Ya-Qian Lin,Meng Wang,Xiu-Qing Yang,Hong-Wei Liu

DOI: https://doi.org/10.1016/j.heliyon.2023.e13719

IF: 3.776

2023-01-01

Heliyon

Abstract:Compared with the traditional BB84 protocol, the counterfactual quantum key distribution (QKD) does not rely on any signal travelling in the quantum channel, and therefore can present a security advantage where Eve cannot fully access signal. However, the practical system may be damaged in a scenario where the devices are untrusted. In this paper, we analyze the security of counterfactual QKD in untrusted detectors scenario. We show that the requirement to disclose "which detector clicked" has become the main loophole in all counterfactual QKD versions. An eavesdropping scheme which is similar to the memory attack on device-independent QKD could break its security by exploiting detectors' imperfections. We consider two different counterfactual QKD protocols and analyze their security against this major loophole. One is a modified Noh09 protocol, which would be secure in untrusted detectors context. Another is a variant of counterfactual QKD with high efficiency (Phys. Rev. A 104 (2021) 022424) against a series of detectors side-channel attacks as well as against other attacks that exploit detectors imperfections.

Guillermo Currás-Lorenzo,Margarida Pereira,Go Kato,Marcos Curty,Kiyoshi Tamaki

2024-07-23

Abstract:Quantum key distribution (QKD) can theoretically achieve the Holy Grail of cryptography, information-theoretic security against eavesdropping. However, in practice, discrepancies between the mathematical models assumed in security proofs and the actual functioning of the devices used in implementations prevent it from reaching this goal. Device-independent QKD is currently not a satisfactory solution to this problem, as its performance is extremely poor and most of its security proofs assume that the user devices leak absolutely no information to the outside. On the other hand, measurement-device-independent (MDI) QKD can guarantee security with arbitrarily flawed receivers while achieving high performance, and the remaining challenge is ensuring its security in the presence of source imperfections. So far, all efforts in this regard have come at a price; some proofs are suitable only for particular source imperfections, while others severely compromise the system's performance, i.e., its communication speed and distance. Here, we overcome these crucial problems by presenting a security proof in the finite-key regime against coherent attacks that can incorporate general encoding imperfections and side channels while achieving much higher performances than previous approaches. Moreover, our proof requires minimal state characterization, which facilitates its application to real-life implementations.

Quantum Physics

Xoel Sixto,Álvaro Navarrete,Margarida Pereira,Guillermo Currás-Lorenzo,Kiyoshi Tamaki,Marcos Curty

2024-11-21

Abstract:Most security proofs of quantum key distribution (QKD) assume that there is no unwanted information leakage about the state preparation process. However, this assumption is impossible to guarantee in practice, as QKD systems can leak information to the channel due to device imperfections or the active action of an eavesdropper. Here, we solve this pressing issue by introducing a security proof in the presence of information leakage from all state preparation settings for arguably the most popular QKD scheme, namely the decoy-state BB84 protocol. The proof requires minimal experimental characterization, as only a single parameter related to the isolation of the source needs to be determined, thus providing a clear path for bridging the gap between theory and practice. Moreover, if information about the state of the side channels is available, this can be readily incorporated into the analysis to further improve the resulting performance.

Quantum Physics

Shihan Sajeed,Anqi Huang,Shihai Sun,Feihu Xu,Vadim Makarov,Marcos Curty

DOI: https://doi.org/10.1103/physrevlett.117.250505

IF: 8.6

2016-01-01

Physical Review Letters

Abstract:Detector-device-independent quantum key distribution (DDI-QKD) held the promise of being robust to detector side channels, a major security loophole in quantum key distribution (QKD) implementations. In contrast to what has been claimed, however, we demonstrate that the security of DDI-QKD is not based on postselected entanglement, and we introduce various eavesdropping strategies that show that DDI-QKD is in fact insecure against detector side-channel attacks as well as against other attacks that exploit devices' imperfections of the receiver. Our attacks are valid even when the QKD apparatuses are built by the legitimate users of the system themselves, and thus, free of malicious modifications, which is a key assumption in DDI-QKD.

Matt Young,Marco Lucamarini,Stefano Pirandola

2024-09-03

Abstract:Side-channel attacks allow an Eavesdropper to use insecurities in the practical implementation of QKD systems to gain an advantage that is not considered by security proofs that assume perfect implementations. In this work we specify a side-channel capability for Eve that has yet to be considered, before then going on to discuss a scheme to autonomously detect such an attack during an ongoing QKD session, and the limits as to how fast a detection can be made. The side-channel capability is very general and covers a wide variety of possible implementations for the attack itself. We present how Alice and Bob can put in place a countermeasure to continue use of the QKD system, once a detection is made, regardless of the ongoing side-channel attack. This prevents downtime of QKD systems, which in critical infrastructure could pose severe risks. We then extend Eves side-channel capability and present a modified attack strategy. This strengthened attack can be detected under certain conditions by our scheme, however intelligent choices of parameters from Eve allow her strengthened attack to go undetected. From this, we discuss the implications this has on Privacy Amplification, and therefore on the security of QKD as a whole. Finally, consideration is given as to how these types of attacks are analogous to certain types of faults in the QKD system, how our detection scheme can also detect these faults, and therefore how this adds autonomous fault detection and redundancy to implementations of QKD.

Quantum Physics,Cryptography and Security

wenfei cao,yizheng zhen,yulin zheng,zengbing chen,naile liu,kai chen,jianwei pan

2014-01-01

Abstract: Vulnerabilities and imperfections of single-photon detectors have been shown to compromise security for quantum key distribution (QKD). The measurement-device-independent QKD (MDI-QKD) appears to be the most appealing solution to solve the issues. However, in practice one faces severe obstacles of having significantly lower key generation rate, difficult two photon interferences, and remote synchronization etc. In this letter, we propose a highly efficient and simple quantum key distribution scheme to remove all of these drawbacks. Our proposal can be implemented with only small modifications over the standard decoy BB84 system. Remarkably it enjoys both the advantages of high key generation rate (being almost two orders of magnitude higher than that based on conventional MDI-QKD) comparable to the normal decoy system, and security against any detector side channel attacks. Most favorably one can achieve complete Bell state measurements with resort to single photon interference, which reduces significantly experimental costs. Our approach enables utilization of high speed and efficient secure communication, particularly in real-life scenario of both metropolitan and intercity QKD network, with an attack free fashion from arbitrary detector side channels.

Wei Li,Víctor Zapatero,Hao Tan,Kejin Wei,Hao Min,Wei-Yue Liu,Xiao Jiang,Sheng-Kai Liao,Cheng-Zhi Peng,Marcos Curty,Feihu Xu,Jian-Wei Pan

DOI: https://doi.org/10.1103/physrevapplied.15.034081

IF: 4.6

2021-03-29

Physical Review Applied

Abstract:The fabrication of quantum key distribution (QKD) systems typically involves several parties, thus providing Eve with multiple opportunities to meddle with the devices. As a consequence, conventional hardware and/or software hacking attacks pose natural threats to the security of practical QKD. Fortunately, if the number of corrupted devices is limited, the security can be restored by using redundant apparatuses. Here, we report on the demonstration of a secure QKD setup with optical devices and classical postprocessing units possibly controlled by an eavesdropper. We implement a 1.25 GHz chip-based measurement-device-independent QKD system secure against malicious devices on both the measurement and the users’ sides. The secret key rate reaches 137 bps over a 24 dB channel loss. Our setup, benefiting from a high clock rate, miniaturized transmitters, and a cost-effective structure, provides a promising solution for widespread applications requiring uncompromising communication security.

physics, applied

Federico Grasselli,Giovanni Chesi,Nathan Walk,Hermann Kampermann,Adam Widomski,Maciej Ogrodnik,Michał Karpiński,Chiara Macchiavello,Dagmar Bruß,Nikolai Wyderka

2024-11-30

Abstract:Quantum Key Distribution (QKD) is a promising technology for secure communication. Nevertheless, QKD is still treated with caution in certain contexts due to potential gaps between theoretical models and actual QKD implementations. A common assumption in security proofs is that the detection probability at the receiver, for a given input state, is independent of the measurement basis, which might not always be verified and could lead to security loopholes. This paper presents a security proof for QKD protocols that does not rely on the above assumption and is thus applicable in scenarios with detection probability mismatches, even when induced by the adversary. We demonstrate, through simulations, that our proof can extract positive key rates for setups vulnerable to large detection probability mismatches. This is achieved by monitoring whether an adversary is actively exploiting such vulnerabilities, instead of considering the worst-case scenario as in previous proofs. Our work highlights the importance of accounting for basis-dependent detection probabilities and provides a concrete solution for improving the security of practical QKD systems.

Quantum Physics

Marcos Curty,Kiyoshi Tamaki,Feihu Xu,Akihiro Mizutani,Charles Ci Wen Lim,Bing Qi,Hoi-Kwong Lo

DOI: https://doi.org/10.1117/12.2199415

2015-01-01

Abstract:Quantum key distribution (QKD) needs to close the big gap between theory and practice to be a suitable technology for achieving information-theoretic secure communications. Indeed, recent studies on side-channel attacks have exposed the vulnerabilities of QKD implementations against an eavesdropper who may try to attack both the source and the measurement device. Here, we review two potential approaches that, combined, could bring this goal closer: measurement-device-independent QKD and the loss-tolerant QKD protocol. The former removes all possible side-channels from the measurement apparatus and guarantees a high performance over long distances. The latter appears as a robust solution against typical source flaws and it offers similar key rates as those of standard QKD systems. Most importantly, the feasibility of both solutions has already been demonstrated in several lab and field-test experiments.

Marcos Curty,Hoi-Kwong Lo

DOI: https://doi.org/10.1038/s41534-019-0131-5

IF: 10.758

2019-02-06

npj Quantum Information

Abstract:The existing paradigm for the security of quantum key distribution (QKD) suffers from two fundamental weaknesses. First, covert channels have emerged as an important threat and have attracted a lot of attention in security research in conventional information and communication systems. Covert channels (e.g. memory attacks) can fatally break the security of even device-independent quantum key distribution (DI-QKD), whenever QKD devices are re-used. Second, it is often implicitly assumed that the classical post-processing units of a QKD system are trusted. This is a rather strong assumption and is very hard to justify in practice. Here, we propose a new paradigm for the security of QKD that addresses these two fundamental problems. Specifically, we show that by using verifiable secret sharing and multiple optical devices and classical post-processing units, one could re-establish the security of QKD. Our techniques are rather general and they apply to both DI-QKD and non-DI-QKD.

physics, condensed matter, applied, atomic, molecular & chemical,quantum science & technology

Marcos Curty,Feihu Xu,Wei Cui,Charles Ci Wen Lim,Kiyoshi Tamaki,Hoi-Kwong Lo

DOI: https://doi.org/10.1038/ncomms4732

IF: 16.6

2014-01-01

Nature Communications

Abstract:Quantum key distribution promises unconditionally secure communications. However, as practical devices tend to deviate from their specifications, the security of some practical systems is no longer valid. In particular, an adversary can exploit imperfect detectors to learn a large part of the secret key, even though the security proof claims otherwise. Recently, a practical approach—measurement-device-independent quantum key distribution—has been proposed to solve this problem. However, so far its security has only been fully proven under the assumption that the legitimate users of the system have unlimited resources. Here we fill this gap and provide a rigorous security proof against general attacks in the finite-key regime. This is obtained by applying large deviation theory, specifically the Chernoff bound, to perform parameter estimation. For the first time we demonstrate the feasibility of long-distance implementations of measurement-device-independent quantum key distribution within a reasonable time-frame of signal transmission.

Yong-Jun Qian,De-Yong He,Shuang Wang,Wei Chen,Zhen-Qiang Yin,Guang-Can Guo,Zheng-Fu Han

DOI: https://doi.org/10.1364/OPTICA.6.001178

2019-09-24

Abstract:In real-life implementations of quantum key distribution (QKD), the physical systems with unwanted imperfections would be exploited by an eavesdropper. Based on imperfections in the detectors, detector control attacks have been successfully launched on several QKD systems, and attracted widespread concerns. Here, we propose a robust countermeasure against these attacks just by introducing a variable attenuator in front of the detector. This countermeasure is not only effective against the attacks with blinding light, but also robust against the attacks without blinding light which are more concealed and threatening. Different from previous technical improvements, the single photon detector in our countermeasure model is treated as a blackbox, and the eavesdropper can be detected by statistics of the detection and error rates of the QKD system. Besides theoretical proof, the countermeasure is also supported by an experimental demonstration. Our countermeasure is general in sense that it is independent of the technical details of the detector, and can be easily applied to the existing QKD systems.

Quantum Physics

Chi Zhang,Xiao-Long Hu,Cong Jiang,Jiu-Peng Chen,Yang Liu,Weijun Zhang,Zong-Wen Yu,Hao Li,Lixing You,Zhen Wang,Xiang-Bin Wang,Qiang Zhang,Jian-Wei Pan

DOI: https://doi.org/10.1103/physrevlett.128.190503

IF: 8.6

2022-01-01

Physical Review Letters

Abstract:Quantum key distribution can provide unconditionally secure key exchange for remote users in theory. In practice, however, in most quantum key distribution systems, quantum hackers might steal the secure keys by observing the side channels in the emitted photons, such as the photon frequency spectrum, emission time, propagation direction, spatial angular momentum, and so on. It is hard to prevent such kinds of attacks because side channels may exist in many dimensions of the emitted photons. Here we report an experimental realization of a side-channel-secure quantum key distribution protocol which is not only measurement-device independent, but also immune to all side-channel attacks to the photons emitted from Alice's and Bob's labs. We achieve a secure key rate of 1.73×10^{-6} per pulse through 50 km fiber spools.

Ignatius William Primaatmaja,Emilien Lavie,Koon Tong Goh,Chao Wang,Charles Ci Wen Lim,and Charles Ci Wen Lim

DOI: https://doi.org/10.1103/PhysRevA.99.062332

2019-10-07

Abstract:Measurement-device-independent quantum key distribution (MDI-QKD) is the only known QKD scheme that can completely overcome the problem of detection side-channel attacks. Yet, despite its practical importance, there is no standard approach towards proving the security of MDI-QKD. Here, we present a ... [Phys. Rev. A 99, 062332] Published Tue Jun 25, 2019

English Else

Bing Qi,Yi Zhao,Xiongfeng Ma,Hoi-Kwong Lo,Li Qian

DOI: https://doi.org/10.1103/physreva.75.052304

2007-01-01

Abstract:To improve the performance of a quantum-key-distribution (QKD) system, high speed, low dark count single photon detectors (or low-noise homodyne detectors) are required. However, in practice, a fast detector is usually noisy. Here, we propose a dual-detector method to improve the performance of a practical QKD system with realistic detectors: the legitimate receiver randomly uses either a fast (but noisy) detector or a quiet (but slow) detector to measure the incoming quantum signals. The measurement results from the quiet detector can be used to bound the eavesdropper's information, while the measurement results from the fast detector are used to generate a secure key. We apply this idea to various QKD protocols. Simulation results demonstrate significant improvements of the secure key rate in the lower loss regime in both Bennett-Brassard 1984 (BB84) protocol with ideal single photon source and Gaussian-modulated coherent states protocol; while for decoy-state BB84 protocol with weak coherent source, the improvement is moderate. We also discuss various practical issues in implementing the dual-detector scheme.

Ignatius William Primaatmaja,Emilien Lavie,Koon Tong Goh,Chao Wang,Charles Lim

2019-01-01

Abstract:Measurement-device-independent quantum key distribution (MDI-QKD) is the only known QKD scheme that can completely overcome the problem of detection side-channel attacks. Yet, despite its practical importance, there is no standard approach towards proving the security of MDI-QKD. Here, we present a simple numerical method that can efficiently compute almost-tight security bounds for any discretely modulated MDI-QKD protocol. To demonstrate the broad utility of our method, we use it to analyze the security of coherent-state MDI-QKD, decoy-state MDI-QKD with leaky sources, and a variant of twin-field QKD called phase-matching QKD. In all of the numerical simulations (using realistic detection models) we find that our method gives significantly higher secret key rates than those obtained with current security proof techniques. Interestingly, we also find that phase-matching QKD using only two coherent test states is enough to overcome the fundamental rate-distance limit of QKD. Taken together, these findings suggest that our security proof method enables a versatile, fast, and possibly optimal approach towards the security validation of practical MDI-QKD systems.

Adomas Baliuka,Markus Stöcker,Michael Auer,Peter Freiwang,Harald Weinfurter,Lukas Knips

DOI: https://doi.org/10.1103/PhysRevApplied.20.054040

2023-10-21

Abstract:Quantum key distribution (QKD) protocols are proven secure based on fundamental physical laws, however, the proofs consider a well-defined setting and encoding of the sent quantum signals only. Side channels, where the encoded quantum state is correlated with properties of other degrees of freedom of the quantum channel, allow an eavesdropper to obtain information unnoticeably as demonstrated in a number of hacking attacks on the quantum channel. Yet, also classical radiation emitted by the devices may be correlated, leaking information on the potential key, especially when combined with novel data analysis methods. We here demonstrate a side-channel attack using a deep convolutional neural network to analyze the recorded classical, radio-frequency electromagnetic emissions. Even at a distance of a few centimeters from the electronics of a QKD sender employing frequently used electronic components we are able to recover virtually all information about the secret key. Yet, as shown here, countermeasures can enable a significant reduction of both the emissions and the amount of secret key information leaked to the attacker. Our analysis methods are independent of the actual device and thus provide a starting point for assessing the presence of classical side channels in QKD devices.

Quantum Physics

Antonio Acín,Daniel Cavalcanti,Elsa Passaro,Stefano Pironio,Paul Skrzypczyk

DOI: https://doi.org/10.1103/PhysRevA.93.012319

2016-01-28

Abstract:In recent years, several hacking attacks have broken the security of quantum cryptography implementations by exploiting the presence of losses and the ability of the eavesdropper to tune detection efficiencies. We present a simple attack of this form that applies to any protocol in which the key is constructed from the results of untrusted measurements performed on particles coming from an insecure source or channel. Because of its generality, the attack applies to a large class of protocols, from standard prepare-and-measure to device-independent schemes. Our attack gives bounds on the critical detection efficiencies necessary for secure quantum distribution, which show that the implementation of most partly device independent solutions is, from the point of view of detection efficiency, almost as demanding as fully device-independent ones. We also show how our attack implies the existence of a form of bound randomness, namely non-local correlations in which a non-signalling eavesdropper can find out a posteriori the result of any implemented measurement.

Quantum Physics

Kazi Reaz,Md Mehdi Hassan,Adrien Green,Noah Crum,George Siopsis

2023-11-08

Abstract:Real-world BB84 Quantum Key Distribution (QKD) systems utilize imperfect devices that introduce vulnerabilities to their security, known as side-channel attacks. Measurement-Device-Independent (MDI) QKD authorizes an untrusted third party to make measurements and removes all side-channel attacks. The typical implementations of MDI-QKD employ near symmetric channels which are difficult to realize physically in many practical scenarios such as when asymmetric channel losses are present, normally a consequence of the communication environment. Maritime and satellite-based communications are two such instances in which the channels are characterized by continuously changing losses in different channels. In this work, we perform asymmetric MDI-QKD in a laboratory environment with simulated turbulence using an Acousto-Optic Modulator (AOM) to interrogate the performance of free-space quantum communication. Under turbulent conditions, scattering and beam wandering cause intensity fluctuations which decrease the detected signal-to-noise ratio. Using the 7-intensity optimization method proposed by Wang et al., coupled with Prefixed-Threshold Real-time Selection (P-RTS), we demonstrate enhancement in the secure key rate under turbulent conditions for finite-size decoy-state MDI QKD. Furthermore, we show that P-RTS can yield considerably higher secure key rates for a wide range of atmospheric channel parameters.

Quantum Physics

Feihu Xu,Xiongfeng Ma,Qiang Zhang,Hoi-Kwong Lo,Jian-Wei Pan

DOI: https://doi.org/10.1103/revmodphys.92.025002

IF: 50.485

2020-01-01

Reviews of Modern Physics

Abstract:In principle, quantum key distribution (QKD) offers information-theoretic security based on the laws of physics. In practice, however, the imperfections of realistic devices might introduce deviations from the idealized models used in security analyses. Can quantum code-breakers successfully hack real systems by exploiting the side channels? Can quantum code-makers design innovative counter-measures to foil quantum code-breakers? This article reviews theoretical and experimental progress in the practical security aspects of quantum code-making and quantum code-breaking. After numerous attempts, researchers now thoroughly understand and are able to manage the practical imperfections. Recent advances, such as the measurement-device-independent protocol, have closed the critical side channels in the physical implementations, paving the way for secure QKD with realistic devices.