Optimal eavesdropping on quantum key distribution without quantum memory

We consider the security of the BB84 (Bennett and Brassard 1984 Proc. IEEE Int. Conf. on Computers, Systems, and Signal Processing pp 175-9), six-state (Bruß 1998 Phys. Rev. Lett. http://dx.doi.org/10.1103/PhysRevLett.81.3018) and SARG04 (Scarani et al 2004 Phys. Rev. Lett. http://dx.doi.org/10.1103/PhysRevLett.92.057901) quantum key distribution protocols when the eavesdropper does not have access to a quantum memory. In this case, Eve’s most general strategy is to measure her ancilla with an appropriate positive operator-valued measure designed to take advantage of the post-measurement information that will be released during the sifting phase of the protocol. After an optimization on all the parameters accessible to Eve, our method provides us with new bounds for the security of six-state and SARG04 against a memoryless adversary. In particular, for the six-state protocol we show that the maximum quantum bit error ratio for which a secure key can be extracted is increased from 12.6% (for collective attacks) to 20.4% with the memoryless assumption.