Testing Random-Detector-Efficiency Countermeasure in a Commercial System Reveals a Breakable Unrealistic Assumption

Huang, Anqi; Sajeed, Shihan; Chaiwongkhot, Poompong; Soucarros, Mathilde; Legré, M; Makarov, Vadim

doi:10.1109/jqe.2016.2611443

Cited by 76 publications

(68 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We assume that when D 1 receives a bright pulse of mean photon number μ, it always produces a click, while if the pulse's mean photon number is μ=2, it never produces a click. This behavior has been experimentally confirmed in many detector types [6,8,[39][40][41][42][43][44]. Once D 1 is blinded, Eve performs an intercept-resend attack on every signal sent by Alice.…”

mentioning

confidence: 64%

See 1 more Smart Citation

Insecurity of Detector-Device-Independent Quantum Key Distribution

et al. 2016

Self Cite

View full text Add to dashboard Cite

Detector-device-independent quantum key distribution (DDI-QKD) held the promise of being robust to detector side channels, a major security loophole in quantum key distribution (QKD) implementations. In contrast to what has been claimed, however, we demonstrate that the security of DDI-QKD is not based on postselected entanglement, and we introduce various eavesdropping strategies that show that DDI-QKD is in fact insecure against detector side-channel attacks as well as against other attacks that exploit devices' imperfections of the receiver. Our attacks are valid even when the QKD apparatuses are built by the legitimate users of the system themselves, and thus, free of malicious modifications, which is a key assumption in DDI-QKD. DOI: 10.1103/PhysRevLett.117.250505 Introduction.-Quantum key distribution (QKD), a technique to distribute a secret random bit string between two separated parties (Alice and Bob), needs to close the gap between theory and practice [1]. In theory, QKD provides information-theoretic security. In practice, however, it does not because QKD implementation devices do not typically conform to the theoretical models considered in the security proofs. As a result, any unaccounted device imperfection might constitute a side channel, which could be used by an eavesdropper (Eve) to learn the secret key without being detected [2][3][4][5][6][7][8][9][10][11][12].To bridge this gap, various approaches have been proposed recently [13][14][15][16][17], with measurement-deviceindependent QKD (MDI-QKD) [17] probably being the most promising one in terms of feasibility and performance. Its security is based on postselected entanglement, and it can remove all detector side channels from QKD implementations, which is arguably their major security loophole [3][4][5][6][7][8][9][10]12]. Also, its practicality has been already confirmed both in laboratories and via field trials [18][19][20][21][22][23][24]. A drawback of MDI-QKD is, however, that it requires high-visibility two-photon interference between independent sources, which makes its implementation more demanding than that of conventional QKD schemes. In addition, current finite-key security bounds against general attacks [25] require larger postprocessing data block sizes than those of standard QKD, though recent proposals [26] significantly improve the performance of MDI-QKD in the finitekey regime.To overcome these limitations, a novel approach, socalled detector-device-independent QKD (DDI-QKD), has

show abstract

mentioning

confidence: 64%

“…The results are shown in Fig. 2(a) [44]. For a particular blinding power P B , each point in the solid (dashed) curves shown in the figure represents the maximum (minimum) value of trigger pulse energy E T for which the detection efficiency η det is 0 (1).…”

mentioning

confidence: 99%

Insecurity of Detector-Device-Independent Quantum Key Distribution

et al. 2016

Self Cite

View full text Add to dashboard Cite

show abstract

“…The outcome of such attack on a particular QKD system -either denial of service or security breach -depends on a multitude of factors difficult to predict in advance, and is only possible to ascertain by experimental testing. (Other examples of attacks in this class are detector control attacks [6,12,[16][17][18][19][20][21][22][23] and timing attacks [3-5, 8, 14]. To give a contrary example, a photon number splitting attack [33,34] has a well understood physical model, and its outcome can be predicted theoretically based on system design and specifications.…”

Section: Statistical Risk Estimatementioning

confidence: 99%

Laser-Damage Attack Against Optical Attenuators in Quantum Key Distribution

Huang

Egorov

et al. 2020

Phys. Rev. Applied

Self Cite

View full text Add to dashboard Cite

Many quantum key distribution systems employ a laser followed by an optical attenuator to prepare weak coherent states in the source. Their mean photon number must be pre-calibrated to guarantee the security of key distribution. Here we experimentally show that this calibration can be broken with a high-power laser attack. We have tested four fiber-optic attenuator types used in quantum key distribution systems, and found that two of them exhibit a permanent decrease in attenuation after laser damage. This results in higher mean photon numbers in the prepared states and may allow an eavesdropper to compromise the key.

show abstract

“…When the continuous-wave (CW) blinding light enters the VA-SPD, it is first modulated by the VA into full power or half power as the attenuation value is randomly set to 0 dB or 3 dB. In order to always blind the SPD, the modulated half power should be above the blinding power of the SPD, which is typically about dozens of microwatt [51]. After the modulated blinding light hits the avalanche photodiode (APD), it will create a modulated train of photocurrent.…”

Section: Effectiveness Against the Attack With Blinding Lightmentioning

confidence: 99%

Robust countermeasure against detector control attack in a practical quantum key distribution system

Qian¹,

He²,

Wang³

et al. 2019

Optica

View full text Add to dashboard Cite

In real-life implementations of quantum key distribution (QKD), the physical systems with unwanted imperfections would be exploited by an eavesdropper. Based on imperfections in the detectors, detector control attacks have been successfully launched on several QKD systems, and attracted widespread concerns. Here, we propose a robust countermeasure against these attacks just by introducing a variable attenuator in front of the detector. This countermeasure is not only effective against the attacks with blinding light, but also robust against the attacks without blinding light which are more concealed and threatening. Different from previous technical improvements, the single photon detector in our countermeasure model is treated as a blackbox, and the eavesdropper can be detected by statistics of the detection and error rates of the QKD system. Besides theoretical proof, the countermeasure is also supported by an experimental demonstration. Our countermeasure is general in sense that it is independent of the technical details of the detector, and can be easily applied to the existing QKD systems.

show abstract

Testing Random-Detector-Efficiency Countermeasure in a Commercial System Reveals a Breakable Unrealistic Assumption

Cited by 76 publications

References 40 publications

Insecurity of Detector-Device-Independent Quantum Key Distribution

Insecurity of Detector-Device-Independent Quantum Key Distribution

Laser-Damage Attack Against Optical Attenuators in Quantum Key Distribution

Robust countermeasure against detector control attack in a practical quantum key distribution system

Contact Info

Product

Resources

About