An attempt to eavesdrop on a quantum cryptographic channel reveals its
elf through errors it inevitably introduces into the transmission. We
investigate the relationship between the induced error rate and the ma
ximum amount of information the eavesdropper can extract, in both the
two-state B92 [B92 refers to the work of C. H. Bennett, Phys. Rev. Let
t. 68, 3121 (1992)] and the four-state BB84 [BB84 refers to the work o
f C. Ii. Bennett and G. Brassard, in Proceedings of the IEEE Internati
onal Conference on Computers, Systems, and Signal Processing, Bangalor
e, India (IEE, New York, 1984), pp. 175-179] quantum cryptographic pro
tocols. In each case, the optimal eavesdropping method that on average
yields the most information for a given error rate is explicitly cons
tructed. Analysis is limited to eavesdropping strategies where each bi
t of the quantum transmission is attacked individually and independent
ly from other bits. Subject to this restriction, however, we believe t
hat all attacks not forbidden by physical laws are covered. Unlike pre
vious work, the eavesdropper's advantage is measured in terms of Renyi
(rather than Shannon) information, and with respect only to bits rece
ived error-free by Bob (rather than all bits). This alters both the ma
ximum extractable information and the optimal eavesdropping attack. Th
e result can be used directly at the privacy amplification stage of th
e protocol to accomplish secure communication over a noisy channel.