Ignatius William Primaatmaja,Emilien Lavie,Koon Tong Goh,Chao Wang,Charles Lim

2019-01-01

Abstract:Measurement-device-independent quantum key distribution (MDI-QKD) is the only known QKD scheme that can completely overcome the problem of detection side-channel attacks. Yet, despite its practical importance, there is no standard approach towards proving the security of MDI-QKD. Here, we present a simple numerical method that can efficiently compute almost-tight security bounds for any discretely modulated MDI-QKD protocol. To demonstrate the broad utility of our method, we use it to analyze the security of coherent-state MDI-QKD, decoy-state MDI-QKD with leaky sources, and a variant of twin-field QKD called phase-matching QKD. In all of the numerical simulations (using realistic detection models) we find that our method gives significantly higher secret key rates than those obtained with current security proof techniques. Interestingly, we also find that phase-matching QKD using only two coherent test states is enough to overcome the fundamental rate-distance limit of QKD. Taken together, these findings suggest that our security proof method enables a versatile, fast, and possibly optimal approach towards the security validation of practical MDI-QKD systems.

Zhengyu Li,Yi-Chen Zhang,Hong Guo

DOI: https://doi.org/10.48550/arxiv.1805.04249

2018-01-01

Abstract:Quantum key distribution (QKD) provides secure keys resistant to code-breaking quantum computers. As headed towards commercial application, it is crucial to guarantee the practical security of QKD systems. However, the difficulty of security proof limits the flexibility of protocol proposals, which may not fulfill with real application requirements. Here we show a protocol design framework that allows one to securely construct the protocol using arbitrary non-orthogonal states. Multi-mode entangled source is virtually introduced for the security analysis, while coherent measurement is used to provide raw data. This 'arbitrary' feature reverses the traditional protocol-decide-the-system working style, such that the protocol design now can follow what the system generates. We show a valuable showcase, which not only solves the security challenge of discrete-modulated coherent states, but also achieves high performance with no more than 256 coherent states. Our findings lower the requirement for system venders with off-the-shell devices, thus will promote the commercialization of QKD.

Marcos Curty,Kiyoshi Tamaki,Feihu Xu,Akihiro Mizutani,Charles Ci Wen Lim,Bing Qi,Hoi-Kwong Lo

DOI: https://doi.org/10.1117/12.2199415

2015-01-01

Abstract:Quantum key distribution (QKD) needs to close the big gap between theory and practice to be a suitable technology for achieving information-theoretic secure communications. Indeed, recent studies on side-channel attacks have exposed the vulnerabilities of QKD implementations against an eavesdropper who may try to attack both the source and the measurement device. Here, we review two potential approaches that, combined, could bring this goal closer: measurement-device-independent QKD and the loss-tolerant QKD protocol. The former removes all possible side-channels from the measurement apparatus and guarantees a high performance over long distances. The latter appears as a robust solution against typical source flaws and it offers similar key rates as those of standard QKD systems. Most importantly, the feasibility of both solutions has already been demonstrated in several lab and field-test experiments.

Xoel Sixto,Álvaro Navarrete,Margarida Pereira,Guillermo Currás-Lorenzo,Kiyoshi Tamaki,Marcos Curty

2024-11-21

Abstract:Most security proofs of quantum key distribution (QKD) assume that there is no unwanted information leakage about the state preparation process. However, this assumption is impossible to guarantee in practice, as QKD systems can leak information to the channel due to device imperfections or the active action of an eavesdropper. Here, we solve this pressing issue by introducing a security proof in the presence of information leakage from all state preparation settings for arguably the most popular QKD scheme, namely the decoy-state BB84 protocol. The proof requires minimal experimental characterization, as only a single parameter related to the isolation of the source needs to be determined, thus providing a clear path for bridging the gap between theory and practice. Moreover, if information about the state of the side channels is available, this can be readily incorporated into the analysis to further improve the resulting performance.

Quantum Physics

Víctor Zapatero,Álvaro Navarrete,Marcos Curty

2023-10-31

Abstract:The problem of implementation security in quantum key distribution (QKD) refers to the difficulty of meeting the requirements of mathematical security proofs in real-life QKD systems. Here, we provide a succint review on this topic, focusing on discrete variable QKD setups. Particularly, we discuss some of their main vulnerabilities and comment on possible approaches to overcome them.

Quantum Physics

Marcos Curty,Hoi-Kwong Lo

DOI: https://doi.org/10.1038/s41534-019-0131-5

IF: 10.758

2019-02-06

npj Quantum Information

Abstract:The existing paradigm for the security of quantum key distribution (QKD) suffers from two fundamental weaknesses. First, covert channels have emerged as an important threat and have attracted a lot of attention in security research in conventional information and communication systems. Covert channels (e.g. memory attacks) can fatally break the security of even device-independent quantum key distribution (DI-QKD), whenever QKD devices are re-used. Second, it is often implicitly assumed that the classical post-processing units of a QKD system are trusted. This is a rather strong assumption and is very hard to justify in practice. Here, we propose a new paradigm for the security of QKD that addresses these two fundamental problems. Specifically, we show that by using verifiable secret sharing and multiple optical devices and classical post-processing units, one could re-establish the security of QKD. Our techniques are rather general and they apply to both DI-QKD and non-DI-QKD.

physics, condensed matter, applied, atomic, molecular & chemical,quantum science & technology

Ignatius William Primaatmaja,Emilien Lavie,Koon Tong Goh,Chao Wang,Charles Ci Wen Lim,and Charles Ci Wen Lim

DOI: https://doi.org/10.1103/PhysRevA.99.062332

2019-10-07

Abstract:Measurement-device-independent quantum key distribution (MDI-QKD) is the only known QKD scheme that can completely overcome the problem of detection side-channel attacks. Yet, despite its practical importance, there is no standard approach towards proving the security of MDI-QKD. Here, we present a ... [Phys. Rev. A 99, 062332] Published Tue Jun 25, 2019

English Else

P. Gonzalez,L. Rebon,T. Ferreira da Silva,M. Figueroa,C. Saavedra,M. Curty,G. Lima,G. B. Xavier,W. A. T. Nogueira

DOI: https://doi.org/10.1103/PhysRevA.92.022337

2015-08-19

Abstract:Side-channel attacks currently constitute the main challenge for quantum key distribution (QKD) to bridge theory with practice. So far two main approaches have been introduced to address this problem, (full) device-independent QKD and measurement-device-independent QKD. Here we present a third solution that might exceed the performance and practicality of the previous two in circumventing detector side-channel attacks, which arguably is the most hazardous part of QKD implementations. Our proposal has, however, one main requirement: the legitimate users of the system need to ensure that their labs do not leak any unwanted information to the outside. The security in the low-loss regime is guaranteed, while in the high-loss regime we already prove its robustness against some eavesdropping strategies.

Quantum Physics

Michel Boyer,Gilles Brassard,Nicolas Godbout,Rotem Liss,Stéphane Virally

DOI: https://doi.org/10.3390/quantum5010005

2023-07-04

Abstract:Quantum key distribution (QKD) protocols aim at allowing two parties to generate a secret shared key. While many QKD protocols have been proven unconditionally secure in theory, practical security analyses of experimental QKD implementations typically do not take into account all possible loopholes, and practical devices are still not fully characterized for obtaining tight and realistic key rates. We present a simple method of computing secure key rates for any practical implementation of discrete-variable QKD (which can also apply to measurement-device-independent QKD), initially in the single-qubit lossless regime, and we rigorously prove its unconditional security against any possible attack. We hope our method becomes one of the standard tools used for analysing, benchmarking, and standardizing all practical realizations of QKD.

Quantum Physics,Cryptography and Security

Marcos Curty,Feihu Xu,Wei Cui,Charles Ci Wen Lim,Kiyoshi Tamaki,Hoi-Kwong Lo

DOI: https://doi.org/10.1038/ncomms4732

IF: 16.6

2014-01-01

Nature Communications

Abstract:Quantum key distribution promises unconditionally secure communications. However, as practical devices tend to deviate from their specifications, the security of some practical systems is no longer valid. In particular, an adversary can exploit imperfect detectors to learn a large part of the secret key, even though the security proof claims otherwise. Recently, a practical approach—measurement-device-independent quantum key distribution—has been proposed to solve this problem. However, so far its security has only been fully proven under the assumption that the legitimate users of the system have unlimited resources. Here we fill this gap and provide a rigorous security proof against general attacks in the finite-key regime. This is obtained by applying large deviation theory, specifically the Chernoff bound, to perform parameter estimation. For the first time we demonstrate the feasibility of long-distance implementations of measurement-device-independent quantum key distribution within a reasonable time-frame of signal transmission.

Michele Mosca,Douglas Stebila,Berkant Ustaoğlu

DOI: https://doi.org/10.1007/978-3-642-38616-9_9

2013-01-01

Abstract:Key establishment is a crucial primitive for building secure channels in a multi-party setting. Without quantum mechanics, key establishment can only be done under the assumption that some computational problem is hard. Since digital communication can be easily eavesdropped and recorded, it is important to consider the secrecy of information anticipating future algorithmic and computational discoveries which could break the secrecy of past keys, violating the secrecy of the confidential channel.Quantum key distribution (QKD) can be used generate secret keys that are secure against any future algorithmic or computational improvements. QKD protocols still require authentication of classical communication, although existing security proofs of QKD typically assume idealized authentication. It is generally considered folklore that QKD when used with computationally secure authentication is still secure against an unbounded adversary, provided the adversary did not break the authentication during the run of the protocol.We describe a security model for quantum key distribution extending classical authenticated key exchange (AKE) security models. Using our model, we characterize the long-term security of the BB84 QKD protocol with computationally secure authentication against an eventually unbounded adversary. By basing our model on traditional AKE models, we can more readily compare the relative merits of various forms of QKD and existing classical AKE protocols. This comparison illustrates in which types of adversarial environments different quantum and classical key agreement protocols can be secure.

Wei Li,Víctor Zapatero,Hao Tan,Kejin Wei,Hao Min,Wei-Yue Liu,Xiao Jiang,Sheng-Kai Liao,Cheng-Zhi Peng,Marcos Curty,Feihu Xu,Jian-Wei Pan

DOI: https://doi.org/10.1103/physrevapplied.15.034081

IF: 4.6

2021-03-29

Physical Review Applied

Abstract:The fabrication of quantum key distribution (QKD) systems typically involves several parties, thus providing Eve with multiple opportunities to meddle with the devices. As a consequence, conventional hardware and/or software hacking attacks pose natural threats to the security of practical QKD. Fortunately, if the number of corrupted devices is limited, the security can be restored by using redundant apparatuses. Here, we report on the demonstration of a secure QKD setup with optical devices and classical postprocessing units possibly controlled by an eavesdropper. We implement a 1.25 GHz chip-based measurement-device-independent QKD system secure against malicious devices on both the measurement and the users’ sides. The secret key rate reaches 137 bps over a 24 dB channel loss. Our setup, benefiting from a high clock rate, miniaturized transmitters, and a cost-effective structure, provides a promising solution for widespread applications requiring uncompromising communication security.

physics, applied

WANG Jin-dong,ZHANG Zhi-ming

DOI: https://doi.org/10.3969/j.issn.1007-5461.2014.04.009

2014-01-01

Abstract:Quantum key distribution(QKD) is one of the most active research fields in quantum information science and technology.It can provide a method to generate a shared secret key between two distant parties,and has unconditional security guaranteed by physics laws even if the eavesdropper Eve has unlimited computational power and storage capacity.The unconditional security with the practical devices is an important problem in QKD research.The perfect secrecy of the one-time pad(OTP) and a model combining the OTP and the QKD are first introduced.The development of the unconditional security of the QKD is summarized.The emphasis is put on the quantum attack schemes based on practical systems and the corresponding countmeasures.The recent advances of the measurement device independent QKD(MDIQKD) scheme are described in detail.

Jianzhou Mao,Guobin Xu,Eric Sakk,Shuangbao Paul Wang

DOI: https://doi.org/10.1109/csp58884.2023.00033

2023-01-01

Abstract:The current development of quantum computing threatens the security of conventional encryption algorithms such as RSA. In recent years, Quantum Key Distribution (QKD) has introduced to the world of information security a viable method that is anticipated to provide security protection against the threat of quantum computing. In this paper, we investigate the protocols of the QKD system. Next, we focus on an experimental study of quantum key distribution. A physical QKD system is leveraged to assist us in further investigating quantum key distribution processes. In our study, an eavesdropper was evaluated to analyze the impact on the QKD processes. In the experimental study results, the difference in key generation, exchange, and error rates between normal and attack scenarios can be observed.

Davide Li Calsi,Sumit Chaudhary,JinHyeock Choi,Marc Geitz,Janis Nötzel

2024-11-27

Abstract:Quantum Key Distribution (QKD) systems are infamously known for their high demand on hardware, their extremely low key generation rates and their lack of security resulting from a need for trusted nodes which is implied by the absence of quantum repeaters. While they theoretically offer unlimited security, they are therefore practically limited in several regards. In this work we focus on the lack of options to guarantee an end-to-end security service with the currently available technology and infrastructure and propose a novel protocol. We find that one of the stumbling stones on the path towards an end-to-end security service guaranteed by quantum key distribution may be removed by using this protocol. Our proposal combines several parallel instances of twinfield QKD followed by classical postprocessing and communication to allow Alice and Bob to share a secret key. This hybrid approach improves the key rate and range w.r.t. to previous QKD approaches at a contained cost in security. We show that a coalition of intermediary nodes between Alice and Bob is needed to break the new scheme, sharply outperforming the trusted node approach in terms of security. Furthermore, the protocols do not require complex quantum measurements on Alice and Bob's sides, thus being truly end-to-end.

Quantum Physics,Cryptography and Security

Feihu Xu,Xiongfeng Ma,Qiang Zhang,Hoi-Kwong Lo,Jian-Wei Pan

DOI: https://doi.org/10.1103/revmodphys.92.025002

IF: 50.485

2020-01-01

Reviews of Modern Physics

Abstract:In principle, quantum key distribution (QKD) offers information-theoretic security based on the laws of physics. In practice, however, the imperfections of realistic devices might introduce deviations from the idealized models used in security analyses. Can quantum code-breakers successfully hack real systems by exploiting the side channels? Can quantum code-makers design innovative counter-measures to foil quantum code-breakers? This article reviews theoretical and experimental progress in the practical security aspects of quantum code-making and quantum code-breaking. After numerous attempts, researchers now thoroughly understand and are able to manage the practical imperfections. Recent advances, such as the measurement-device-independent protocol, have closed the critical side channels in the physical implementations, paving the way for secure QKD with realistic devices.

Ryan D Engle,Logan O Mailloux,Michael R Grimaila,Douglas D Hodson,Colin V McLaughlin,Gerald Baumgartner

DOI: https://doi.org/10.1177/1548512917698053

2017-03-23

Abstract:Quantum Key Distribution (QKD) is an emerging cybersecurity technology that exploits the laws of quantum mechanics to generate unconditionally secure symmetric cryptographic keying material. The unique nature of QKD shows promise for high-security environments such as those found in banking, government, and the military. However, QKD systems often have implementation non-idealities that can negatively impact their performance and security. This article describes the development of a system-level model designed to study implementation non-idealities in commercially available decoy state enabled QKD systems. Specifically, this paper provides a detailed discussion of the decoy state protocol, its implementation, and its usage to detect sophisticated attacks, such as the photon number splitting attack. In addition, this work suggests an efficient and repeatable systems engineering methodology for understanding and studying communications protocols, architectures, operational configurations, and implementation tradeoffs in complex cyber systems.

Feng-Yu Lu,Ze-Hao Wang,Zhen-Qiang Yin,Shuang Wang,Rong Wang,Guan-Jie Fan-Yuan,Xiao-Juan Huang,De-Yong He,Wei Chen,Zheng Zhou,Guang-Can Guo,Zheng-Fu Han

DOI: https://doi.org/10.1364/optica.454228

IF: 10.4

2022-01-01

Optica

Abstract:Measurement-device-independent quantum key distribution (MDIQKD) is a revolutionary protocol since it is physically immune to all attacks on the detection side. However, the protocol still keeps the strict assumptions on the source side that specify that the four BB84 states must be perfectly prepared to ensure security. Some protocols release part of the assumptions in the encoding system to keep the practical security, but the performance would be dramatically reduced. In this work, we present a MDIQKD protocol that requires less knowledge of the encoding system to combat the troublesome modulation errors and fluctuations. We have also experimentally demonstrated the protocol. The result indicates a high performance and good security for practical applications. Its robustness and flexibility also exhibit a good value for complex scenarios such as the QKD networks.

Hua-Jian Ding,Jing-Yang Liu,Xing-Yu Zhou,Chun-Hui Zhang,Jian Li,and Qin Wang

DOI: https://doi.org/10.1103/physrevapplied.19.044022

IF: 4.6

2023-04-08

Physical Review Applied

Abstract:Measurement-device-independent quantum key distribution (MDI QKD) is a promising method for remote key sharing that can eliminate all detector side-channel attacks. However, current security proofs often overlook the potential information leakages from the legitimate users' devices. In a quantum version of Trojan-horse attack (THA), a malicious eavesdropper can inject bright light into the sources of a MDI QKD system and then analyze the back-reflected light to obtain their setting choices, thereby compromising the final security. Here, we derive the finite-key security bounds of decoy-state MDI QKD in the presence of THA, which significantly outperform previous analyses in terms of the secret-key rate and transmission distance. Specifically, we analyze a symmetric three-intensity decoy-state MDI QKD protocol and an efficient four-intensity decoy-state MDI QKD protocol. Our results represent a fundamental step in guaranteeing the implementation security of quantum communication systems. https://doi.org/10.1103/PhysRevApplied.19.044022 © 2023 American Physical Society

physics, applied

Xiang-Bin Wang

DOI: https://doi.org/10.1007/3-540-33133-6_8

2006-01-01

Abstract:Unlike from the existing classical protocols, a quantum key distribution (QKD) protocol can help two remote parties do secure private communication with proven security. We study various QKD protocols with special emphasis on security, feasibility and robustness. The security proof of the standard four-state protocol can be done based on the virtual entanglement purification by classical hashing. QKD can be done with unconditional security even when an imperfect source such as the coherent light from a traditional laser device is used. In particular, we show that one can do QKD effectively with a traditional laser device through the decoy-state method, i.e., changing the intensity of each pulse randomly among three values. One can improve the key rate and noise threshold if the channel noise is asymmetric. One can also do QKD more robustly with a two-qubit quantum code given that the channel noise is collective or independent.