Bell nonlocality is not sufficient for the security of standard device-independent quantum key distribution protocols.

Device-independent quantum key distribution is a secure quantum cryptographic paradigm that allows two honest users to establish a secret key, while putting minimal trust in their devices. Most of the existing protocols have the following structure: first, a bipartite nonlocal quantum state is distributed between the honest users, who perform local projective measurements to establish nonlocal correlations. Then, they announce the implemented measurements and extract a secure key by post-processing their measurement outcomes. We show that no protocol of this form allows for establishing a secret key when implemented on certain entangled nonlocal states, namely on a range of entangled two-qubit Werner states. To prove this result, we introduce a technique for upper-bounding the asymptotic key rate of device-independent quantum key distribution protocols, based on a simple eavesdropping attack. Our results imply that either different tools -- such as different reconciliation techniques or non-projective measurements -- are needed for device-independent quantum key distribution in the large-noise regime, or Bell nonlocality is not sufficient for this task.