Finite-key Analysis for MDI-QKD

Updated 16 December 2025

Finite-key analysis for MDI-QKD is a framework that rigorously bounds secret key rates under realistic finite-signal conditions using refined statistical techniques.
The methodology employs decoy-state protocols, linear programming, and concentration inequalities to accurately estimate photon yields and error rates.
Advanced tools like sharpened Chernoff bounds and optimized error budgets significantly enhance the security and performance of practical QKD implementations.

Finite-key analysis for measurement-device-independent quantum key distribution (MDI-QKD) addresses the composable, high-assurance security of QKD protocols when the number of transmitted quantum signals is finite and under physically realistic conditions, notably in the presence of experimental noise, side channels, and finite statistics. The finite-key problem is central for MDI-QKD, where both source preparation and measurement devices may deviate from theoretical models, leading to critical deviations from asymptotic security. The literature has produced a range of techniques for bounding the extractable key rate under this regime, incorporating advanced methods from large-deviation theory, optimized linear programming, and explicit security parameter accounting to ensure full composability.

1. Protocol Structures and Decoy-state Framework

The foundational setting involves two trusted users, Alice and Bob, sending phase-randomized coherent states with variable intensities (decoy states) to an untrusted measurement node. Standard MDI-QKD finite-key analysis considers signal and decoy intensities—typically three or four: a “signal” level plus two or three “decoy” levels (which may include a vacuum). Alice and Bob independently choose both intensity and basis ( $Z$ or $X$ ), and the protocol is designed so that only those events where both used $Z$ basis and “signal” intensity contribute to the raw key, while all other events are allocated for parameter estimation. Detector clicks, error rates, and intensity/basis assignments are recorded per event, resulting in observed counts $n_{ij}^b$ (successes) and $m_{ij}^b$ (errors) for intensity settings $i,j$ and basis $b$ (Shi et al., 2016, Ma et al., 2012, Sun et al., 2013).

Each observable count is modeled as a mixture over photon number emissions, with Poisson weights $p_k(i)$ and underlying yields $Y_{k\ell}$ for $k$ - and $\ell$ -photon input. The finite-key analysis proceeds by imposing linear-program constraints over these variables, typically truncated to the vacuum, single-photon, and sometimes two-photon manifolds. The statistical decision is then made using the observed events, their possible fluctuations, and the required security parameters for composability.

2. Statistical Fluctuations and Large-Deviation Bounds

Due to the finite size of real datasets, direct substitution of observed yields gives rise to underestimation of the adversary’s potential information. Finite-key proofs employ concentration inequalities, notably Hoeffding’s inequality (additive) and the multiplicative Chernoff bound, to obtain confidence intervals for each observable count $n_{ij}$ and $m_{ij}$ . Recent work (Shi et al., 2016) introduces a refined multiplicative Chernoff bound that tightens the usual deviation overhead by around 10–20% for a given tail probability $\epsilon_{\text{stat}}$ by means of an improved allocation of the statistical error budget across constraints:

$n_{ij}^L = n_{ij}^{\mathrm{obs}} - \sqrt{\frac{N_{ij}}{2} \ln(1/\epsilon_{ij})}$

$m_{ij}^U = m_{ij}^{\mathrm{obs}} + \sqrt{\frac{N_{ij}}{2} \ln(1/\epsilon_{ij})}$

with $\sum_{ij} \epsilon_{ij} \leq \epsilon_{\text{stat}}$ .

Finite-key analyses use these lower/upper confidence intervals in a constrained minimization over the relevant physical quantities, notably the single-photon pair yield $Y_{11}$ and the single-photon phase-error rate, to obtain conservative bounds that hold except with probability (typically) $\leq 10^{-10}$ (Shi et al., 2016, Curty et al., 2013). Alternative statistical tools include Gaussian approximations, Azuma’s inequality (for correlated data), and the McDiarmid inequality for dependent sampling (Chau, 2020).

3. Key Rate Formulas in the Finite-key Regime

The extractable key length $\ell$ in a composable finite-key scenario is governed by the universal formula:

$\ell \geq n_{11}^L \left[ 1 - h\left(e_{11}^{ph, U}\right) \right] - \lambda_{EC} - 6\log_2 \frac{21}{\epsilon_{\rm sec}} - \log_2 \frac{2}{\epsilon_{\mathrm{PA}}} \tag{Eq. 1}$

where $h(x)$ is the binary entropy, $n_{11}^L$ is a lower-bound on the number of single-photon pairs, $e_{11}^{ph, U}$ is the upper-bound on the single-photon phase-error rate, $\lambda_{EC}$ is the error-correction leakage, and the logarithmic subtractions capture the composable security overhead for (smooth) min-entropy smoothing and privacy-amplification failures. The finite-size key rate is $R_{\mathrm{finite}} = \ell/N$ (Shi et al., 2016, Curty et al., 2013).

The procedure to obtain the bounds on $n_{11}$ and $e_{11}^{ph}$ is as follows:

Use the decoy-state linear relationships to formulate a linear program with observed lower/upper bounds as constraints.
Solve for the worst-case $Y_{11}$ (yield) and corresponding error rates.
Convert these into $n_{11}^L$ and $e_{11}^{ph, U}$ using the protocol probabilities.

This functional structure is retained—with varying analytical or numerical details—across three- and four-intensity protocols, as well as more general settings with $k$ decoy states (Chau, 2020).

4. Parameter Optimization and Advanced Tightening Methods

The performance under finite-key analysis is sensitive to the choice of protocol parameters: signal and decoy intensities, basis probabilities, and allocation of events to parameter estimation versus key generation. The protocol introduced in (Shi et al., 2016) demonstrates that “global” (simultaneous) optimization of the intensities and probabilities maximizes $R_{\mathrm{finite}}$ , subject to normalization constraints. Recent improvements have mainly focused on:

Efficient allocation of the total error budget among the statistical constraints, rather than equally dividing it.
Deployment of a sharpened multiplicative Chernoff bound to further tighten finite-size intervals.

These improvements yield higher rates under realistic device constraints (e.g., high dark count, low efficiency), with simulation results indicating a 30–60% key rate improvement at moderate distances (50–100 km, $N=10^9$ pulses, $\eta_d=40\%$ ) over previous work (Shi et al., 2016).

5. Extensions to Correlated Sources and Experimental Imperfections

Standard finite-key MDI-QKD analyses assume independence between rounds. More recent works generalize security proofs to accommodate memory effects and side-channels:

“Finite-correlation-secure” MDI-QKD protocols explicitly allow for finite-length inter-round correlations and only require bounds on the span of the correlation and vacuum emission probability (Shan et al., 15 Jul 2025, Gu et al., 2022). The security proof employs a grouping strategy and uses block-wise Chernoff and Kato's inequalities to provide confidence in parameter estimation despite correlations.
Imperfect and leaky sources, including Trojan-horse and mode-dependent attacks, are incorporated via trace-distance constraints and quantum-coin arguments, using refined statistical estimation and random sampling (e.g., Serfling’s bound) to limit adversarial knowledge and ensure composability even when source flaws are present (Gu et al., 2022, Wang et al., 2020, Shan et al., 15 Jul 2025).

Empirical studies confirm that these advanced protocols can tolerate substantial source flaws and correlations (several hundred pulses), with key rates close to the ideal scenario.

6. Numerical Results and Practical Implications

Simulation studies across the cited literature (notably (Shi et al., 2016, Ma et al., 2012, Gu et al., 2022, Chau, 2020)) consistently demonstrate that:

With $N = 10^9$ – $10^{14}$ sent pulses and realistic channel/device noise (e.g., 0.2 dB/km, $p_d\sim 10^{-6}$ – $10^{-10}$ , $\eta_d=40\%$ ), positive finite-key rates are obtainable up to 100–150 km, depending on protocol and device model.
Four-intensity protocols with refined finite-key analysis outperform previous three-intensity and vacuum+weak decoy protocols, especially in noisy or high-loss scenarios.
Even under stringent security ( $\epsilon_\mathrm{tot}\sim 10^{-10}$ ), key rates in the range of $10^{-6}$ – $10^{-8}$ bits per pulse are obtained at moderate distances.

A summary comparison (data from (Shi et al., 2016, Ma et al., 2012)):

Protocol variant	Key Rate (50 km)	Key Rate (100 km)
Four-decoy, refined finite-key (N=10⁹)	~ $10^{-6}$	~ $10^{-8}$
Previous method (Lim et al. [28], N=10⁹)	~ $3\!\times\!10^{-7}$	~ $5\!\times\!10^{-9}$

This demonstrates the quantitative improvement from advanced finite-key techniques.

7. Assumptions, Limitations, and Research Directions

Assumptions underlying finite-key MDI-QKD protocols include:

Poissonian, phase-randomized sources, with precise or bounded knowledge of source behavior.
Independence among rounds, or precisely quantified finite-range correlations.
Untrusted measurement device (relay), closed source- and measurement-side loopholes.
Explicit accounting for all security parameters ( $\epsilon_\mathrm{sec}$ , $\epsilon_\mathrm{cor}$ , etc.) as required for universal composability.

Open challenges and directions include further tightening of statistical bounds, efficient analysis for more complex or high-rate protocols (e.g., with true photon-number resolving detectors), extension to general source side channels, and further integration of these models with device characterization data (Shi et al., 2016, Shan et al., 15 Jul 2025, Gu et al., 2022).

Finite-key analysis for MDI-QKD provides rigorous, composable security guarantees accounting for statistical fluctuations, experimental imperfections, and realistic side channels, enabling robust secret key generation at rates and distances relevant for practical quantum communication deployments (Shi et al., 2016, Shan et al., 15 Jul 2025, Ma et al., 2012, Gu et al., 2022, Chau, 2020, Sun et al., 2013, Wang et al., 2020).