Problems of Security Proofs and Fundamental Limit on Key Generation Rate in Quantum Key Distribution

It is pointed out that treatments of the error correcting code in current quantum key distribution protocols of the BB84 type are not correct under joint attack, and the general interpretation of the trace distance security criterion is also incorrect. With correct interpretation of the criterion as well as a correct treatment of the error correcting code and privacy amplification code, it is shown that even for an ideal system under just collective attack, the maximum tolerable quantum bit error rate is about 1.5% and a net key cannot actually be generated with practical error correcting codes even at such low rates, contrary to claims in the literature.