Chapter 8 · Mathematical key postprocessing
The chapter explains the mathematical postprocessing pipeline required after raw-key generation in QKD and RKD. It begins with error estimation, where Alice and Bob evaluate how different their raw sequences are and determine whether secure continuation is possible. In QKD this is often represented by the quantum bit error rate; in RKD by an analogous deviation measure.
Next, the chapter discusses error correction. The two parties exchange parity or redundancy information so that differing bit positions can be reconciled without directly revealing the key. Although this process does not disclose exact key bits, it still leaks structural information that an attacker could exploit statistically.
For that reason, privacy amplification follows. The key is compressed in a mathematically controlled way so that any information an attacker may have inferred becomes useless. The chapter presents this as a deliberate shortening and mixing operation, often implemented with universal hashing, including Toeplitz matrices. A key message is that QKD and RKD cannot be assessed purely as physical methods because their practical security also depends on this mathematical postprocessing layer.
- Raw keys contain errors and must be processed
- Error estimation measures usable key quality
- Error correction aligns both parties’ keys
- Privacy amplification removes leaked information
- Postprocessing is security-critical in QKD and RKD