A continuous key distribution scheme is proposed that relies on a pair of canonically conjugate quantum variables. It allows two remote parties to share a secret Gaussian key by encoding it into one of the two quadrature components of a single-mode electromagnetic field. The resulting quantum cryptographic information vs disturbance tradeoff is investigated for an individual attack based on the optimal continuous cloning machine. It is shown that the information gained by the eavesdropper then simply equals the information lost by the receiver.PACS numbers: 03.67. Dd, 03.65.Bz, 89.70.+c Quantum cryptography-or, more precisely, quantum key distribution-is a technique that allows two remote parties to share a secret chain of random bits (a secret key) that can be used for exchanging encrypted information [1][2][3]. The security of this process fundamentally relies on the Heisenberg uncertainty principle, or on the fact that any measurement of incompatible variables inevitably affects the state of a quantum system. Any leak of information to an eavesdropper necessarily induces a disturbance of the system, which is, in principle, detectable by the authorized receiver.In most quantum cryptosystems proposed so far, a single photon (or, in practice, a weak coherent state with an average photon number lower than one) is used to carry each bit of the key. Mathematically, the security is based on the use of a pair of non-commuting observables such as the x-and z-projections of a spin-1/2 particle, σ x and σ z , whose eigenstates are used to encode the key. The sender (Alice) randomly chooses to encode the key using either σ z (0 is encoded as | ↑ and 1 as | ↓ ) or σ x (0 is encoded as 2 −1/2 (| ↑ + | ↓ ) and 1 as 2 −1/2 (| ↑ − | ↓ )), the choice of the basis being disclosed only after the receiver (Bob) has measured the photon. This guarantees that an eavesdropper (Eve) cannot read the key without corrupting the transmission. Such a procedure, known as BB84 [1], is at the heart of most of the quantum cryptographic schemes that have been experimentally demonstrated in the past few years, which are based either on the polarization (e. g. [4,5]) or the optical phase (e. g. [6]) of single photons. An alternative scheme, realized experimentally only a year ago [7-9], can also be used based on a pair of polarization-entangled photons instead of single photons [10]. It is, however, fundamentally equivalent to BB84 (see [11]) and it again relies on the algebra of spin-1/2 particles.Recently, it has been shown that another protocol for quantum key distribution can be devised based on continuous variables, where squeezed coherent light modes are used to carry the key [12][13][14]. In these techniques, one exploits a pair of (continuous) canonical variables such as the two quadratures X 1 and X 2 of the amplitude of a mode of the electromagnetic field, which be-have just as position and momentum. The uncertainty relation ∆X 1 ∆X 2 ≥ 1/4 then implies than Eve cannot read both quadrature components without degrading the state. Even ...
