The peculiar properties of quantum mechanics allow two remote parties to communicate a private, secret key, which is protected from eavesdropping by the laws of physics(1-4). So-called quantum key distribution (QKD) implementations always rely on detectors to measure the relevant quantum property of single photons(5). Here we demonstrate experimentally that the detectors in two commercially available QKD systems can be fully remote-controlled using specially tailored bright illumination. This makes it possible to tracelessly acquire the full secret key; we propose an eavesdropping apparatus built from off-the-shelf components. The loophole is likely to be present in most QKD systems using avalanche photodiodes to detect single photons. We believe that our findings are crucial for strengthening the security of practical QKD, by identifying and patching technological deficiencies
Quantum key distribution (QKD) allows two remote parties to grow a shared secret key. Its security is founded on the principles of quantum mechanics, but in reality it significantly relies on the physical implementation. Technological imperfections of QKD systems have been previously explored, but no attack on an established QKD connection has been realized so far. Here we show the first full-field implementation of a complete attack on a running QKD connection. An installed eavesdropper obtains the entire 'secret' key, while none of the parameters monitored by the legitimate parties indicate a security breach. This confirms that non-idealities in physical implementations of QKD can be fully practically exploitable, and must be given increased scrutiny if quantum cryptography is to become highly secure.
We suggest a type of attack on quantum cryptosystems that exploits variations in detector efficiency as a function of a control parameter accessible to an eavesdropper. With gated single-photon detectors, this control parameter can be the timing of the incoming pulse. When the eavesdropper sends short pulses using the appropriate timing so that the two gated detectors in Bob's setup have different efficiencies, the security of quantum key distribution can be compromised. Specifically, we show for the Bennett-Brassard 1984 (BB84) protocol that if the efficiency mismatch between 0 and 1 detectors for some value of the control parameter gets large enough (roughly 15:1 or larger), Eve can construct a successful faked-states attack causing a quantum bit error rate lower than 11%. We also derive a general security bound as a function of the detector sensitivity mismatch for the BB84 protocol. Experimental data for two different detectors are presented, and protection measures against this attack are discussed.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.