The simplest type of possible attack is the intercept-resend attack, where Eve measures the quanutm states (photons) sent by Alice and then sends replacement states to Bob, prepared in the state she measures. In the BB84 protocol this will produce errors in the key shared between Alice and Bob. As Eve has no knowledge of the basis a state sent by Alice is encoded in, she can only guess which basis to measure in, in the same way as Bob. If she chooses correctly then she will measure the correct photon polarisation state as sent by Alice, and will resend the correct state to Bob. However if she chooses incorrectly then the state she measures will be random, and the state sent to Bob will not be the same as the state sent by Alice. If Bob then measures this state in the same basis Alice sent he will get a random result, as Eve has sent him a state in the opposite basis, instead of the correct result he would get without the presence of Eve. An example of this type of attack is shown in the table below.

Alice's random bit 0 1 1 0 1 0 0 1
Alice's random sending basis
X
X X X
Photon polarization Alice sends
Eve's random measuring basis
X
X
X
Polarization Eve measures and sends
Bob's random measuring basis
X X X
X
Photon polarization Bob measures
PUBLIC DISCUSSION OF BASIS
Shared secret key 0 0 0 1
Errors in key

The probability Eve chooses the incorrect basis is 50% (assuming Alice chooses her basis randomly), and if Bob measures this intercepted photon in the basis Alice sent he will get a random result, i.e. an incorrect result with probability of 50%. The probability an intercepted photon generates an error in the key string is then 50% x 50% = 25%. If Alice and Bob publicly compare of their key bits (thus discarding them as key bits, as they are no longer secret) the probability they find disagreement and identify the presence of Eve is

So to detect an eavesdropper with probability Alice and Bob need to compare key bits.

The above is just a simple example of an attack. If Eve is assumed to have unlimited resources, for example classical and quantum compututing power, there are many more attacks possible. BB84 has been proven secure against any attacks allowed by quantum mechanics, both for sending information using an ideal photon source which only ever emits a single photon at a time[1], and also using practical photon sources which sometimes emit multiphoton pulses[2].

  1. ^ P. W. Shor and J. Preskill, Physical Review Letters 85, 441 (2000)
  2. ^ D. Gottesman, H.-K. Lo, N. L¨utkenhaus, and J. Preskill, Quant. Inf. Comp. 4, 325 (2004)