Genuine multipartite entanglement is not a precondition for secure conference key agreement

Entanglement plays a crucial role in the security of quantum key distribution. A secret key can only be obtained by two parties if there exists a corresponding entanglement-based description of the protocol in which entanglement is witnessed, as shown by Curty et al. [M. Curty, M. Lewenstein, and N. Lütkenhaus, Phys. Rev. Lett. 92, 217903 (2004), 10.1103/PhysRevLett.92.217903]. Here we investigate the role of entanglement for the generalization of quantum key distribution to the multipartite scenario, namely, conference key agreement. In particular, we ask whether the strongest form of multipartite entanglement, namely, genuine multipartite entanglement, is necessary to establish a conference key. We show that, surprisingly, a nonzero conference key can be obtained even if the parties share biseparable states in each round of the protocol. Moreover, we relate conference key agreement with entanglement witnesses and show that a nonzero conference key can be interpreted as a nonlinear entanglement witness that detects a class of states which cannot be detected by usual linear entanglement witnesses.