Analysing QBER and secure key rate under various losses

for satellite based free space QKD

Muskan∗, Ramniwas Meena†, Subhashish Banerjee‡
Department of Physics, Indian Institute of Technology, Jodhpur, India-342030
August 2023
arXiv:2308.01036v1 [quant-ph] 2 Aug 2023

Abstract
Quantum Key Distribution is a key distribution method that uses the qubits to safely dis-
tribute one-time use encryption keys between two or more authorised participants in a way
that ensures the identification of any eavesdropper. In this paper, we have done a comparison
between the BB84 and B92 protocols and BBM92 and E91 entanglement based protocols for
satellite based uplink and downlink in low Earth orbit. The expressions for the quantum bit
error rate and the keyrate are given for all four protocols. The results indicate that, when
compared to the B92 protocol, the BB84 protocol guarantees the distribution of a higher secure
keyrate for a specific distance. Similarly, it is observed that BBM92 ensures higher keyrate in
comparison with E91 protocol.

Keywords— Quantum cryptography, Quantum communication, Free space communication

1 Introduction
The most developed use of quantum communication is quantum cryptography [1–5] which offers a completely
secure coding mechanism. In order to provide secure quantum optical communication, quantum key distribu-
tion (QKD) uses the qubits to safely distribute one-time use encryption keys between two or more authorised
participants in a way that ensures the identification of any eavesdropper. Heisenberg’s uncertainty principle
and the quantum no-cloning principle provide assurance for QKD security [6, 7]. Essentially, a solution
to the key distribution problem is devised by leveraging these physical characteristics of the information
carrier to prevent eavesdropping. Any information obtained by an illegitimate third party about the ex-
changed key leads to a corresponding increase in the quantum bit error rate (QBER) of the transmitted data.

The concept of QKD was initially proposed in [8]. In [9], the first implementation of free space QKD
over a 30 cm optical link was demonstrated. Since then, significant research efforts have been dedicated
to developing this technology for future optical communication systems that support secure transmission of
critical information. While early experimental setups were capable of sending quantum signals over distances
of up to 100 km [10] using optical fiber links, the propagation limitations of optical fibers restricted QKD
over fibers to only a few hundred kilometers [11]. However, using free space links offers the potential to
extend these distances further [12,13]. Free space links leverage low absorption in specific wavelength ranges
∗ E-mail: [email protected]
† E-mail: [email protected]
‡ E-mail: [email protected]

1
and non-birefringent characteristics, ensuring the preservation of polarization. To fully harness the advan-
tages of free space communication, satellites are ideal [14]. By utilizing satellites in Earth satellite links,
the path within the atmosphere can be reduced to approximately 30 km (depending on satellite elevation).
Establishing a network of satellites would enable a physically secure global communication network, thereby
significantly expanding the range of QKD capabilities.

In the construction of a worldwide network, satellite-based quantum communication is crucial and ef-
fective [15–23]. Free space optical (FSO) communications are the focus of these satellite-based quantum
communication [24]. Free space QKD under atmospheric turbulence must be taken into account for the
successful implementation of satellite-based quantum communication[25],[26],[27],[28]. For earth-to-space
quantum communication to be possible, the connection attenuation must be less than 60 dB; quantum com-
munication is not practical above this number. The following situations between Earth and space have the
following link distances (L): Ground-LEO and LEO-ground link distances are 500-1400 km, ground-GEO and
GEO-ground link distances are above 360,000 km, and the LEO-LEO (intersatellite link) link distance is 2000
km. LEO-GEO link distance is 35,500 km, and the GEO-GEO link distance is 40,000 km. Ground-MEO
and MEO-ground link distances are 10000-30000 km, LEO-MEO link distance is 14000 km, MEO-MEO
(intersatellite link distance) is also around 14000 km and MEO-GEO link distance is around 15000 to 28000
km. [29]. Quantum communication still requires additional research to address problems with security, data
rate, and communication distance despite the huge success of QKD’s commercial applications in terms of
scientific advancement [24, 30–33].

The process of generating a secret key using QKD involves five essential steps: authentication [34, 35],
single photon transmissions, sifting, error correction, and privacy amplification [36]. Initially, a randomly
generated raw key is transmitted over the quantum channel to create secret key information. Following
this, the key information is exchanged over a public channel, resulting in the acquisition of the sifted key.
Subsequently, error correction and privacy amplification steps are employed. The purpose of the error cor-
rection step is twofold: it corrects any errors in the received information bits and provides an estimation of
the error rate. On the other hand, privacy amplification is implemented to distill a shorter yet significantly
more secure final key as desired.

When assessing the effectiveness of different QKD systems, two important criteria are considered: the
’QBER’ and the ’keyrate’. The QBER serves as an indicator of security and is crucial for evaluating the
performance of the link after error correction. If an unauthorized third party gains any knowledge about
the exchanged key, it leads to an increase in the QBER. A higher QBER means that the eavesdropper can
gather more information about the transmitted key, compromising the security of the legitimate recipient.
It is important to note that higher QBER values in QKD systems can lower the keyrate during the error
correction stage of the protocol. Therefore, it is desirable to have a low QBER and a higher keyrate in order
to ensure effective and secure communication. These are the parameters on which we have performed the
comparison between well known protocols BB84 and B92, along with entangled-based protocols BBM92 and
E91. We have calculated the QBER and keyrate for both the uplink and downlink scenarios, considering
different types of losses.
The paper is structured as follows: Sec.2 provides a concise analysis of the BB84, B92, BBM92, and E91
protocols. In Sec.3, we review different types of losses and their impact on the QBER for various protocols.
Next, in Sec.4, we introduce and analyze the QBER for different protocols. Sec.5 focuses on the keyrate
calculations for different protocols and examines blinding attacks specifically targeting entangled-based pro-
tocols. In Sec.6, we present numerical results and have discussions. The paper concludes with a summary
of the key points.

2 QKD Protocols
QKD protocols are the foundation of secure communication enabled by quantum mechanics. These protocols
establish a shared secret key between two parties, typically referred to as Alice and Bob, while ensuring that

2
any eavesdropping attempts are detectable. Several QKD protocols have been developed, each with its
unique approach to key generation and security guarantees. Here we briefly discuss the QKD protocols used
in this work:

2.1 BB84
The BB84 protocol is a QKD protocol, proposed in [8]. Its purpose is to enable two parties, tradition-
ally named Alice and Bob, to securely generate and share a secret cryptographic key that can be used
for subsequent communication. The protocol works by encoding information in quantum states, typically
using photons as the carrier of information. Alice sends a sequence of photons to Bob, with each photon
randomly prepared in one of four possible states, which are represented by two different orthogonal polar-
izations (e.g., horizontal/vertical or diagonal/anti-diagonal). Bob receives the photons and measures their
polarization using a randomly chosen basis, either horizontal/vertical or diagonal/anti-diagonal. Due to the
uncertainty principle of quantum mechanics, any attempt to eavesdrop on the communication would un-
avoidably introduce errors in the polarization measurements, allowing Alice and Bob to detect the presence
of an eavesdropper. After the transmission is complete, Alice and Bob compare a subset of their measure-
ment results to check for errors and potential eavesdropping. They discard any bits that have errors, and the
remaining bits form a shared secret key that can be used for subsequent communication, such as encrypting
and decrypting messages.

2.2 B92
The B92 protocol is another QKD protocol [37]. The B92 protocol is a simplified version of the BB84
protocol, requiring fewer quantum states to transmit information.
Alice sends a sequence of photons to Bob, with each photon randomly prepared in one of two possible
states, represented by two different orthogonal polarizations. Bob randomly chooses to measure the photons
in either the horizontal/vertical or diagonal/anti-diagonal basis. If Bob measures a photon with the same
polarization as Alice sent, he obtains a bit value of "0", while if he measures a photon with the orthogonal
polarization, he obtains a bit value of "1". If Bob measures a photon with the same polarization as Alice
sent, but with a different intensity, he does not obtain any bit value. After the transmission is complete,
Alice and Bob publicly disclose the basis used for each photon transmission. Alice and Bob compare a subset
of their measurement results to check for errors and potential eavesdropping. They discard any bits that
have errors, and the remaining bits form a shared secret key that can be used for subsequent communication.
The B92 protocol is simpler and faster than the BB84 protocol, but it is less secure, as an eavesdropper can
obtain information by manipulating the photon intensity without being detected. Despite this limitation,
the B92 protocol remains an important contribution to the field of quantum cryptography, as it illustrates
the potential for quantum information processing with a minimal set of resources.

2.3 E91
The E91 is a QKD protocol that is based on the idea of entanglement and is developed in [38].The procedure
operates as follows:
There is a source that distributes maximally entangled pairs of qubits to Alice and Bob, for example,
states of the type
1
|ψ − ⟩AB = √ (|01⟩AB − |10⟩AB ). (1)
2
Alice and Bob measure an observable that is randomly selected from the sets {Ai } and {Bi }, respectively,
for each of these bipartite states |ψ − ⟩AB . Figure 1 shows these observables, which are spin components
located in the Bloch sphere’s x-z plane. In general, these operators are defined as

Ai = cosφA A
i + sinφi (2)

Bi = cosφB B
i + sinφi (3)

3
Figure 1: Measurements directions for the Ekert protocol. The measurements are depicted in the
x-z plane of the Bloch sphere. On the left side are the three different measurements that Alice can
choose between, and on the right side Bob’s possible measurement directions are shown.

−π
with φA A π A π B B B π
1 = 0, φ2 = 2 , and φ3 = 4 for Alice and φ1 = 0, φ2 = 4 , φ3 = 4 for Bob. In terms of the
measurement operators Z = |0⟩⟨0| − |1⟩⟨1| and X= |+⟩⟨+| − |−⟩⟨−|, the measurements can also be written
as
A1 = Z B1 = Z
A2 = X B2 = √12 (Z − X) (4)
A3 = √12 (Z + X) B3 = √12 (Z + X).

The measurements of Alice and Bob, A1 and B1 as well as A3 and B3 , are taken in the same direction.
The next stage is for Alice and Bob to reveal the measurement directions they decided upon. The
pairs (A1 , B1 ) and (A3 , B3 ) are examples of those where the directions match, and they produce totally
anti-correlated outputs. The results of these measurements thus constitute the sifted key by inverting all
bits for one side. To determine how much knowledge an eavesdropper knows about the key, the results
from the measurement pairs (A1 , B3 ), (A1 , B2 ), (A2 , B3 ), and (A2 , B2 ) are employed. This is accomplished
by examining a supposedly CHSH inequality. The CHSH inequality is a limit on the expectation values of
some classical correlations. It is a component of a wider collection of inequalities known as Bell inequalities.
Assume you have the four standard random variables A1 , A2 , B2 , and B3 . Assume that each of them can
take either +1 or −1 as its value. It is simple to confirm that A1 (B3 + B2 ) + A2 (B3 − B2 ) = ±2 by simply
ruling out all other options. By taking the expectation value of these quantities over N assignments of the
random variables, we get
|⟨A1 (B3 + B2 ) + A2 (B3 − B2 )⟩| ≤ 2, (5)
1
P ν ν ν ν
where ⟨Ai Bj ⟩ = N Ai Bj , and Ai and Bj represent the assigned values ν to the random variables Ai and
Bi . We can now consider A1 , A2 , B2 , B3 to be quantum observables as described in the Ekert protocol. The
expectation value for their products is then given by

⟨Ai Bj ⟩ = T r(Ai ⊗ Bj ρ). (6)

4
Using the measurement directions defined in the Ekert protocol, we can evaluate their expectation values
with respect to the state ρ = |Ψ− ⟩⟨Ψ− |. For instance, the expectation value of A1 and B3 is
1 1
⟨A1 B3 ⟩ = ⟨Ψ− |(Z ⊗ √ (Z + X))|Ψ− ⟩ = − √ . (7)
2 2
In this way we can evaluate all terms in the sum of expectation values S and find that
√
S = 2 2. (8)

This indicates that Alice and Bob share a maximally entangled state because it violates the CHSH inequality,
derived above. A maximally entangled bipartite state cannot be entangled with a third party. Hence, Eve is
unaware of the key in this situation. In actuality, this is the greatest value of S that is possible. The CHSH
inequality can generally be violated even with smaller values of S. Eve might know something about the key
in this situation. As long as there is some violation of the CHSH inequality, it is still possible to extract a
secret key from this data. It is impossible to create a secret key, as demonstrated in [39], if S ≤ 2, which
denotes that Alice and Bob share a pair of separable states. If their measurement findings pass the test,
Alice and Bob can continue with the protocol and use privacy amplification along with error correction to
get the final secret key.

2.4 BBM92
BBM92 is an another entangled based protocol. The protocol was first proposed in 1992[40]. The protocol
makes use of pairs of entangled particles, known as EPR pairs, which are distributed between Alice and
Bob. Here’s how the BBM92 protocol works: Alice creates a set of EPR pairs and sends one particle from
each pair to Bob. Bob randomly measures each incoming particle using one of two bases: the standard basis
(Z-basis) or the Hadamard basis (X-basis). Alice tells Bob which basis she used to prepare each particle.
Bob discards all the measurements that were made in the wrong basis, and keeps the rest. Alice and Bob
publicly compare a subset of their remaining measurements to estimate the error rate. Alice and Bob use
the remaining measurements to generate a secret key by applying a reconciliation procedure and a privacy
amplification procedure. Alice and Bob can now use their secret key for secure communication. The BBM92
protocol is secure against eavesdropping because any attempt to measure the particles in transit will disturb
the entanglement and be detected by Alice and Bob. Additionally, the use of entangled pairs ensures that
any attempt to clone the particles will also be detected.

3 Different type of losses

In QKD, various types of losses can occur during the transmission and processing of quantum information.
These losses can have an impact on the performance and security of the QKD system. We describe here
various losses like geometrical loss, optical loss, and atmospheric losses including turbulence loss and scat-
tering loss. These losses are considered when calculating the QBER and key rate. These losses are factored
into the evaluation to determine their influence on the system’s performance and security.

3.1 Geometrical loss

Geometrical loss is a measure of the reduction in signal power as it propagates from a transmitter to a
receiver. It is determined by the ratio of the surface area of the receiver aperture to the surface area of
the transmitter beam at the receiver [41, 42]. The surface area of the transmitter beam is affected by its
divergence, which causes it to spread out as it travels through space. Therefore, geometrical loss is primarily
influenced by the divergence of the beam and the distance between the transmitter and receiver. The
geometrical loss can be determined by the formula stated as:

d2r
 
Geometrical loss = 10log , (9)
(dt + (Lθ))2

5
here dr represents diameter of the receiver (in m), dt represents diameter of the transmitter (in m), θ is
divergence angle of the beam (in mrad), L is the distance between transmitter and receiver.

3.2 Turbulence Loss-Induced Scintillation loss for Uplink and Downlink

Scintillations are characterized by sudden and rapid changes in the phase and amplitude of a wave. These
fluctuations occur due to the local and rapid variations in the refractive index of the medium through
which the wave is traveling. When laser radiation propagates through a turbulent medium, it experiences
both temporal and spatial fluctuations in irradiance, which are referred to as scintillation or atmospheric
turbulence-induced irradiance fluctuations [43]. This phenomenon is a consequence of the random and
irregular changes in the refractive index of the atmosphere that the laser beam encounters during propagation.
The scintillation index is the most commonly used measure to quantify the magnitude of scintillation

⟨I 2 ⟩ − ⟨I⟩2 ⟨I 2 ⟩
σI2 = = − 1, (10)
⟨I⟩ 2 ⟨I⟩2

where I signifies the optical wave’s irradiance and ⟨⟩ stands for the ensemble average, which is equivalent
to the long-time average if the process is assumed to be ergodic. The scintillation index in weak fluctuation
theory is proportional to the Rytov variance given by:

σ12 = 1.23Cn2 k7/6 L11/6 , (11)

where turbulence strength is measured by Cn2 , k = 2π λ

, is the optical wave number and L is the path
length between the communication transmitter and receiver. The value of Cn2 is assumed to remain constant
for horizontal paths up to a few kilometres, whereas for downlink (space-to-ground) or uplink (ground-to-
space) of altitude h has to be use. For vertical or slant path, the so-called Hufnagel-Vallely model is generally
regarded as representative of continental conditions [44].

3.2.1 Hufnagel-Valley Model

 v 2      
h h h
Cn2 (h) = 0.00594 (10−5 h)10 exp − + 2.7 × 10−16 exp − + A exp − , (12)
27 1000 1500 100
where A = Cn2 (0) is the ground-level of Cn2 and v is the rms wind speed. For our numerical calculations, we
have assumed v = 21m/s and A = 1.7 × 10−14 for the Cn2 (h) model.
Scintillation loss of the transmission system (in dB) is given by [45]:
1
asci = [3.3 − 5.77(− ln pthr ) 2 ](σI2 (D))0.4 , (13)

Here pthr is the probability that the receiver power falls below the limit. σI2 (D) is the aperature-averaged
scintillation index. This is the factor which includes the concept of uplink and downlink.
When it comes to the downlink of space-to-ground communications, the beam experiences distortion upon
entering the Earth’s atmosphere. The scintillation near the center of the received wave at ground level can
be effectively represented and modeled as a plane wave [46].
For downlink, the aperature averaged scintillation index for plane wave is given by:
 
12/5
0.49σ12 0.51σ12 (1 + 0.69σ1 )−5/6 
σI2 (D) = exp   7/6 + − 1, (14)

12/5 
12/5
1 + 0.65d2 + 1.11σ1 1 + 0.90d2 + 0.62d2 σ1

where σ12 is the Rytov variance for plane wave and is given by above Eq.(11). Also,
r
Kd2r
d= , (15)
4L

6
where dr is the receiver aperature size and K is the wave number. Further, L represents the distance between
the transmitter and receiver in a communication system.
For an uplink, where the atmospheric turbulence begins just outside the transmitting aperature, we can
assume a spherical wave and the expression for the aperatured average scintillation index for spherical wave
is given by:
 
12/5
0.49σ22 0.51σ22 (1 + 0.69σ2 )−5/6 
σI2 (D) = exp   7/6 + − 1, (16)

12/5 
12/5
1 + 0.18d2 + 0.56σ2 1 + 0.90d2 + 0.62d2 σ2

where σ22 is the Rytov variance for spherical wave and is given by:

σ22 = 0.4σ12 . (17)

3.2.2 Turbulence-Induced Beam Wandering Effect

In the context of the uplink scenario for FSO from the ground to a satellite, the transmitter is located close
to the Earth’s atmosphere, while the receiver is positioned in the far field. In this configuration, the size of
the transmitter beam is typically smaller than the outer scale of turbulence, known as L0 . Consequently, the
instantaneous point of maximum irradiance, often referred to as the "hot spot," will be displaced from its
original on-axis position. As a result, this displacement of the "hot spot" due to the beam size being smaller
than the eddies’ size can cause a pointing error, leading to the misalignment of the beam and missing the
intended target. When the eddies’ size is smaller than the beam size, only a small fraction of the beam will
undergo diffraction and scattering independently.
In Ground-to-Satellite FSO communication, the laser beam encounters random inhomogeneities in the at-
mosphere caused by fluctuations in the refractive index. These fluctuations are quantified by the refractive
index structure parameter, denoted as Cn2 (h), which characterizes the strength of turbulence in the atmo-
sphere at different heights above the ground. Obtaining accurate measurements of Cn2 (h) is crucial and can
be achieved by measuring parameters such as temperature (T ), pressure (P ), wind speed (V ), and spatial
fluctuations in temperature (∆T) along the propagation path [47]:
 
P
Cn2 = 79 × 10−6 2 CT2 , (18)
T
here CT2 is the temperature structure parameter which is determined by taking the measurements of mean
square temperature between two points separated by certain distance along the propagation path (in
deg 2 /m−2/3 ) and is expressed as:
CT2 = ⟨∆T 2 ⟩r−1/3 , (19)
where ∆T = T1 − T2 (T1 and T2 are the temperatures of two arbitrary points separated by a distance r)
and the angle bracket ⟨⟩ denotes an ensemble average. The Profile model of the refractive index structure
parameter (Cn2 (h)) describes how it varies with altitude (h). Turbulence in the atmosphere gives rise to the
formation of eddies with different refractive indices and sizes. In the FSO uplink scenario, when the beam
size is smaller than the outer scale of turbulence (L0 ), the entire beam undergoes random deflection from its
original path. This phenomenon, known as beam wander, results in a significant change in the direction of
the beam. The statistical characterization of the beam wander effect is represented by the variance of beam
wander displacement (⟨rc2 >⟩) and can be expressed as: [48]
 2  5/3
λ 2W0
< rc2 >= 0.54(H − h0 )2 sec2 (θ) , (20)
2W0 r0

where θ is the zenith angle, λ is the operating wavelength, W0 is the transmitter beam radius, H and h0
are the altitude of satellite and transmitter respectively. For ground based transmitter, h0 = 0 and satellite

7
altitude H = h0 + L(cos(θ)) where L is propagation length. The other parameter r0 is the atmospheric
coherence length (or Fried parameter) defined by:
 Z H −3/5
r0 = 0.423K 2 sec(θ) Cn2 (h)dh , (21)
h0

where K is the optical wave number.

The beam wander effect will lead to effective pointing error of the beam σP e given as[48]
" 1/6 #
Cr2 W02 /r02

2 2
σP e =< rc > 1 − . (22)
1 + Cr2 W02 /r02

In the above equation, the parameter Cr is a scaling constant typically in the range from 1 to 2π. The
pointing error induced by beam wander contributes to an increase in the scintillation index, which differs
from the prediction of conventional Rytov theory [49]. In the first-order Rytov theory, the scintillation index,
denoted as σI2 , is expressed as the sum of longitudinal σI,l
2 2
and radial σI,r (r, l) components. However, when
2
accounting for the beam wander effect in FSO uplink scenarios, the increase in σI,l (L) should be considered.
This is because the effect of beam wander can cause slight flattening of the beam and an increase in the
long-term beam profile near the bore-sight.

The Scintillation produced by beam wander effect is expressed as:

 5/3 
2 2W0 αP e 2
σI,l (L) = 5.95(H − h0 )2 sec2 (θ) . (23)
r0 W
In the above equation, αP e = σP e /L is the angular pointing error due to beam wander effect.

3.3 Scattering loss

The primary factors contributing to loss in the atmospheric channel are absorption and scattering processes
[50]. Absorption in the atmosphere occurs when the photons of the beam interact with dispersed particles
such as water vapors, dust, ice, and organic molecules. However, it’s important to note that atmospheric
absorption is dependent on the wavelength of the beam. To minimize absorption effects, the wavelength
range of FSO communication systems is carefully selected to ensure minimal absorption.
Scattering refers to the phenomenon where a beam of radiation is dispersed into various directions due to
physical interactions.
Rayleigh scattering occurs when molecules and atmospheric gases scatter light with sizes significantly smaller
than the wavelength of the incident light. Mie scattering occurs when the diameter of particles is equal to
or larger than one-tenth of the wavelength of the incident laser beam. In the context of FSO at terrestrial
altitudes, Mie scattering is the primary cause of attenuation at the laser wavelengths used. Fog and haze
droplets, which dominate the Mie-scattering effect, are responsible for the significant attenuation of trans-
mitted optical beams in free space. Non-selective scattering refers to the scattering phenomenon caused by
rainfall, where the radius of raindrops is considerably larger than the wavelength of typical FSO systems.
Due to this size difference, the laser beam is capable of passing through raindrops or particles with minimal
scattering effects. Hence attenuation is mainly due to Mie-scattering.
The measurement of atmospheric visibility provides a valuable indication of the prevailing environmental
conditions in the atmosphere. Visibility is the distance that a parallel luminous beam can travel through the
atmosphere until its intensity decreases by 2% of its original value. This measurement is conducted using a
wavelength of 550 nm, which corresponds to the wavelength that the human eye is most sensitive to.
Mie scattering theory can be utilized to predict the attenuation caused by fog. The specific attenuation of
fog given by common empirical model for Mie scattering -
 −P
3.91 λ
βf og (λ) = , (24)
V 550

8
Where V(km) stands for visibility range, λ(nm) is the operating wavelength and P is the size distribution
coefficient of scattering. According to Kruse Model [51]
 
 1.6 V > 50km 
P = 1.3 6km < V < 50km . (25)
0.585V 1/3 V < 6km
 

The formula mentioned above for specific attenuation of fog does not account for dense fog conditions. Recent
investigations have revealed that wavelength dependency is absent when visibility decreases below 500m. As
a result, the parameter "P" in the Kim formula [51] has been adjusted accordingly to accommodate these
findings. The modified formula is as follows:
 

 1.6 V > 50km 

1.3 6km < V < 50km 

 
 
P = 0.16V + 0.34 1km < V < 6km . (26)
V − 0.5 0.5km < V < 1km 

 

 

0 V < 0.5km
 

As Ta = exp(−σL).
In terms of scattering coefficient above equation can be written as:-

Ta = exp(−βf og L). (27)

3.4 Optical loss

The optical losses in FSO systems are primarily attributed to imperfections in the optical elements utilized
at the transmitter (ηt ) and receiver (ηr ). The losses are expressed in decibels (dB) and can be calculated
using the formula described in the [52]
Lopt = 10log(ηt ηr ). (28)

4 QBER
The QBER is a measure of the ratio of incorrect bit counts to the total number of received bit counts. It
is used to quantify the probability of obtaining a false detection in comparison to the total probability of
detection per pulse. The QBER is influenced by two main components: the signal component and the dark
count component. It is assumed that the channel is an exponentially decaying function of distance. Thus,
channel transmission Tchan can be written as

Tchan = 10−σ.L/10 , (29)

where σ is loss coefficient. It includes all types of above calculated losses.

4.1 QBER for BB84

In BB84 protocol, the QBER can be calculated as [53]:
pdark
e84 = ppol + , (30)
µ.Tchan .ηdet .2
where ppol is the probability of a photon arriving at the wrong detector, leading to false identification of
1−V
polarization and is given by ppol = 2 f where Vf is fringe visibility, pdark is the probability of a dark count
registered in a detector, Tchan is the transmittance of the free space channel, µ is the mean photon number
of the signal, and ηdet is the quantum efficiency of the detector.

9
4.2 QBER for B92
The B92 protocol utilizes basis states to determine the code values. This results in 50% of cases using the
same basis for coding and decoding, and 50% detecting differences in used bases. The number of usable bits
equals 25% of the total received bits. The QBER parameters for the B92 protocol are as follows [53]:
pdark
e92 = ppol + . (31)
µ.Tchan .ηdet
Here pdark is the probability of dark count, µ is the average number of photons in a pulse, Tchan is the
transmittance of the channel, ηdet is the quantum efficiency of the detector and ppol is the probability of a
1−V
photon arriving at the wrong detector and ppol = 2 f .

4.3 QBER for BBM92

The QBER for BBM92 depends on various factors such as the properties of the quantum channel, the
quality of the detectors used, and the presence of any eavesdroppers. In the assumed model, the channel is
characterized as an exponential decay function with respect to distance. As a result, the transmission of the
channel, denoted as Tchan , can be expressed as follows

Tchan = 10−σ.L/10 , (32)

where σ is loss coefficient. In one beam splitter with transmission, we combine all losses to each receiver
from the channel, detectors, and optics.

αL = ηdet .Tchan (L). (33)

The parameter ηdet represents the cumulative effect of distance-independent losses within the system. The
coincidence probability is divided into two components: ptrue , which denotes the probability of a genuine
coincidence between a pair of entangled photons and pf alse , which represents the probability of a false
coincidence. In an ideal source, false coincidences can only arise from a combination of a photon and a dark
count or two dark counts [11]. When dual fire events are insignificant, the following expression holds in the
limit:-
pcoin = ptrue + pf alse . (34)
We must choose a location for the source. Setting the source at a distance of L − x from Bob and x from
Alice, we get
ptrue = αx αL−x = ηdet αL , (35)
pf alse = 4αx d + 4αL−x d + 16d2 . (36)
Keeping only terms which are second order in αx and d, it can be observed that the probability of a true
coincidence remains constant with respect to x, while the false coincidence rate changes. By performing
a straightforward optimization, it can be determined that the false coincidence rate reaches its minimum
value at a distance halfway between Alice and Bob. The value of this minimum false coincidence rate can
be calculated using the given formula:

pf alse = 8αL/2 d + 16 d2 . (37)

The QBER is given by

pf alse /2 + b ptrue
eM 92 = . (38)
pcoin

10
4.4 QBER for E91
QBER for E91 is given by [11]
pf alse /3 + b ptrue
e91 = labele91. (39)
pcoin
where 31 factor is used because in E91 we use three bases, while in BBM 92 we use two therefore the 1
2
factor
in Eq.(38).

5 Keyrate
Key rate, in the context of QKD, refers to the rate at which a secure cryptographic key can be generated
and shared between two communicating parties, typically referred to as Alice and Bob. It quantifies the
speed or efficiency at which error-free key bits can be securely exchanged and determines the practicality
and effectiveness of a QKD system. The key rate is measured in bits per second (bps) and is influenced by
factors such as the quality of transmitted quantum states, detection efficiency, channel losses, and potential
eavesdropping attempt. The key rate serves as a benchmark for evaluating the effectiveness and practicality
of protocols using QKD. In the calculation of key rate, the QBER is considered, which includes all types
of losses discussed earlier. The QBER, denoted by e, incorporates the effects of various losses, including
geometrical loss, optical loss, atmospheric losses like turbulence loss and scattering loss, and other factors
that impact the security and performance of the QKD system are discussed above. By accounting for these
losses in the QBER, the key rate provides a comprehensive assessment of the utility and efficiency of QKD
protocols.

5.1 Keyrate for BB84

The secure key generation rate against PNS attack for the BB84 protocol is given by [54]:
1
RBB84 = Pclick (1 − τ ′ + F (e84 )h(e84 )). (40)
2
and  
e84
τ′ = τ , (41)
β
Pclick −P ′
where β security parameter defined as β = Pc lick
and
µ2 1 µ3
P ′ = 1 − (1 + µ + + ) exp(−µ). (42)
2 2 6

F (e84 ) is error correction efficiency , τ is fraction of the key to be discarded during privacy amplification,
τ (e84 )= log(1 + 4e84 − 4e284 ) if e84 < 1/2 and τ (e84 ) = 1 if e84 > 1/2, And h(e84 ) is binary shannon entropy
given by
h(e84 ) = −e84 log2 −(1 − e84 ) log2 (1 − e84 ). (43)
In the context of the standard BB84 protocol, an essential parameter of interest is the system’s signal, which
is commonly referred to as Pclick . This quantity represents the overall anticipated probability that Bob will
observe the detection of a photon during a specific pulse. Typically, Pclick is determined by considering
two distinct sources that can independently trigger a detection event. These sources encompass photons
transmitted by Alice and background dark counts [55].

Pclick = psignal + pdark − psignal pdark . (44)

The probability of Bob’s detector firing due to a photon emitted by Alice’s source is denoted as psignal . On
the other hand, pdark represents the probability of a dark count occurring in Bob’s detector. Since each of

11
Bob’s detectors has a specific probability of dark counts per time slot in the absence of a real signal, the
cumulative contribution of dark counts to the detection event is determined by the following relationship:
pdark = 4d. (45)
The presence of dark counts in the detection process is primarily determined by the characteristics of the
detectors. Dark counts tend to become more significant when the probability of Bob’s detector firing due to
a photon from Alice’s source, psignal is small. Dark counts can arise from various sources such as thermal
fluctuations in the detector and stray counts. In the equation mentioned above, the coefficient 4 is present
because there are four detectors in the passive module, indicating that the dark count is four times larger
than the parameter D. In addition, the number of dark counts occurring within the measurement time
window can be expressed as four times larger than D. Furthermore, the dark count per measurement time
window is given by a number of dark counts per measurement window:
d = Dtw . (46)
The equation mentioned above relates the dark counts per measurement time window to the dark count rate
of the detectors, represented by D, and the duration of the measurement time window, denoted as tw . It is
important to note that the expression assumes the neglect of simultaneous occurrences of signal and dark
count events when both psignal and pdark are small.
Additionally, it is important to emphasize that QKD systems are implemented either using fiber optics or
free space channels. As the channel of interest here, we consider the free space link. The atmospheric
channel is susceptible to a variety of undesirable transmission phenomena, including atmospheric scattering,
absorption and turbulence. These phenomena can result in photon losses during the propagation, leading
to a condition known as decoherence. Decoherence poses a significant challenge in achieving successful free
space QKD. Therefore, in addition to the Pclick parameter, the total transmission efficiency becomes another
important figure of interest. In the case of a free space channel with relatively high link loss, the contribution
of the signal to the detection event is greatly influenced by the total transmission efficiency ηtot , which can
be formulated as:
ηtot = Tchan ηdet , (47)
where Tchan is the quantum channel transmission and ηdet is the detector efficiency. Depending on the link
scenario, Tchan can be AGS−GS
atm , AGS−SL
atm , ASL−SL
atm .
In the context of satellite-to-ground (downlink), the light signal emitted from the satellite travels through
a relatively long vacuum distance before encountering the unpredictable and troublesome atmosphere. On
the other hand, in the case of ground-to-satellite (uplink), the beam spreading effect caused by turbulence
occurs primarily in the initial part of the path. In contrast, when it comes to satellite-to-satellite links,
turbulence does not occur at all. The atmospheric losses in a point-to-point link can be given by [55]:
AGS−GS
atm = exp(−σL), (48)
where σ is used to denote the attenuation coefficient of light signal after passing through the atmosphere.
The quantum channel transmission of both ground-to-satellite and satellite-to-ground links, excluding the
point-to-point link, can be calculated as:
B
AGS−SL
atm
θ
= Tchan . (49)
In the Ground-to-Satellite direction, Bθ is the Zenith angle, and Tchan is atmospheric transmission at Zenith
angle. In the scenario of a Satellite-to-Satellite link, where there is no atmosphere present, the channel
attenuation is provided as:
ASL−SL
atm = 1. (50)
In general, photon sources are governed by the Poisson probability distribution. Utilizing the charac-
teristic of laser pulses following the Poisson number distribution, the distribution of photon pulses can be
mathematically represented as follows:
µn
P (n, µ) = exp(−µ). (51)
n!

12
The Poisson probability distribution, denoted as P (n, µ) , characterizes the distribution of photons in each
weak laser pulse emitted by the transmitter, assuming that there are n photons in a pulse. The parameter
µ represents the average number of photons per weak laser pulse.
During the process of communication, the photons being transmitted encounter various disturbances and
alterations in the channel. These disturbances encompass phenomena such as reflection, absorption, and
scattering. In order to understand how these undesirable channel characteristics affect the transmitted
photon pulses, the binomial probability distribution rule is applied. Accordingly, when photons propagate
through the channel, the probability of registering at least one photon at the receiver can be expressed using
the probability distribution
n
X
Pn ≥ 1 = Cnk .(1 − ηtot )n−k = 1 − (1 − ηtot )n . (52)
k=1

Additionally, the quantum channel efficiency ηQchann can be calculated by multiplying Eqs.(51)and (52)
together. Quantum channel efficiency is given by ηQchann
∞
X
ηQchann = P (n, µ)Pn ≥ 1,
n=1
∞
X µn
= exp(−µ) [1 − (1 − ηtot )n ],
n=1
n!
= 1 − exp(1 − ηtot )n . (53)

Based on the behaviour of psignal ,

psignal = 1 − exp(−µηtot ), (54)
Pclick diminishes with increasing distance between the remote communicating parties. In the above expres-
sion, the symbol µ represents the average number of photons per pulse. In the case of an ideal single photon
source, µ is equal to 1. However, for a Poisson source, µ becomes a variable that requires optimization.
The arrival of single photon signals at Bob’s detector site is influenced by the overall probability of ηtot due
to losses in the quantum channel. These single photon signals, when detected, contribute to the detection
process.

5.2 Keyrate for B92

The secure key generation rate of the B92 protocol against photon number splitting attack can be formulated
as [54]:
1
RB92 = Pclick {(1 − τ ′ + F (e92 )h(e92 ))}. (55)
4
In B92, only 25% of the bits transmitted will be detected by Bob, i.e., only 25% of the raw key bits should
be kept. Hence 14 is the Sifting Factor. All the other expressions are defined in Sec.5.1.

5.3 Keyrate for BBM92

The keyrate for BBM92 protocol against double blinding attack is given by [11]:
pcoin
RBBM 92 = {τ (eM 92 ) + f (eM 92 )(eM 92 log2 (eM 92 ) + (1 − eM 92 )log2 (1 − eM 92 ))}, (56)
2
τ is fraction of the key to be discarded during privacy amplification, f (eM 92 ) is error correction factor, pcoin
is the coincidence probability which has already been explained in Sec.4.3.

13
5.3.1 Blinding Attacks: (Single and Double Blinding Attacks)
In the context of the BBM92 protocol, the existing blinding attack are of the intercept and resend type.
In this type of attack, a malicious entity, often referred to as Eve, intercepts the signal that was originally
intended for Bob. Eve then proceeds to perform measurements using random bases in order to obtain the
raw key, just as Bob would have done in the intended communication process. To conceal her presence,
Eve forwards a signal to Bob whenever she successfully obtains a measurement result. This signal ensures
that Bob receives an identical outcome, while in the case of diagonal alignment, no detection occurs at all.
In practical implementation using QKD devices [56], Eve employs techniques to blind Bob’s detectors to
single-photon detection. She achieves this by manipulating the detectors to shift from Geiger mode to linear
mode, where a detector only registers a click if the incoming signal intensity exceeds a preset discriminator
threshold, denoted as Ith . After each detection, Eve sends a bright pulse with linear polarization aligned to
her own measurement result. When Eve and Bob randomly select identical measurement bases, the pulse
deterministically generates a click in one of Bob’s detectors. This ensures that Bob’s measurement outcomes
match those of Eve because the pulse is either fully reflected or transmitted at Bob’s polarizing beamsplitter.
However, to prevent double counting and incorrect results when Eve and Bob randomly select bases that
are diagonal to each other, Eve adjusts the intensity of the pulses to be lower than twice the threshold
intensity of the detectors. Consequently, the pulse is split in half at Bob’s polarizing beamsplitter, resulting
in an output that is insufficient to surpass the threshold and produce a click in either of Bob’s detectors.
The objective of the attack is for Eve to obtain an exact replica of Bob’s key at the conclusion of the raw
key distribution process. If Alice and Bob are sufficiently satisfied with the measured QBER on a subset
of the key, Eve can eavesdrop on the error correction protocol that Alice and Bob employ. By performing
the same operations as Bob during the error correction phase, Eve can successfully acquire an exact copy of
the sifted key in the end. One limitation of single-blinding attacks is that, on average, Bob’s resulting key
size is reduced by half compared to what he would have obtained without the attack. This reduction occurs
because approximately half of the time, the randomly chosen measurement bases of Eve and Bob turn out
to be diagonally opposite to each other. Consequently, Bob’s detectors do not register any clicks in such
cases. Therefore, the efficiency of this attack, by design, is fundamentally limited to 50% on Bob’s side.
Here the proposed double-blinding attack involves a similar implementation to the single-blinding attack,
but with the key difference that Eve blinds all detectors on both sides instead of just Bob’s detectors.
Due to the double-blinding attack, Alice and Bob are unable to detect the presence of Eve, resulting in a
complete elimination of information leakage. In other words, the measure of information leakage, denoted
as τ becomes zero in this scenario.

5.4 Keyrate for E91

pcoin
RE91 = {τ (e91 ) + f (e91 )(e91 log2 (e91 ) + (1 − e91 )log2 (1 − e91 ))}, (57)
3
here 13 is Sifting Factor because we use three basis in E91. The parameters used in Eq.(57) have been
described above.

6 Numerical Results and Discussion

We have done a comparison between the BB84 and B92 Protocols for both the uplink and downlink com-
munication scenarios. Our focus is to examine the relationship between channel length and two key metrics:
the QBER and the keyrate. The simulated results, depicted in Fig.2 and Fig.3 showcase these dependencies
under two different zenith angles: 0◦ and 45◦ , for both the uplink and downlink scenarios.
Further, we have done comparison for BBM92 and E91 protocols, which are entanglement-based proto-
cols, for both the uplink and downlink scenarios at two distinct Zenith angles: 0◦ and 45◦ . The outcomes
of this comparison are illustrated in Fig.4 and Fig.5 below.

14
 0.14 BB84_up BB84_down
B92_up B92_down
BB84_up_45 0.10 BB84_down_45
0.12 B92_up_45 B92_down_45

0.10 0.08

0.08
Qber

Qber
0.06

0.06
0.04
0.04

0.02 0.02

200 400 600 800 1000 200 400 600 800 1000
L(km) L(km)

(a) (b)

Figure 2: (a) Comparison of QBER for BB84 and B92 protocols with distance for uplink at 0◦ and
45◦ zenith angles, (b) Comparison of QBER for BB84 and B92 protocols with distance for downlink
at 0◦ and 45◦ zenith angles. The bold curves represent 0◦ zenith angle and the dash curves represent
45◦ zenith angle.

8000
5000 BB84_up BB84_down
B92_up 7000
B92_down
BB84_up_45 BB84_down_45
4000
B92_up_45 B92_down_45
6000

5000
Keyrate(bps)

Keyrate(bps)

3000
4000

2000 3000

2000
1000
1000

0 0
200 400 600 800 1000 200 400 600 800 1000
L(km) L(km)

(a) (b)

Figure 3: (a) Comparison of keyrate for BB84 and B92 protocols with distance for uplink at 0◦ and
45◦ zenith angles, (b) Comparison of keyrate for BB84 and B92 protocols with distance for downlink
at 0◦ and 45◦ zenith angles. The bold curves represent 0◦ zenith angle and the dash curves represent
45◦ zenith angle.

15
 0.6 0.6

0.5 0.5

0.4 0.4
Qber

Qber
0.3 0.3

0.2 E91_up 0.2 E91_down

BBM92_up BBM92_down
E91_up_45 E91_down_45
0.1 BBM92_up_45 0.1 BBM92_down_45
200 400 600 800 1000 200 400 600 800 1000
L(km) L(km)

(a) (b)

Figure 4: (a) Comparison of QBER for BBM92 and E91 protocols with distance for uplink at 0◦
and 45◦ zenith angles , (b) Comparison of QBER for BBM92 and E91 protocols with distance for
downlink at 0◦ and 45◦ zenith angles. The bold curves represent 0◦ zenith angle and the dash curves
represent 45◦ zenith angle.

E91_up 100000 E91_down

60000 BBM92_up BBM92_down
E91_up_45 E91_down_45
50000 BBM92_up_45 80000 BBM92_down_45

40000 60000
Keyrate(bps)

Keyrate(bps)

30000
40000
20000
20000
10000

0 0
200 400 600 800 1000 200 400 600 800 1000
L(km) L(km)

(a) (b)

Figure 5: (a) Comparison of keyrate for BBM92 and E91 protocols with distance for uplink at 0◦
and 45◦ zenith angles, (b) Comparison of keyrate for BBM92 and E91 protocols with distance for
downlink at 0◦ and 45◦ zenith angles. The bold curves represent 0◦ zenith angle and the dash curves
represent 45◦ zenith angle.

16
QBER Performance:
Based on the QBER expression for QKD link, we have done numerical simulations for laser links between
a ground station and a satellite in low Earth orbit. Our simulations have been carried out at an operating
wavelength of 800 nm, with an average photon number µ = 1 for BB84 and B92 protocols and an ideal
entangled photon source for BBM92 and E91 protocols. The plots shown in Fig.2 and Fig.4 demonstrates
that the QBER tends to increase as the distance between the ground station and the satellite increases.
The QBER exhibits a rising trend with increasing distance for both the uplink and downlink scenarios.
Moreover, when comparing the uplink and downlink scenarios, it is evident that the QBER values are
consistently higher in the uplink for all the aforementioned protocols.
As expected, the introduction of additional losses in the quantum channel leads to an increase in the
QBER values. This relationship is clearly observed in the Fig.2 and Fig.4 by varying the communication
distance. We have calculated QBER for 0◦ and 45◦ zenith angles and observed that the QBER is lower
for the 0◦ zenith angle compared to the 45◦ zenith angle. This difference can be attributed to the shorter
distance associated with the 0◦ zenith angle, as opposed to the longer distance at the 45◦ zenith angle. The
reduced distance at 0◦ zenith angle result in lower losses and improved signal quality, leading to a lower
QBER. By analyzing the obtained QBER values, it has been observed that the BB84 protocol exhibits
greater stability against the channel losses compared to the B92 protocol. Similarly, comparison between
BBM92 and E91 protocols reveals that E91 has more QBER than BBM92.

Keyrate Performance:
In Fig.3 and Fig.5, the keyrate is plotted as a function of distance. In our numerical analysis, different
parameters are carefully considered, among which are the dark count rate of the detector set to 4 × 10−8 , the
repetition rate of the laser source is 10M Hz. Moreover, as previously stated, this repetition rate is chosen
because it is the maximum achievable with existing APD detectors available. A comparison between BB84
and B92 protocols reveals that BB84 exhibits a higher key rate and hence more stable.
Fig.5(a) depicts the key generation rate as a function of distance for Ground-to-Satellite communication
and Fig.5(b) shows the key generation rate as a function of distance for Satellite-to-Ground for BBM92 and
E91 protocols. The obtained keyrate brings out that BBM92 protocol is more stable against channel loss as
compared to E91 protocol.

7 Conclusion
We have compared the performance of the BB84 and B92 protocols as well as BBM92 and E91 Entangled
based protocols for laser links between a ground station and a satellite in low Earth orbit. The QBER
calculation was done using above mentioned losses for all four protocols. The expressions for the quantum
keyrate were given for the ideal single photon sources for BBM92 and E91 protocols with some modifications.
Similarly, the expressions for the quantum keyrate were given for the single photon sources for BB84 and B92
protocols with some modifications. On this basis, an evaluation of the quantum keyrate including various
losses for the laser links between a ground station and a satellite for both uplink and downlink in the low
earth orbit were performed at 0◦ and 45◦ zenith angles. It was observed that 0◦ zenith angle has more keyrate
than 45◦ zenith angle in both uplink and downlink scenarios. This indicates that the shorter distance and
associated reduced losses at the 0◦ zenith angle contribute to an increased key rate in the communication
between the ground station and the satellite. Also the presented theoretical analysis results show that BB84
protocol can ensure the distribution of high secure keyrate for a given distance in comparison to the B92
and BBM92 ensures higher keyrate for a given distance in comparison to E91 protocol.

Acknowledgements
The author would like to thank CSIR for the fellowship support. SB acknowledges support from Interdis-
ciplinary Cyber Physical Systems (ICPS) programme of the Department of Science and Technology (DST),

17
India, Grant No.:DST/ICPS/QuST/Theme-1/2019/6. SB also acknowledges the valuable contribution of
the Defense Research and Development Organization (DRDO).

Declarations
The authors declare no conflicts of interest related to this research.

Data Availability Statement

Data sharing is not applicable to this article as no datasets were generated or analyzed during the current
study.

References
[1] Anirban Pathak. Elements of quantum computation and quantum communication. CRC Press Boca
Raton, 2013, Chapter-8.
[2] Arockia Bazil Raj, Vishal Sharma, and Subhashish Banerjee. Principle and applications of free space
optical communication. IET, UK, 2019.
[3] Dagmar Bruss, Gábor Erdélyi, Tim Meyer, Tobias Riege, and Jörg Rothe. Quantum cryptography: A
survey. ACM Computing Surveys (CSUR), 39(2):6–es, 2007.
[4] S. Pirandola, U. L. Andersen, L. Banchi, M. Berta, D. Bunandar, R. Colbeck, D. Englund, T. Gehring,
C. Lupo, C. Ottaviani, J. L. Pereira, M. Razavi, J. Shamsul Shaari, M. Tomamichel, V. C. Usenko,
G. Vallone, P. Villoresi, and P. Wallden. Advances in quantum cryptography. Advances in Optics and
Photonics, 12(4):1012, dec 2020.
[5] Nicolas Gisin, Grégoire Ribordy, Wolfgang Tittel, and Hugo Zbinden. Quantum cryptography. Rev.
Mod. Phys., 74:145–195, 2002.
[6] William K. Wootters and Wojciech H. Zurek. A single quantum cannot be cloned. Nature, 299:802–803,
1982.
[7] N Srinatha, S Omkar, R Srikanth, Subhashish Banerjee, and Anirban Pathak. The quantum crypto-
graphic switch. Quantum information processing, 13:59–70, 2014.
[8] Charles H Bennett and Gilles Brassard. Quantum cryptography: Public key distribution and coin
tossing. arXiv preprint arXiv:2003.06557, 2020.
[9] Charles H. Bennett, François Bessette, Gilles Brassard, Louis Salvail, and John A. Smolin. Experimental
quantum cryptography. Journal of Cryptology, 5:3–28, 1991.
[10] W. T. Buttler, R. J. Hughes, P. G. Kwiat, S. K. Lamoreaux, G. G. Luther, G. L. Morgan, J. E. Nordholt,
C. G. Peterson, and C. M. Simmons. Practical free-space quantum key distribution over 1 km. Phys.
Rev. Lett., 81:3283–3286, 1998.
[11] Edo Waks, Assaf Zeevi, and Yoshihisa Yamamoto. Security of quantum key distribution with entangled
photons against individual attacks. Phys. Rev. A, 65:052310, 2002.
[12] Tobias Schmitt-Manderbach, Henning Weier, Martin Fürst, Rupert Ursin, Felix Tiefenbacher, Thomas
Scheidl, Josep Perdigues, Zoran Sodnik, Christian Kurtsiefer, John G. Rarity, Anton Zeilinger, and
Harald Weinfurter. Experimental demonstration of free-space decoy-state quantum key distribution
over 144 km. Phys. Rev. Lett., 98:010504, 2007.
[13] Kishore Thapliyal, Anirban Pathak, and Subhashish Banerjee. Quantum cryptography over non-
markovian channels. Quantum Information Processing, 16:1–21, 2017.
[14] Vishal Sharma and Subhashish Banerjee. Analysis of atmospheric effects on satellite-based quantum
communication: a comparative study. Quantum Information Processing, 18:1–24, 2019.

18
[15] Theresa H Carbonneau and David Roger Wisely. Opportunities and challenges for optical wireless: the
competitive advantage of free space telecommunications links in today’s crowded marketplace. Wireless
Technologies and Systems: Millimeter-Wave and Optical, 3232:119–128, 1998.
[16] Charles H Bennett, François Bessette, Gilles Brassard, and Louis Salvail. J.Smolin,“Experimental
quantum cryptography”. J. Cryptol, 5(1):3–28, 1992.
[17] Hugo Zbinden, Nicolas Gisin, Bruno Huttner, Antoine Muller, and Wolfgang Tittel. Practical aspects
of quantum cryptographic key distribution. Journal of Cryptology, 13:207–220, 2000.
[18] PCM Owens, JG Rarity, PR Tapster, D Knight, and PD Townsend. Photon counting with passively
quenched germanium avalanche. Applied Optics, 33(30):6895–6901, 1994.
[19] Kevin J Resch, M Lindenthal, B Blauensteiner, HR Böhm, A Fedrizzi, C Kurtsiefer, A Poppe,
T Schmitt-Manderbach, M Taraba, R Ursin, et al. Distributing entanglement and single photons
through an intra-city, free-space quantum channel. Optics Express, 13(1):202–209, 2005.
[20] Dominic Mayers. Unconditional security in quantum cryptography. Journal of the ACM (JACM),
48(3):351–406, 2001.
[21] Andrew Shields and Zhiliang Yuan. Key to the quantum industry. Physics World, 20(3):24, 2007.
[22] Mehrdad S Sharbaf. Quantum cryptography: An emerging technology in network security. In 2011
IEEE International Conference on Technologies for Homeland Security (HST), pages 13–19. IEEE,
2011.
[23] WT Buttler, RJ Hughes, Paul G Kwiat, SK Lamoreaux, GG Luther, GL Morgan, JE Nordholt, CG Pe-
terson, and CM Simmons. Practical free-space quantum key distribution over 1 km. Physical Review
Letters, 81(15):3283, 1998.
[24] Christian Kurtsiefer, P Zarda, M Halder, Ph M Gorman, Paul R Tapster, JG Rarity, and Harald
Weinfurter. Long-distance free-space quantum cryptography. In Quantum Optics in Computing and
Communications, volume 4917, pages 25–31. SPIE, 2002.
[25] Vishal Sharma, Chitra Shukla, Subhashish Banerjee, and Anirban Pathak. Controlled bidirectional
remote state preparation in noisy environment: a generalized view. Quantum Information Processing,
14:3441–3464, 2015.
[26] Jasminder S Sidhu, Siddarth K Joshi, Mustafa Gündoğan, Thomas Brougham, David Lowndes, Luca
Mazzarella, Markus Krutzik, Sonali Mohapatra, Daniele Dequal, Giuseppe Vallone, et al. Advances in
space quantum communications. IET Quantum Communication, 2(4):182–217, 2021.
[27] Sebastian Ecker, Bo Liu, Johannes Handsteiner, Matthias Fink, Dominik Rauch, Fabian Steinlechner,
Thomas Scheidl, Anton Zeilinger, and Rupert Ursin. Strategies for achieving high key rates in satellite-
based qkd. npj Quantum Information, 7(1):5, 2021.
[28] Valentina Marulanda Acosta, Daniele Dequal, Matteo Schiavon, Aurélie Montmerle-Bonnefois, Car-
oline B Lim, Jean-Marc Conan, and Eleni Diamanti. Analysis of satellite-to-ground quantum key
distribution with adaptive optics. arXiv preprint arXiv:2111.06747, 2021.
[29] S. Kaur. Analysis of inter-satellite free-space optical link performance considering different system
parameters. Opto-Electronics Review, 27(1):10–13, 2019.
[30] Vishal Sharma. Effect of noise on practical quantum communication systems. Defence Science Journal,
66(2):186–192, 2016.
[31] Robert Bedington, Juan Miguel Arrazola, and Alexander Ling. Progress in satellite quantum key
distribution. npj Quantum Information, 3:1–30, 2017.
[32] Vishal Sharma, U Shrikant, R Srikanth, and Subhashish Banerjee. Decoherence can help quantum
cryptographic security. Quantum Information Processing, 17:1–16, 2018.
[33] Vishal Sharma and Subhashish Banerjee. Analysis of quantum key distribution based satellite com-
munication. In 2018 9th International Conference on Computing, Communication and Networking
Technologies (ICCCNT), pages 1–5. IEEE, 2018.

19
[34] Arindam Dutta and Anirban Pathak. Controlled secure direct quantum communication inspired scheme
for quantum identity authentication. Quantum Information Processing, 22(13), 2022.
[35] Arindam Dutta and Anirban Pathak. A short review on quantum identity authentication protocols:
How would Bob know that he is talking with Alice? Quantum Information Processing, 21:369, 2022.
[36] Richard J Hughes, Jane E Nordholt, Derek Derkacs, and Charles G Peterson. Practical free-space
quantum key distribution over 10 km in daylight and at night. New journal of physics, 4(1):43, jul
2002.
[37] Charles H. Bennett. Quantum cryptography using any two nonorthogonal states. Phys. Rev. Lett., 68,
1992.
[38] Artur K Ekert. Quantum cryptography based on bell’s theorem. Physical review letters, 67(6):661,
1991.
[39] Marcos Curty, Maciej Lewenstein, and Norbert Lütkenhaus. Entanglement as a precondition for secure
quantum key distribution. Physical review letters, 92(21):217903, 2004.
[40] Charles H Bennett, Gilles Brassard, and N David Mermin. Quantum cryptography without bell’s
theorem. Physical review letters, 68(5):557, 1992.
[41] Abdulsalam G Alkholidi and Khalil S Altowij. Climate effects on performance of free space optical
communication systems in yemen. Frontiers of Optoelectronics, 7:91–101, 2014.
[42] Norhanis Aida M Nor, Md Rafiqul Islam, Wajdi Al-Khateeb, and AZ Suriza. Atmospheric effects on
free space earth-to-satellite optical link in tropical climate. International Journal of Computer Science,
Engineering and Applications, 3(1):17, 2013.
[43] Samkelisiwe Purity Phehlukwayo, Marie Louise Umuhire, Yaseera Ismail, Stuti Joshi, and Francesco
Petruccione. Influence of coincidence detection through free-space atmospheric turbulence using partial
spatial coherence. arXiv preprint arXiv:2006.12911, 2020.
[44] Hennes Henniger and Otakar Wilfert. An introduction to free-space optical communications. Radio-
engineering, 19(2), 2010.
[45] Dirk Giggenbach and Hennes Henniger. Errata: Fading-loss assessment in atmospheric free-space optical
communication links with on-off keying. Optical Engineering, 47(6):069801, 2008.
[46] Arun Majumdar. Free-space laser communication performance in the atmospheric channel. Journal of
Optical and Fiber Communications Reports, 2:345–396, 2005.
[47] Larry C Andrews and Ronald L Phillips. Laser beam propagation through random media. Laser Beam
Propagation Through Random Media: Second Edition, 2005.
[48] Larry C Andrews, Ronald L Phillips, Richard J Sasiela, and Ronald R Parenti. Strehl ratio and scintil-
lation theory for uplink gaussian-beam waves: beam wander effects. Optical Engineering, 45(7):076001–
076001, 2006.
[49] Hong Guo, Bin Luo, Yongxiong Ren, Sinan Zhao, and Anhong Dang. Influence of beam wander on
uplink of ground-to-satellite laser communication and optimization for transmitter beam radius. Opt.
Lett., 35(12):1977–1979, Jun 2010.
[50] Nedasadat Hosseinidehaj. Continuous-Variable Quantum Communication over Free-Space Lossy Chan-
nels. PhD thesis, UNSW Sydney, 2017.
[51] Harjeevan Singh and Nitin Mittal. Link budget analysis of free space optical communication link for
atmospheric conditions of india. Materials Today: Proceedings, 48:1064–1069, 2022.
[52] Mohamed Alzenad, Muhammad Zeeshan Shakir, and Mohamed-Slim Alouini. Fso-based vertical back-
haul/fronthaul framework for 5g+ wireless networks. IEEE Communications Magazine, 56, 12 2016.
[53] Laszlo Bacsardi, Mate Galambos, Sandor Imre, and Andras Kiss. Quantum key distribution over
space-space laser communication links. In AIAA SPACE 2012 Conference & Exposition, page 5265,
2012.

20
[54] M.F. Abdul Khir, M.N. Mohd Zain, Iskandar Bahari, Suryadi, and S. Shaari. Implementation of two
way quantum key distribution protocol with decoy state. Optics Communications, 285(5):842–845,
2012.
[55] R. Etengu, F. M. Abbou, H. Y. Wong, A. Abid, N. Nortiza, and A. Setharaman. Performance compari-
son of BB84 and B92 satellite-based free space quantum optical communication systems in the presence
of channel effects. Journal of Optical Communications, 32(1):37–47, 2011.
[56] G. Adenier, Irina Basieva, Andrei Yu. Khrennikov, Masanori Ohya, and Noboru Watanabe. Double
blinding-attack on entanglement-based quantum key distribution protocols. Foundations of probability
and physics, 1424:9–16, 2011.

21