Abstract
We investigate the security of quantum key distribution with entangled photons, focusing on the two-photon variation of the Bennett-Brassard 1984 (BB84) protocol proposed in 1992 by Bennett, Brasard, and Mermin (BBM92). We present a proof of security which applies to realistic sources, and to untrustable sources which can be placed outside the labs of the two receivers. The proof is restricted to individual eavesdropping attacks, and assumes that the detection apparatus is trustable. We find that the average collision probability for the BBM92 protocol is the same as that of the BB84 protocol with an ideal single-photon source. This indicates that there is no analog in BBM92 to photon splitting attacks, and that the source can be placed between the two receivers without changing the form of the collision probability. We then compare the communication rate of both protocols as a function of distance, and show that BBM92 has potential for much longer communication distances, up to 170 km, in the presence of realistic experimental imperfections. Finally, we propose a scheme based on entanglement swapping that can lead to even longer distance communication. The limiting factor in this scheme is the channel loss, which imposes very slow communication rates at longer distances.