
Quantum key distribution using weak coherent states and homodyne detection is
a promising candidate for practical quantumcryptographic implementations due
to its compatibility with existing telecom equipment and high detection
efficiencies. However, despite the actual simplicity of the protocol, the
security analysis of this method is rather involved compared to
discretevariable QKD. In this article we review the theoretical foundations of
continuousvariable quantum key distribution (CVQKD) with Gaussian modulation
and rederive the essential relations from scratch in a pedagogical way. The aim
of this paper is to be as comprehensive and selfcontained as possible in order
to be well intelligible even for readers with little preknowledge on the
subject. Although the present article is a theoretical discussion of CVQKD,
its focus lies on practical implementations, taking into account various kinds
of hardware imperfections and suggesting practical methods to perform the
security analysis subsequent to the key exchange. Apart from a review of well
known results, this manuscript presents a set of new original noise models
which are helpful to get an estimate of how well a given set of hardware will
perform in practice.

Models of quantum systems on curved spacetimes lack sufficient experimental
verification. Some speculative theories suggest that quantum properties, such
as entanglement, may exhibit entirely different behavior to purely classical
systems. By measuring this effect or lack thereof, we can test the hypotheses
behind several such models. For instance, as predicted by Ralph and coworkers
[T C Ralph, G J Milburn, and T Downes, Phys. Rev. A, 79(2):22121, 2009, T C
Ralph and J Pienaar, New Journal of Physics, 16(8):85008, 2014], a bipartite
entangled system could decohere if each particle traversed through a different
gravitational field gradient. We propose to study this effect in a ground to
space uplink scenario. We extend the above theoretical predictions of Ralph and
coworkers and discuss the scientific consequences of detecting/failing to
detect the predicted gravitational decoherence. We present a detailed mission
design of the European Space Agency's (ESA) Space QUEST (Space  Quantum
Entanglement Space Test) mission, and study the feasibility of the mission
schema.

We present a pilotassisted coherent intradyne reception methodology for
CVQKD with true local oscillator. An optically phaselocked reference tone,
prepared using carriersuppressed optical singlesideband modulation, is
multiplexed in polarisation and frequency to the 250 Mbaud quantum signal in
order to provide optical frequency and phase matching between quantum signal
and local oscillator. Our concept allows for high symbol rates and can be
operated at an extremely low excessnoise level, as validated by experimental
measurements.

We demonstrate how adversaries with unbounded computing resources can break
Quantum Key Distribution (QKD) protocols which employ a particular message
authentication code suggested previously. This authentication code, featuring
low key consumption, is not InformationTheoretically Secure (ITS) since for
each message the eavesdropper has intercepted she is able to send a different
message from a set of messages that she can calculate by finding collisions of
a cryptographic hash function. However, when this authentication code was
introduced it was shown to prevent straightforward ManInTheMiddle (MITM)
attacks against QKD protocols.
In this paper, we prove that the set of messages that collide with any given
message under this authentication code contains with high probability a message
that has small Hamming distance to any other given message. Based on this fact
we present extended MITM attacks against different versions of BB84 QKD
protocols using the addressed authentication code; for three protocols we
describe every single action taken by the adversary. For all protocols the
adversary can obtain complete knowledge of the key, and for most protocols her
success probability in doing so approaches unity.
Since the attacks work against all authentication methods which allow to
calculate colliding messages, the underlying building blocks of the presented
attacks expose the potential pitfalls arising as a consequence of nonITS
authentication in QKDpostprocessing. We propose countermeasures, increasing
the eavesdroppers demand for computational power, and also prove necessary and
sufficient conditions for upgrading the discussed authentication code to the
ITS level.

Cascade is an information reconciliation protocol proposed in the context of
secret key agreement in quantum cryptography. This protocol allows removing
discrepancies in two partially correlated sequences that belong to distant
parties, connected through a public noiseless channel. It is highly
interactive, thus requiring a large number of channel communications between
the parties to proceed and, although its efficiency is not optimal, it has
become the defacto standard for practical implementations of information
reconciliation in quantum key distribution. The aim of this work is to analyze
the performance of Cascade, to discuss its strengths, weaknesses and
optimization possibilities, comparing with some of the modified versions that
have been proposed in the literature. When looking at all design tradeoffs, a
new view emerges that allows to put forward a number of guidelines and propose
near optimal parameters for the practical implementation of Cascade improving
performance significantly in comparison with all previous proposals.

We propose a scheme for quantum key distribution (QKD) in a passive optical
network (PON) based on differential phase shift (DPS) coding. A centralized
station including all expensive components serves many users, making it
suitable for a true multiuser network in a local environment with moderate
distances on the order of a few kilometers. The emphasis lies on an asymmetric
design for cost effective implementation of network end points.

The appealing feature of quantum key distribution (QKD), from a cryptographic
viewpoint, is the ability to prove the informationtheoretic security (ITS) of
the established keys. As a key establishment primitive, QKD however does not
provide a standalone security service in its own: the secret keys established
by QKD are in general then used by a subsequent cryptographic applications for
which the requirements, the context of use and the security properties can
vary. It is therefore important, in the perspective of integrating QKD in
security infrastructures, to analyze how QKD can be combined with other
cryptographic primitives. The purpose of this survey article, which is mostly
centered on European research results, is to contribute to such an analysis. We
first review and compare the properties of the existing key establishment
techniques, QKD being one of them. We then study more specifically two generic
scenarios related to the practical use of QKD in cryptographic infrastructures:
1) using QKD as a key renewal technique for a symmetric cipher over a
pointtopoint link; 2) using QKD in a network containing many users with the
objective of offering anytoany key establishment service. We discuss the
constraints as well as the potential interest of using QKD in these contexts.
We finally give an overview of challenges relative to the development of QKD
technology that also constitute potential avenues for cryptographic research.

Single photon detectors are important for a wide range of applications each
with their own specific requirements, which makes necessary the precise
characterization of detectors. Here, we present a simple and accurate
methodology of characterizing dark count rate, detection efficiency, and
afterpulsing in single photon detectors purely based on their counting
statistics. We demonstrate our new method on a custommade, freerunning single
photon detector based on an InGaAs based avalanche photo diode (APD), though
the methodology presented here is applicable for any type of single photon
detector.

The ability to generate entangled photonpairs over a broad wavelength range
opens the door to the simultaneous distribution of entanglement to multiple
users in a network by using centralized sources and flexible
wavelengthdivision multiplexing schemes. Here we show the design of a
metropolitan optical network consisting of treetype access networks whereby
entangled photonpairs are distributed to any pair of users, independent of
their location. The network is constructed employing commercial offtheshelf
components and uses the existing infrastructure, which allows for moderate
deployment costs. We further develop a channel plan and a networkarchitecture
design to provide a direct optical path between any pair of users, thus
allowing classical and oneway quantum communication as well as entanglement
distribution. This allows the simultaneous operation of multiple quantum
information technologies. Finally, we present a more flexible backbone
architecture that pushes away the load limitations of the original network
design by extending its reach, number of users and capabilities.

Quantum Key Distribution (QKD) is maturing quickly. However, the current
approaches to its application in optical networks make it an expensive
technology. QKD networks deployed to date are designed as a collection of
pointtopoint, dedicated QKD links where nonneighboring nodes communicate
using the trusted repeater paradigm. We propose a novel optical network model
in which QKD systems share the communication infrastructure by wavelength
multiplexing their quantum and classical signals. The routing is done using
optical components within a metropolitan area which allows for a dynamically
anytoany communication scheme. Moreover, it resembles a commercial telecom
network, takes advantage of existing infrastructure and utilizes commercial
components, allowing for an easy, costeffective and reliable deployment.

We derive analytical expressions for the single mode quantum field state at
the individual output ports of a beam splitter when a singlephoton Fock state
and a coherent state are incident on the input ports. The output states turn
out to be a statistical mixture between a displaced Fock state and a coherent
state. Consequently we are able to find an analytical expression for the
corresponding Wigner function. Because of the generality of our calculations
the obtained results are valid for all passive and lossless optical four port
devices. We show further how the results can be adapted to the case of the
MachZehnder interferometer. In addition we consider the case for which the
singlephoton Fock state is replaced with a general input state: a coherent
input state displaces each general quantum state at the output port of a beam
splitter with the displacement parameter being the amplitude of the coherent
state.

Quantum key distribution (QKD) is the first quantum information task to reach
the level of mature technology, already fit for commercialization. It aims at
the creation of a secret key between authorized partners connected by a quantum
channel and a classical authenticated channel. The security of the key can in
principle be guaranteed without putting any restriction on the eavesdropper's
power.
The first two sections provide a concise uptodate review of QKD, biased
toward the practical side. The rest of the paper presents the essential
theoretical tools that have been developed to assess the security of the main
experimental platforms (discrete variables, continuous variables and
distributedphasereference protocols).

Quantum cryptographic technology (QCT) is expected to be a fundamental
technology for realizing longterm information security even against
asyetunknown future technologies. More advanced security could be achieved
using QCT together with contemporary cryptographic technologies. To develop and
spread the use of QCT, it is necessary to standardize devices, protocols, and
security requirements and thus enable interoperability in a multivendor,
multinetwork, and multiservice environment. This report is a technical
summary of QCT and related topics from the viewpoints of 1) consensual
establishment of specifications and requirements of QCT for standardization and
commercialization and 2) the promotion of research and design to realize
NewGeneration Quantum Cryptography.

A Quantum Key Distribution (QKD) network is an infrastructure capable of
performing longdistance and highrate secret key agreement with
informationtheoretic security. In this paper we study security properties of
QKD networks based on trusted repeater nodes. Such networks can already be
deployed, based on current technology. We present an example of a trusted
repeater QKD network, developed within the SECOQC project.
The main focus is put on the study of secure key agreement over a trusted
repeater QKD network, when some nodes are corrupted. We propose an original
method, able to ensure the authenticity and privacy of the generated secret
keys.

The European Space Agency (ESA) has supported a range of studies in the field
of quantum physics and quantum information science in space for several years,
and consequently we have submitted the mission proposal SpaceQUEST (Quantum
Entanglement for Space Experiments) to the European Life and Physical Sciences
in Space Program. We propose to perform spacetoground quantum communication
tests from the International Space Station (ISS). We present the proposed
experiments in space as well as the design of a space based quantum
communication payload.

A Quantum Key Distribution (QKD) network is currently implemented in Vienna
by integrating seven QKDLink devices that connect five subsidiaries of SIEMENS
Austria. We give an architectural overview of the network and present the
enabling QKDtechnologies, as well as the novel QKD network protocols.

In this paper we address a general parameter estimation methodology for an
extended biokinetic degradation model [1] for poorly degradable
micropollutants. In particular we concentrate on parameter estimation of the
micropollutant degradation submodel by specialised microorganisms. In this
case we focus on the case when only substrate degradation data are available
and prove the structural identifiability of the model. Further we consider the
problem of practical identifiability and propose experimental and related
numerical methods for unambiguous parameter estimation based on multiple
substrate degradation curves with different initial concentrations. Finally by
means of simulated pseudoexperiments we have found convincing indications that
the proposed algorithm is stable and yields appropriate parameter estimates
even in unfavourable regimes.