to previous methods. The careful noise analysis and mitigation techniques, along with the high-speed system operation (B = 100 MSymbols/s), enabled the generation of high-quality correlations. The experimental setup utilized a 20 km long fiber-optic channel and incorporated a detailed calibration procedure for various system parameters. The secret key length was calculated based on a formula incorporating parameters such as smoothing parameters, information reconciliation leakage, entropy, and Eve's Holevo bound. The paper shows that the improved confidence intervals based on the Beta distribution significantly reduced the number of required quantum symbols for key generation.

The successful generation of composable keys with a significantly reduced number of quantum states demonstrates a considerable advancement in practical CVQKD. The improved confidence intervals, derived using the properties of the Beta distribution, are the key factor enabling the reduction in the required N. The methodology presented overcomes previous limitations imposed by stringent security bounds and high noise thresholds. This work significantly bridges the gap between theoretical security proofs and practical implementations of composable CVQKD. The ability to generate composable keys with a realistic number of quantum states opens avenues for utilizing CVQKD in real-world applications such as secure data encryption. The study's success highlights the importance of careful noise analysis and mitigation techniques in achieving high-quality correlations necessary for composable key generation.

This research successfully demonstrated composable security against collective attacks in a practical continuous-variable quantum key distribution system using coherent states. The achievement of composable key generation with a significantly smaller number of quantum states than previously required marks a crucial step towards the practical application of CVQKD. Future work could focus on extending the composable security to general attacks, improving the system's performance, and increasing the communication distance by addressing limitations such as digitization error and computational challenges associated with the symmetrization requirement for general attacks.

The current implementation demonstrates composable security against collective attacks but not against general attacks. While the digitization of data was considered, the impact of this approximation on security is a limitation. The computational complexity of symmetrization remains a challenge for achieving composable security against general attacks. The experiment was conducted in laboratory conditions, and further work is needed to test the system's robustness in real-world environments.