In BB84, Alice sends qubits encoded in one of two bases: the Z basis ({|0>, |1>}) or the X basis ({|+>, |->}). Why are two non-orthogonal bases necessary instead of just one?
ATwo bases are needed for error correction during key distillation
BWith one basis, an eavesdropper could measure every qubit without disturbance since the measurement basis would always be correct
CTwo bases double the key generation rate
DTwo bases are required by the no-cloning theorem
If Alice always used the Z basis, Eve could measure in the Z basis and forward the result to Bob without introducing any disturbance — perfect eavesdropping. With two bases, Eve does not know which basis Alice used for each qubit. Measuring a Z-basis qubit in the X basis (or vice versa) randomizes the result, and forwarding the wrong-basis measurement to Bob introduces a 25% error rate in the sifted key. This detectable error is the security mechanism.
Question 2 True / False
BB84's security relies on computational hardness — if an eavesdropper had sufficient computing power, the key could be compromised.
TTrue
FFalse
Answer: False
BB84 has information-theoretic security, meaning it is secure against any adversary regardless of computational power — including quantum computers. The security is based on the physical laws of quantum mechanics (no-cloning, measurement disturbance), not on the computational difficulty of any mathematical problem. This is a fundamental advantage over classical public-key cryptography (RSA, Diffie-Hellman), which relies on unproven computational hardness assumptions.
Question 3 Short Answer
After the quantum transmission phase of BB84, Alice and Bob publicly compare their basis choices and discard mismatched rounds. Why doesn't this public discussion compromise security?
Think about your answer, then reveal below.
Model answer: The public discussion reveals only which basis was used for each qubit, not the bit values. For matched-basis rounds, Alice's bit and Bob's bit should agree (in the absence of eavesdropping). The bit values are never communicated publicly. An eavesdropper who intercepted the qubits has already committed to a measurement basis before this discussion occurs — learning the correct basis after the fact does not help, because the measurement has already disturbed the qubits in the mismatched-basis cases.
The basis reconciliation step is a clever use of classical communication that extracts useful key bits from the quantum transmission without leaking them. Only the basis labels are shared, not the measurement outcomes. The key bits come from the subset of rounds where Alice and Bob happened to use the same basis — about 50% of the total. This wastes half the qubits but ensures that both parties have the same bit value for each kept round (modulo noise and eavesdropping).