pith. sign in

arxiv: 2506.04105 · v2 · pith:XOW5VHZSnew · submitted 2025-06-04 · 🪐 quant-ph · cs.CR· cs.DM

Spanning-tree-packing protocol for conference key propagation in quantum networks

Anton Trushechkin , Hermann Kampermann , Dagmar Bru{\ss} This is my paper

Pith reviewed 2026-05-22 00:23 UTC · model grok-4.3

classification 🪐 quant-ph cs.CRcs.DM
keywords quantum key distributionconference key agreementspanning tree packingquantum networkssecret key ratenetwork topologygraph algorithmsmulti-party cryptography
0
0 comments X

The pith

Spanning-tree packing computes the highest rate for a shared secret key among all users in a quantum network of any shape.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper establishes that users connected by pairwise quantum key distribution links can generate a common conference secret key at the maximum possible rate by using an algorithm that packs spanning trees in the network graph. Each tree represents a way to combine the pairwise keys into a shared key for the whole group, and the maximum number of such trees that fit without exceeding the link capacities gives the optimal rate. A sympathetic reader would care because this removes the need for ad-hoc protocols that only work on special network shapes and instead gives a general method that works on arbitrary topologies while also suggesting where to add new links for the biggest gain.

Core claim

The authors propose an algorithm based on spanning-tree packing and prove its optimality. This algorithm enables optimal conference key generation in modern quantum networks of arbitrary topology.

What carries the argument

Spanning-tree packing on a graph whose edges have capacities equal to the secret-key rates of the pairwise QKD links; the packing finds the maximum weighted number of edge-disjoint spanning trees whose total weight equals the achievable conference-key rate.

If this is right

  • The optimal conference-key rate for any network can be computed in polynomial time by reducing the problem to a maximum-flow or linear-programming instance.
  • Network designers can use the same packing to decide where to add new bipartite QKD links to increase the conference-key rate by the largest possible amount.
  • The method separates the quantum part (generating pairwise keys) from the classical part (propagating them via trees), allowing reuse of classical network algorithms.
  • Any topology admits an optimal protocol once the pairwise rates are known, removing the need for custom multi-party schemes limited to complete graphs or rings.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same packing approach may extend to other multi-party tasks such as conference authentication or quantum secret sharing if they can be reduced to flow across trees.
  • In a growing quantum internet, repeatedly running the packing after each link addition would give a dynamic way to maintain near-optimal rates without global redesign.
  • If the pairwise QKD rates fluctuate over time, the algorithm could be rerun periodically to re-optimize the tree packing and maintain the best conference rate.

Load-bearing premise

The network can be represented as an undirected graph whose edge capacities are exactly the secret-key rates of the pairwise QKD links, and that unlimited public classical communication is available and does not leak information.

What would settle it

A concrete network topology and set of pairwise key rates where the maximum conference key rate achievable by any protocol exceeds the value given by the maximum number of packed spanning trees.

Figures

Figures reproduced from arXiv: 2506.04105 by Anton Trushechkin, Dagmar Bru{\ss}, Hermann Kampermann.

Figure 1
Figure 1. Figure 1: Examples of QKD networks: a star network with [PITH_FULL_IMAGE:figures/full_fig_p001_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Quantum QKD network as a weighted graph with [PITH_FULL_IMAGE:figures/full_fig_p002_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Conference key propagation for the tree graph from [PITH_FULL_IMAGE:figures/full_fig_p003_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Spanning trees packings in different graphs with equal edge weights (bipartite QKD rates) for all edges. Here it is [PITH_FULL_IMAGE:figures/full_fig_p005_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: A contraction of the graph from Fig [PITH_FULL_IMAGE:figures/full_fig_p007_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: A contraction of a graph indicating a more complex bottleneck structure, than a connection between two subgraphs [PITH_FULL_IMAGE:figures/full_fig_p009_6.png] view at source ↗
Figure 7
Figure 7. Figure 7: Network optimization. All edges here correspond [PITH_FULL_IMAGE:figures/full_fig_p009_7.png] view at source ↗
Figure 8
Figure 8. Figure 8: Illustration of the Basic algorithm (first two lines) and the General algorithm (the last line) of finding an optimal [PITH_FULL_IMAGE:figures/full_fig_p012_8.png] view at source ↗
Figure 9
Figure 9. Figure 9: If we ignore the edge multiplicities of a multigraph, [PITH_FULL_IMAGE:figures/full_fig_p014_9.png] view at source ↗
read the original abstract

We consider a network of users connected by pairwise quantum key distribution (QKD) links. Using these pairwise secret keys and public classical communication, the users want to generate a common (conference) secret key at the maximal rate. We propose an algorithm based on spanning-tree packing (a known problem in graph theory) and prove its optimality. This algorithm enables optimal conference key generation in modern quantum networks of arbitrary topology. Additionally, we discuss how it can guide the optimal placement of new bipartite links in the network design.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

0 major / 3 minor

Summary. The manuscript considers quantum networks where users are connected by pairwise QKD links with associated secret-key rates. It models the network as an undirected graph with these rates as edge capacities and proposes a spanning-tree-packing algorithm to generate a shared conference key. The authors prove that the protocol achieves the optimal rate given by the min-max expression min_P (sum of capacities crossing partition P) / (|P| - 1), with an explicit construction for achievability and a matching converse based on cut-set arguments. They also discuss how the result can inform the placement of additional bipartite links.

Significance. If the central claims hold, the work is significant because it supplies both a constructive optimal protocol and a tight converse for conference-key generation on arbitrary topologies, directly connecting a classical graph-theoretic primitive to the information-theoretic capacity of quantum networks. The reduction to spanning-tree packing yields an efficient, parameter-free method that matches the standard multi-terminal secret-key capacity formula under the usual assumptions of independent pairwise keys and unlimited authenticated public discussion. This provides a clear benchmark for protocol design and network optimization in the field.

minor comments (3)
  1. [§3.1] §3.1: The pseudocode for the spanning-tree-packing procedure would benefit from an additional line-by-line explanation of how the public discussion coordinates the tree selection without leaking key material.
  2. [Figure 3] Figure 3: The caption does not specify the numerical values used for the edge capacities in the example network; adding these values would make the rate calculation easier to verify.
  3. [§4.2] §4.2: The converse proof invokes a standard cut argument but does not explicitly reference the multi-terminal secret-key capacity result from Csiszár and Narayan (or equivalent) that justifies the min-max formula; a brief citation would strengthen the connection to prior literature.

Simulated Author's Rebuttal

0 responses · 0 unresolved

We thank the referee for their positive assessment of our manuscript, including the accurate summary of the spanning-tree packing protocol and its optimality for conference key generation, as well as the recognition of its significance for quantum network design. The recommendation for minor revision is noted. No specific major comments were provided in the report.

Circularity Check

0 steps flagged

No significant circularity: derivation applies standard graph theory and cut arguments independently

full rationale

The paper models the quantum network as an undirected graph with edge capacities given by pairwise QKD secret-key rates and invokes the known spanning-tree packing number from graph theory to achieve the conference-key rate. Optimality is established by an explicit protocol for achievability together with a matching converse obtained from standard min-cut / partition arguments (min_P (sum of capacities across P) / (|P|-1)). These steps rely on externally established combinatorial results and information-theoretic cut-set bounds rather than any self-definition, fitted parameter renamed as prediction, or load-bearing self-citation chain. The assumptions (undirected graph, unlimited authenticated public discussion) are stated explicitly and match the conventional QKD network setting. No equation or claim reduces to its own input by construction.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

Review performed on abstract only; full list of modeling assumptions and any capacity definitions cannot be extracted. The work relies on standard QKD security and classical-communication assumptions plus known combinatorial results on spanning-tree packing.

axioms (2)
  • domain assumption Pairwise QKD links supply independent secret keys whose rates serve as edge capacities in an undirected graph.
    Implicit in the problem statement that the network is modeled this way.
  • domain assumption Public classical communication is free, authenticated, and does not compromise secrecy.
    Standard assumption for QKD-based protocols stated in the abstract.

pith-pipeline@v0.9.0 · 5615 in / 1305 out tokens · 62319 ms · 2026-05-22T00:23:41.831848+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

68 extracted references · 68 canonical work pages · 3 internal anchors

  1. [1]

    Then the vertices that are not leafs in the subtrees do the same for their children in the sub- trees

    using the one-time pad and the corresponding bipar- tite secret keys. Then the vertices that are not leafs in the subtrees do the same for their children in the sub- trees. In our example, vertices 4 and 5 encrypt the future conference key K(5,6) for the users 1, 2, and 3 using the bipartite keys K(1,4), K(2,4), and K(3,5). Vertex 7 and its descendants ac...

    work page

  2. [2]

    omniscience

    If the bipartite keys are perfectly secure, then, due to perfect security of the one-time pad and the chain- like structure of encryptions (2), the conference key is also perfectly secure. For arbitrary bipartite keys re, we can apply the same reasonings as for the star graph and conclude that rconf = min re. Thus, we arrive at the following observation: ...

    work page

  3. [3]

    communication for omniscience

    Reduction to a linear program for a multigraph network The basic tool is the information-theoretic result by Czisz´ ar and Narayan [56] about the classical conference secret key capacity. One of the models considered in their paper is as follows. In each repetition (round), independent and identically distributed (iid) N-tuples of random variables ( X1, ....

    work page

  4. [4]

    ≥” by “=

    Proof of Proposition 1 Lemma 1. Consider an arbitrary partition P = {V1, . . . ,Vp} of the vertex set V into nonempty subsets, i.e., V = V1 ⊔ . . . ⊔ Vp, p ≡ | P | ≥ 2. Then the following upper bound for Z form linear program (12) holds: Z ≤ 1 |P | − 1 X e∈E(P) re, (B3) where, recall, E(P ) is the set of cross-edges in the graph, i.e., the edges whose ver...

    work page

  5. [5]

    edge capacities

    Spanning-tree-packing protocol satisfies the information-theoretic constraints Let us show that the conference key rate given by the Nash-Williams–Tutte formula (7) does not exceedC from (12), i.e., the information-theoretic constraints (12c) are satisfied. In principle, we do not need to prove this be- cause it is a direct consequence of Csisz´ ar and Na...

    work page

  6. [6]

    C. H. Bennett and G. Brassard, Quantum cryptogra- phy: public key distribution and coin tossing, in Proc. IEEE Int. Conf. Computers, Systems and Signal Pro- cessing (Institute of Electrical and Electronics Engineers, New York, 1984) pp. 175–179

    work page 1984

  7. [7]

    Gisin, G

    N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, Quan- tum cryptography, Rev. Mod. Phys. 74, 145 (2002)

    work page 2002

  8. [8]

    Scarani, H

    V. Scarani, H. Bechmann-Pasquinucci, N. J. Cerf, M. Duˇ sek, N. L¨ utkenhaus, and M. Peev, The security of practical quantum key distribution, Rev. Mod. Phys. 81, 1301 (2009)

    work page 2009

  9. [9]

    Pirandola, U

    S. Pirandola, U. Andersen, L. Banchi, M. Berta, D. Bunandar, R. Colbeck, D. Englund, T. Gehring, C. Lupo, C. Ottaviani, J. Pereira, M. Razavi, J. S. Shaari, M. Tomamichel, V. C. Usenko, G. Vallone, P. Vil- loresi, and P. Wallden, Advances in quantum cryptogra- phy, Adv. Opt. Photon. 12, 1012 (2020)

    work page 2020

  10. [10]

    A. K. Fedorov, N. Gisin, S. M. Beloussov, and A. I. Lvovsky, Quantum computing at the quantum ad- vantage threshold: a down-to-business review (2022), arXiv:2203.17181 [quant-ph]

    work page arXiv 2022

  11. [11]

    How to Build a Quantum Supercomputer: Scaling from Hundreds to Millions of Qubits

    M. Mohseni, A. Scherer, K. G. Johnson, O. Wertheim, M. Otten, N. A. Aadit, K. M. Bresniker, K. Y. Cam- sari, B. Chapman, S. Chatterjee, G. A. Dagnew, A. Es- posito, F. Fahim, M. Fiorentino, A. Khalid, X. Kong, B. Kulchytskyy, R. Li, P. A. Lott, I. L. Markov, R. F. McDermott, G. Pedretti, A. Gajjar, A. Silva, J. Sorebo, P. Spentzouris, Z. Steiner, B. Toros...

    work page internal anchor Pith review Pith/arXiv arXiv 2024

  12. [12]

    Epping, H

    M. Epping, H. Kampermann, and D. Bruß, Large-scale quantum networks based on graphs, New J. Phys. 18, 053036 (2016)

    work page 2016

  13. [13]

    Epping, H

    M. Epping, H. Kampermann, and D. Bruß, Robust en- tanglement distribution via quantum network coding, New J. Phys. 18, 103052 (2016)

    work page 2016

  14. [14]

    Walln¨ ofer, A

    J. Walln¨ ofer, A. Pirker, M. Zwerger, and W. D¨ ur, Multi- partite state generation in quantum networks with opti- mal scaling, Sci. Rep. 9, 314 (2019)

    work page 2019

  15. [15]

    De Bone, R

    S. De Bone, R. Ouyang, K. Goodenough, and D. Elk- 16 ouss, Protocols for creating and distilling multipartite GHZ states with Bell pairs, IEEE Trans. Quantum Eng. 1, 4102710 (2020)

    work page 2020

  16. [16]

    Contreras-Tejada, C

    P. Contreras-Tejada, C. Palazuelos, and J. de Vicente, Genuine multipartite nonlocality is intrinsic to quantum networks, Phys. Rev. Lett. 126, 040501 (2021)

    work page 2021

  17. [17]

    Sukachev, Large quantum networks, Physics-Uspekhi 64, 1021 (2021)

    D. Sukachev, Large quantum networks, Physics-Uspekhi 64, 1021 (2021)

    work page 2021

  18. [18]

    G. Avis, F. Rozp¸ edek, and S. Wehner, Analysis of multipartite entanglement distribution using a central quantum-network node, Phys. Rev. A 107, 012609 (2023)

    work page 2023

  19. [19]

    Ghaderibaneh, H

    M. Ghaderibaneh, H. Gupta, and C. Ramakrishnan, Gen- eration and distribution of GHZ states in quantum net- works, in 2023 IEEE International Conference on Quan- tum Computing and Engineering (QCE) (IEEE Com- puter Society, Los Alamitos, CA, USA, 2023) pp. 1120– 1131

    work page 2023

  20. [20]

    Sutcliffe and A

    E. Sutcliffe and A. Beghelli, Multiuser entanglement dis- tribution in quantum networks using multipath routing, IEEE Trans. Quantum Eng. 4, 1 (2023)

    work page 2023

  21. [21]

    H. Han, B. Liu, B. Tang, S. Xiong, J. Huang, W. Yu, and S. Chen, Differentiated service entanglement routing for quantum networks (2024), arXiv:2401.17503 [quant-ph]

    work page arXiv 2024

  22. [22]

    Vardoyan, E

    G. Vardoyan, E. van Milligen, S. Guha, S. Wehner, and D. Towsley, On the bipartite entanglement capac- ity of quantum networks, IEEE Trans. Quantum Eng. 5, 4100414 (2024)

    work page 2024

  23. [23]

    Murta, F

    G. Murta, F. Grasselli, H. Kampermann, and D. Bruß, Quantum conference key agreement: A review, Adv. Quantum Technol. 3, 2000025 (2020)

    work page 2020

  24. [24]

    Epping, H

    M. Epping, H. Kampermann, C. Macchiavello, and D. Bruß, Multi-partite entanglement can speed up quan- tum key distribution in networks, New. J. Phys. 19, 093012 (2017)

    work page 2017

  25. [25]

    Salek and A

    F. Salek and A. Winter, New protocols for conference key and multipartite entanglement distillation, IEEE Trans. Inf. Theory 71, 4374 (2025)

    work page 2025

  26. [26]

    Pirandola, General upper bound for conferencing keys in arbitrary quantum networks, IET Quantum Commun

    S. Pirandola, General upper bound for conferencing keys in arbitrary quantum networks, IET Quantum Commun. 1, 22 (2020)

    work page 2020

  27. [27]

    S. Das, S. B¨ auml, M. Winczewski, and K. Horodecki, General upper bound for conferencing keys in arbitrary quantum networks, Phys. Rev. X 11, 041016 (2021)

    work page 2021

  28. [28]

    Carrara, H

    G. Carrara, H. Kampermann, D. Bruß, and G. Murta, Genuine multipartite entanglement is not a precondition for secure conference key agreement, Phys. Rev. Res. 3, 013264 (2021)

    work page 2021

  29. [29]

    Proietti, J

    M. Proietti, J. Ho, F. Grasselli, P. Barrow, M. Malik, and A. Fedrizzi, Experimental quantum conference key agreement, Science Advances 7, eabe0395 (2021)

    work page 2021

  30. [30]

    nag Oruganti, Multi-user QKD using quotient graph states derived from continuous-variable dual-rail cluster states (2024), arXiv:2412.14317 [quant-ph]

    A. nag Oruganti, Multi-user QKD using quotient graph states derived from continuous-variable dual-rail cluster states (2024), arXiv:2412.14317 [quant-ph]

    work page arXiv 2024

  31. [31]

    Kimble, The quantum internet, Nature 453, 1023 (2008)

    H. Kimble, The quantum internet, Nature 453, 1023 (2008)

    work page 2008

  32. [32]

    Pirandola and S

    S. Pirandola and S. Braunstein, Physics: Unite to build a quantum Internet, Nature 532, 169 (2016)

    work page 2016

  33. [33]

    Simon, Towards a global quantum network, Nature Photon

    C. Simon, Towards a global quantum network, Nature Photon. 11, 678 (2017)

    work page 2017

  34. [34]

    Wehner, D

    S. Wehner, D. Elkouss, and R. Hanson, Quantum inter- net: A vision for the road ahead, Nature Photon. 11, eaam9288 (2018)

    work page 2018

  35. [35]

    P. P. Rohde, The Quantum Internet. The second Quan- tum Revolution (Cambridge University Press, Cam- bridge, 2021)

    work page 2021

  36. [36]

    P. P. Rohde, Z. Huang, Y. Ouyang, H.-L. Huang, Z.-E. Su, S. Devitt, R. Ramakrishnan, A. Mantri, S.-H. Tan, N. Liu, S. Harrison, C. Radhakrishnan, G. K. Brennen, B. Q. Baragiola, J. P. Dowling, T. Byrnes, and W. J. Munro, The quantum Internet (technical version) (2025), arXiv:2501.12107 [quant-ph]

    work page arXiv 2025

  37. [37]

    N. H. Valencia, A. Ma, S. Goel, S. Leedumrong- watthanakun, F. Graffitti, A. Fedrizzi, W. McCutcheon, and M. Malik, A large-scale reconfigurable multiplexed quantum photonic network (2025), arXiv:2501.07272 [quant-ph]

    work page arXiv 2025

  38. [38]

    Kumar, C

    V. Kumar, C. Cicconetti, M. Conti, and A. Passarella, Quantum Internet: Technologies, protocols, and research challenges (2025), arXiv:2502.01653 [quant-ph]

    work page arXiv 2025

  39. [39]

    Y. Cao, Y. Zhao, Q. Wang, J. Zhang, S. X. Ng, and L. Hanzo, The evolution of quantum key distribution net- works: On the road to the Qinternet, IEEE Commun.24, 839 (2021)

    work page 2021

  40. [40]

    Gaidash, G

    A. Gaidash, G. Miroshnichenko, and A. Kozubov, Quan- tum network security dependent on the connection den- sity between trusted nodes, J. Opt. Commun. Netw. 14, 934 (2022)

    work page 2022

  41. [41]

    E. O. Kiktenko, A. Tayduganov, and A. K. Fedorov, Routing algorithm within the multiple non-overlapping paths’ approach for quantum key distribution networks, Entropy 26, 1102 (2024)

    work page 2024

  42. [42]

    Pi´ etri, P.-E

    Y. Pi´ etri, P.-E. Verdier, B. Lacour, M. Gautier, H. Huang, T. Camus, J.-S. Pegon, M. Zuber, J.-C. Faug` ere, M. Schiavon, A. Rhouni, Y. Jaou¨ en, N. Fabre, R. All´ eaume, T. Rivera, and E. Diamanti, Quantum key distribution with efficient post-quantum cryptography- secured trusted node on a quantum network (2025), arXiv:2504.01454 [quant-ph]

    work page arXiv 2025

  43. [43]

    Horoschenkoff, J

    P. Horoschenkoff, J. Henrich, R. B¨ ohn, I. Khan, J. R¨ odi- ger, M. Gunkel, M. Bauch, J. Benda, P. Bl¨ acker, E. Eichhammer, U. Eismann, G. Frenck, H. Griesser, W. Jontofsohn, N. Kopshoff, S. R¨ ohrich, F. Seidl, N. Schark, E. Sollner, D. von Blanckenburg, A. Heine- mann, M. Stiemerling, and M. G¨ artner, Demoquandt: A carrier-grade QKD network (2025), a...

    work page arXiv 2025

  44. [44]

    Mariani, R

    L. Mariani, R. Yehia, C. Pascual-Garc´ ıa, F. Centrone, J. van der Kolk, M. ´Angeles Serrano, and A. Ac´ ın, Quantum key distribution over complex networks (2025), arXiv:2504.02372 [quant-ph]

    work page arXiv 2025

  45. [45]

    Diestel, Graph Theory , 5th ed

    R. Diestel, Graph Theory , 5th ed. (Springer, Berlin, 2017)

    work page 2017

  46. [46]

    Palmer, On the spanning tree packing number of a graph: a survey, Discrete Math

    E. Palmer, On the spanning tree packing number of a graph: a survey, Discrete Math. 230, 13 (2001)

    work page 2001

  47. [47]

    Barahona, Packing spanning trees, Math

    F. Barahona, Packing spanning trees, Math. Oper. Res. 20, 104 (1995)

    work page 1995

  48. [48]

    Y. Du, Y. Liu, C. Yang, X. Zheng, S. Zhu, and X.- s. Ma, Experimental measurement-device-independent quantum cryptographic conferencing, Phys. Rev. Lett. 134, 040802 (2025)

    work page 2025

  49. [49]

    Grasselli, H

    F. Grasselli, H. Kampermann, and D. Bruß, Conference key agreement with single-photon interference, New J. Phys. 21, 123002 (2019)

    work page 2019

  50. [50]

    C. H. Park, M. K. Woo, B. K. Park, Y.-S. Kim, H. Baek, S.-W. Lee, H.-T. Lim, S.-W. Jeon, H. Jung, S. Kim, and S.-W. Han, 2 × N twin-field quantum key distribution 17 network configuration based on polarization, wavelength, and time division multiplexing, npj Quantum Inf. 8, 48 (2022)

    work page 2022

  51. [51]

    Zhong, W

    X. Zhong, W. Wang, R. Mandil, H.-K. Lo, and L. Qian, Simple multiuser twin-field quantum key distribution network, Phys. Rev. Appl. 17, 014025 (2022)

    work page 2022

  52. [52]

    Carrara, G

    G. Carrara, G. Murta, and F. Grasselli, Overcoming fun- damental bounds on quantum conference key agreement, Phys. Rev. Appl. 19, 064017 (2023)

    work page 2023

  53. [53]

    J. Li, W. Wang, and H. F. Chau, Fully passive quan- tum conference key agreement (2024), arXiv:2407.15761 [quant-ph]

    work page internal anchor Pith review Pith/arXiv arXiv 2024

  54. [54]

    S. Zhao, P. Zeng, W.-F. Cao, X.-Y. Xu, Y.-Z. Zhen, X. Ma, L. Li, N.-L. Liu, and K. Chen, Phase-matching quantum cryptographic conferencing, Phys. Rev. Appl. 14, 024010 (2020)

    work page 2020

  55. [55]

    Stefanakos, G

    N. Stefanakos, G. Maragkopoulos, A. Mandilara, and D. Syvridis, A measurement device independent quan- tum key distribution protocol in the service of three users (2025), arXiv:2504.06902 [quant-ph]

    work page arXiv 2025

  56. [56]

    Huang, R

    C. Huang, R. Guan, X. Liu, S. Li, W. He, H. Liang, Z. Luo, Z. Zhang, W. Li, and K. Wei, Fully connected twin-field quantum key distribution network (2025), arXiv:2504.15137 [quant-ph]

    work page arXiv 2025

  57. [57]

    H. Dong, C. Jiang, D. Ma, C. Zhang, J. Huang, H. Li, L.- X. You, Y. Liu, X.-B. Wang, Q. Zhang, and J.-W. Pan, Experimental multi-dimensional side-channel-secure quantum key distribution (2025), arXiv:2504.19242 [quant-ph]

    work page arXiv 2025

  58. [58]

    Kanitschar and C

    F. Kanitschar and C. Pacher, Security of multi- user quantum key distribution with discrete-modulated continuous-variables (2024), arXiv:2406.14610 [quant- ph]

    work page arXiv 2024

  59. [59]

    Cryptographic security of quantum key distribution

    C. Portmann and R. Renner, Cryptographic security of quantum key distribution (2014), arXiv:1409.3525 [quant-ph]

    work page internal anchor Pith review Pith/arXiv arXiv 2014

  60. [60]

    Portmann and R

    C. Portmann and R. Renner, Security in quantum cryp- tography, Rev. Mod. Phys. 94, 025008 (2022)

    work page 2022

  61. [61]

    Csisz´ ar and P

    I. Csisz´ ar and P. Narayan, Secrecy capacities for multiple terminals, IEEE Trans. Inf. Theory 50, 3047 (2004)

    work page 2004

  62. [62]

    Chitambar, D

    E. Chitambar, D. Leung, L. Manˇ cinska, M. Ozols, and A. Winter, Everything you always wanted to know about locc (but were afraid to ask), Comm. Math. Phys. 328, 303 (2014)

    work page 2014

  63. [63]

    Arbekov and S

    I. Arbekov and S. Molotkov, Distinguishability of quan- tum states and Shannon complexity in quantum cryptog- raphy, J. Exp. Theor. Phys. 125, 50 (2017)

    work page 2017

  64. [64]

    Trushechkin, On the operational meaning and practi- cal aspects of using the security parameter in quantum key distribution, Quantum Electron

    A. Trushechkin, On the operational meaning and practi- cal aspects of using the security parameter in quantum key distribution, Quantum Electron. 50, 426 (2020)

    work page 2020

  65. [65]

    Ben-Or, M

    M. Ben-Or, M. Horodecki, D. W. Leung, D. Mayers, and J. Oppenheim, The universal composable security of quantum key distribution, in Theory of Cryptography , edited by J. Kilian (Springer Berlin Heidelberg, Berlin, Heidelberg, 2005) pp. 386–406

    work page 2005

  66. [66]

    B¨ auml and K

    S. B¨ auml and K. Azuma, Fundamental limitation on quantum broadcast networks, Quantum Sci. Technol. 2, 024004 (2017)

    work page 2017

  67. [67]

    B¨ auml, K

    S. B¨ auml, K. Azuma, G. Kato, and E. D., Linear pro- grams for entanglement and key distribution in the quan- tum internet, Comm. Phys. 3, 55 (2020)

    work page 2020

  68. [68]

    Azuma, S

    K. Azuma, S. B¨ auml, T. Coopmans, E. D., and B. Li, Tools for quantum network design, AVS Quantum Sci. 3, 014101 (2021)

    work page 2021