The first quantum cryptography protocol, proposed by Bennett and Brassard in 1984 (BB84), has been widely studied in recent years. This protocol uses four states (more precisely, two complementary bases) for the encoding of the classical bit. Recently, it has been noticed that by using the same four states, but a different encoding of information, one can define a protocol which is more robust in practical implementations, specifically when attenuated laser pulses are used instead of single-photon sources [V. Scarani , Phys. Rev. Lett. 92, 057901 (2004), referred to as the SARG04 protocol]. We present a detailed study of SARG04 in two different regimes. In the first part, we consider an implementation with a single-photon source: we derive bounds on the error rate Q for security against all possible attacks by the eavesdropper. The lower and the upper bound obtained for SARG04 ( Q≲10.95% and Q≳14.9% , respectively) are close to those obtained for BB84 ( Q≲12.4% and Q≳14.6% , respectively). In the second part, we consider a realistic source consisting of an attenuated laser and improve on previous analysis by allowing Alice to optimize the mean number of photons as a function of the distance. The SARG04 protocol is found to perform better than BB84, both in secret-key rate and in maximal achievable distance, for a wide class of Eve’s attacks.