Modelling of Quantum Key Distribution Protocols in Communicating Quantum Processes Language with Verification and Analysis in PRISM.

Proof of security of cryptography protocols theoretically establishes the strength of a protocol and the constraints under which it can perform, it does not take into account the overall design of the protocol. In the past model checking has been successfully applied to classical cryptography protocols to weed out design flaws which would have otherwise gone unnoticed. Quantum key distribution protocols differ from their classical counterparts, in their ability to detect the presence of an eavesdropper while exchanging the key. Although unconditional security has been proven for both BB84(Mayers, 2002) and B92(Quan and Chaojing, 2002) key distribution protocols, in this paper we show that identifying an eavesdropper's presence is constrained on the number of qubits exchanged. We first model the protocols in Communicating Quantum Processes (CQP)(Gay and Nagarajan, 2005)(Davidson, 2012) and then explain the mechanism by which we have translated this into a PRISM model and how we analysed the protocols' capabilities. We mainly focus on the protocols' ability to detect an active eavesdropper and the extent to which an eavesdropper can retrieve the shared key without being detected by either party. We then conclude by comparing the performance of the protocols. s.