Cryptographic key exchange protocols traditionally rely on computational conjectures such as the hardness of prime factorisation to provide security against eavesdropping attacks. Remarkably, quantum key distribution protocols like the one proposed by Bennett and Brassard provide information-theoretic security against such attacks, a much stronger form of security unreachable by classical means. However, quantum protocols realised so far are subject to a new class of attacks exploiting implementation defects in the physical devices involved, as demonstrated in numerous ingenious experiments. Following the pioneering work of Ekert proposing the use of entanglement to bound an adversary's information from Bell's theorem, we present here the experimental realisation of a complete quantum key distribution protocol immune to these vulnerabilities. We achieve this by combining theoretical developments on finite-statistics analysis, error correction, and privacy amplification, with an event-ready scheme enabling the rapid generation of high-fidelity entanglement between two trapped-ion qubits connected by an optical fibre link. The secrecy of our key is guaranteed device-independently: it is based on the validity of quantum theory, and certified by measurement statistics observed during the experiment. Our result shows that provably secure cryptography with real-world devices is possible, and paves the way for further quantum information applications based on the device-independence principle.

翻译：传统密码密钥交换协议依赖于计算复杂性假设（例如大数质因数分解的难度）来抵御窃听攻击。值得注意的是，由Bennett和Brassard提出的量子密钥分发协议为这类攻击提供了信息论安全性，这是一种经典方法无法达到的更强安全性形式。然而，目前已实现的量子协议面临一类新攻击，这些攻击利用了所涉及物理设备中的实现缺陷，正如众多精巧实验所展示的那样。基于Ekert的开拓性工作（他提出利用纠缠通过贝尔定理来限制对手信息），我们在此展示一种完整量子密钥分发协议的实验实现，该协议能够免疫这些漏洞。我们通过将有限统计分析、纠错和隐私放大的理论发展，与一种事件就绪方案相结合来实现这一目标，该方案能够通过光纤链路连接的两个囚禁离子量子比特之间快速生成高保真度纠缠。我们密钥的保密性得到了设备无关性保障：它基于量子理论的有效性，并由实验期间观测到的测量统计数据所认证。我们的结果表明，使用真实设备实现可证明安全的密码学是可能的，并为基于设备无关性原理的进一步量子信息应用铺平了道路。