Nitin Jain,Birgit Stiller,Imran Khan,Vadim Makarov,Christoph Marquardt,Gerd Leuchs

DOI: https://doi.org/10.1109/JSTQE.2014.2365585

2014-12-19

Abstract:An eavesdropper Eve may probe a quantum key distribution (QKD) system by sending a bright pulse from the quantum channel into the system and analyzing the back-reflected pulses. Such Trojan-horse attacks can breach the security of the QKD system if appropriate safeguards are not installed or if they can be fooled by Eve. We present a risk analysis of such attacks based on extensive spectral measurements, such as transmittance, reflectivity, and detection sensitivity of some critical components used in typical QKD systems. Our results indicate the existence of wavelength regimes where the attacker gains considerable advantage as compared to launching an attack at 1550 nm. We also propose countermeasures to reduce the risk of such attacks.

Quantum Physics

Jiaxin Xu,Xiao Ma,Jingyang Liu,Chunhui Zhang,Hongwei Li,Xingyu Zhou,Qin Wang

DOI: https://doi.org/10.1007/s11432-023-3988-x

2024-09-15

Science China Information Sciences

Abstract:The realistic security of quantum key distribution (QKD) systems is currently a hot research topic in the field of quantum communications. There are always defects in practical devices, and eavesdroppers can make use of the security risk points of various devices to obtain key information. To date, current types of security analysis tend to analyze each security risk point individually, thereby posing great challenges for the overall security evaluation of QKD systems. In this paper, for the first time, we employ machine learning algorithms to identify the defects of different devices and certain attacks in real time, with an accuracy of 98%. It provides a novel solution for the practical security evaluation of QKD systems, thereby addressing the bottleneck problem of multiple risk points being difficult to address simultaneously in QKD systems, thus paving the way for the future large-scale application of quantum communication networks.

computer science, information systems,engineering, electrical & electronic

Jiawei Li,Ying Guo,Xudong Wang,Cailang Xie,Ling Zhang,Duan Huang

DOI: https://doi.org/10.1117/1.oe.57.6.066109

IF: 2.536

2021-01-01

Photonics

Abstract:Quantum key distribution (QKD) offers information-theoretical security, while real systems are thought not to promise practical security effectively. In the practical continuous-variable (CV) QKD system, the deviations between realistic devices and idealized models might introduce vulnerabilities for eavesdroppers and stressors for two parties. However, the common quantum hacking strategies and countermeasures inevitably increase the complexity of practical CV systems. Machine-learning techniques are utilized to explore how to perceive practical imperfections. Here, we review recent works on secure CVQKD systems with machine learning, where the methods for detections and attacks were studied.

Yiyu Mao,Wenti Huang,Hai Zhong,Yijun Wang,Hao Qin,Ying Guo,Duan Huang

DOI: https://doi.org/10.1088/1367-2630/aba8d4

2020-01-01

New Journal of Physics

Abstract:The practical security of a continuous-variable quantum key distribution (CVQKD) system is compromised by various attack strategies. The existing countermeasures against these attacks are to exploit different real-time monitoring modules to prevent different types of attacks, which significantly depend on the accuracy of the estimated excess noise and lack a universal defense method. In this paper, we propose a defense strategy for CVQKD systems to address these disadvantages and resist most of the known attack types. We investigate several features of the pulses that would be affected by different types of attacks, derive a feature vector based on these features as the input of an artificial neural network (ANN) model, and show the training and testing process of the ANN model for attack detection and classification. Simulation results show that the proposed scheme can effectively detect most of the known attacks at the cost of reducing a small part of secret keys and transmission distance. It establishes a universal attack detection model by simply monitoring several features of the pulses without knowing the exact type of attack in advance.

Chao Ding,Shi Wang,Yaonan Wang,Zijie Wu,Jingtao Sun,Yiyu Mao

DOI: https://doi.org/10.1103/physreva.107.062422

2023-01-01

Abstract:Continuous-variable quantum key distribution (CVQKD) is a mature technology that can theoretically provide an unconditional security guarantee. However, a practical CVQKD system may be vulnerable to various quantum hacking attacks due to imperfect devices and insufficient assumptions. In this paper, we propose a universal defense strategy called a machine-learning-based attack detection scheme (MADS). Leveraging the combined advantages of density-based spatial clustering of applications with noise (DBSCAN) and multiclass support vector machines (MCSVMs), MADS demonstrates remarkable effectiveness in detecting quantum hacking attacks. Specifically, we first establish a set of attack-related features to extract feature vectors. These vectors are then utilized as input data for DBSCAN to identify and remove any noise or outliers. Finally, the trained MCSVMs are employed to classify and predict the processed data. The predicted results can immediately determine whether or not to generate a final secret key. Simulation results show that the proposed MADS can efficiently detect most quantum hacking attacks and revise the overestimated secret key rates caused by a CVQKD system without any defense strategy to obtain a tighter security bound.

Zijian Li,Bingbing Zheng,Chengxian Zhang,Zhenrong Zhang,Hong-Bo Xie,Kejin Wei

2023-12-24

Abstract:In a quantum Trojan-horse attack (THA), eavesdroppers learn encoded information by injecting bright light into encoded or decoded devices of quantum key distribution (QKD) systems. These attacks severely compromise the security of non-isolated systems. Thus, analytical security bound was derived in previous studies. However, these studies achieved poor performance unless the devices were strongly isolated. Here, we present a numerical method for achieving improved security bound for a decoy-state QKD system under THAs. The developed method takes advantage of the well-established numerical framework and significantly outperforms previous analytical bounds regarding the achievable final key and secure transmitted distance. The results provide a new tool for investigating the efficient security bounds of THA in practical decoy-state QKD systems. This study constitutes an important step toward securing QKD with real-life components.

Quantum Physics

Haisen Luo,Ling Zhang,Hao Qin,Shihai Sun,Peng Huang,Yijun Wang,Zijie Wu,Ying Guo,Duan Huang

DOI: https://doi.org/10.1103/physreva.105.042411

2022-01-01

Abstract:Removing quantum hacking attacks is a highly challenging task for quantum key distribution (QKD) since one needs to correctly detect the types of attacks. There is a big gap between the idealized theoretical model and the practical physical system, which results in various hacking strategies exploited from security loopholes. To bridge this gap, previous continuous-variable (CV) QKD systems adopted a universal statistical model to represent different dimensional characters of the physical layer. The challenge is to discriminate different attacks from the exposed key physical details. Here we present a semisupervised deep-learning method to detect the known attacks or potential threats that are hard to be captured in previous CVQKD systems. The proof-of-principle experiment result shows that it could break the present limitations that different attacks are relatively independent, and key features computed from previous threshold-based methods are not correlated with each other. We anticipate that our proposal will give insight into how quantum hacking attacks can be detected under the real system modeling constraints, and will enable the present quantum communication systems to reach a higher level of practical security without adding new assumptions.

Álvaro Navarrete,Marcos Curty

DOI: https://doi.org/10.1088/2058-9565/ac74dc

IF: 6.568

2022-06-01

Quantum Science and Technology

Abstract:Most security proofs of quantum key distribution (QKD) disregard the effect of information leakage from the users' devices, and, thus, do not protect against Trojan-horse attacks (THAs). In a THA, the eavesdropper injects strong light into the QKD apparatuses, and then analyzes the back-reflected light to learn information about their internal setting choices. Only a few recent works consider this security threat, but predict a rather poor performance of QKD unless the devices are strongly isolated from the channel. Here, we derive finite-key security bounds for decoy-state-based QKD schemes in the presence of THAs, which significantly outperform previous analyses. Our results constitute an important step forward to closing the existing gap between theory and practice in QKD.

physics, multidisciplinary,quantum science & technology

M. Lucamarini,I. Choi,M. B. Ward,J. F. Dynes,Z. L. Yuan,A. J. Shields,M. B. Ward,J. F. Dynes,Z. L. Yuan,A. J. Shields

DOI: https://doi.org/10.1103/physrevx.5.031030

2015-09-09

Physical Review X

Abstract:In the quantum version of a Trojan-horse attack, photons are injected into the optical modules of a quantum key distribution system in an attempt to read information direct from the encoding devices. To stop the Trojan photons, the use of passive optical components has been suggested. However, to date, there is no quantitative bound that specifies such components in relation to the security of the system. Here, we turn the Trojan-horse attack into an information leakage problem. This allows us to quantify the system security and relate it to the specification of the optical elements. The analysis is supported by the experimental characterization, within the operation regime, of reflectivity and transmission of the optical components most relevant to security.

physics, multidisciplinary

Ivan S. Sushchev,Daniil S. Bulavkin,Kirill E. Bugai,Anna S. Sidelnikova,Dmitriy A. Dvoretskiy

DOI: https://doi.org/10.1103/physrevapplied.22.034032

IF: 4.6

2024-09-14

Physical Review Applied

Abstract:This paper presents a theoretical and experimental demonstration of a security analysis of a Trojan-horse attack (THA) on a real-world quantum key distribution (QKD) system. We show that the upper bound on the information leakage depends solely on the fidelity between the states of the adversary. We find the lower bound for fidelity between THA states in both the polarization- and phase-coding BB84 protocols, considering both pure and mixed states. Our bounds depend only on the mean photon number per pulse available to an adversary. We also present an experimental analysis of a QKD system, including optical time-domain reflectometry measurements with centimeter resolution and spectral transmittance measurements for optical defense elements ranging from 1100 to 1800 nm with a noise floor lower than −100 dB. Finally, by considering the optimal attack, we obtain the value of the mean photon number per pulse available to an adversary and calculate the key leakage that needs to be eliminated during the privacy amplification procedure. https://doi.org/10.1103/PhysRevApplied.22.034032 Published by the American Physical Society under the terms of the Creative Commons Attribution 4.0 International license. Further distribution of this work must maintain attribution to the author(s) and the published article's title, journal citation, and DOI. Published by the American Physical Society

physics, applied

P. Gonzalez,L. Rebon,T. Ferreira da Silva,M. Figueroa,C. Saavedra,M. Curty,G. Lima,G. B. Xavier,W. A. T. Nogueira

DOI: https://doi.org/10.1103/PhysRevA.92.022337

2015-08-19

Abstract:Side-channel attacks currently constitute the main challenge for quantum key distribution (QKD) to bridge theory with practice. So far two main approaches have been introduced to address this problem, (full) device-independent QKD and measurement-device-independent QKD. Here we present a third solution that might exceed the performance and practicality of the previous two in circumventing detector side-channel attacks, which arguably is the most hazardous part of QKD implementations. Our proposal has, however, one main requirement: the legitimate users of the system need to ensure that their labs do not leak any unwanted information to the outside. The security in the low-loss regime is guaranteed, while in the high-loss regime we already prove its robustness against some eavesdropping strategies.

Quantum Physics

Yi Luo,Qiong Li,Hao-Kun Mao

2024-02-01

Abstract:Quantum key distribution (QKD) networks are expected to enable information-theoretical secure (ITS) communication over a large-scale network. Most researches on relay-based QKD network assume that all relays or nodes are completely trustworthy. However, the malicious behavior of any single node can undermine security of QKD networks. Current research on QKD networks primarily addresses passive attacks conducted by malicious nodes such as eavesdropping. We suggest a novel paradigm, inspired by distributed systems, to address the active attack by collaborate malicious nodes in QKD networks. Firstly, regarding security, we introduce the ITS distributed authentication scheme, which additionally offers two crucial security properties to QKD networks: identity unforgeability and non-repudiation. Secondly, concerning correctness, our ITS fault-tolerant consensus method, ensures ITS and global consistency with fixed classical broadcast rounds, contrasting with the exponentially message-intensive Byzantine agreement method. Through our simulation, we have shown that our scheme exhibits a significantly lower growth trend in authentication key consumption compared to the original end-to-end pre-shared keys scheme.

Quantum Physics

Hua-Jian Ding,Jing-Yang Liu,Xing-Yu Zhou,Chun-Hui Zhang,Jian Li,and Qin Wang

DOI: https://doi.org/10.1103/physrevapplied.19.044022

IF: 4.6

2023-04-08

Physical Review Applied

Abstract:Measurement-device-independent quantum key distribution (MDI QKD) is a promising method for remote key sharing that can eliminate all detector side-channel attacks. However, current security proofs often overlook the potential information leakages from the legitimate users' devices. In a quantum version of Trojan-horse attack (THA), a malicious eavesdropper can inject bright light into the sources of a MDI QKD system and then analyze the back-reflected light to obtain their setting choices, thereby compromising the final security. Here, we derive the finite-key security bounds of decoy-state MDI QKD in the presence of THA, which significantly outperform previous analyses in terms of the secret-key rate and transmission distance. Specifically, we analyze a symmetric three-intensity decoy-state MDI QKD protocol and an efficient four-intensity decoy-state MDI QKD protocol. Our results represent a fundamental step in guaranteeing the implementation security of quantum communication systems. https://doi.org/10.1103/PhysRevApplied.19.044022 © 2023 American Physical Society

physics, applied

Subrata Das,Swaroop Ghosh

2023-06-29

Abstract:Quantum computing holds tremendous potential for various applications, but its security remains a crucial concern. Quantum circuits need high-quality compilers to optimize the depth and gate count to boost the success probability on current noisy quantum computers. There is a rise of efficient but unreliable/untrusted compilers; however, they present a risk of tampering such as Trojan insertion. We propose TrojanNet, a novel approach to enhance the security of quantum circuits by detecting and classifying Trojan-inserted circuits. In particular, we focus on the Quantum Approximate Optimization Algorithm (QAOA) circuit that is popular in solving a wide range of optimization problems. We investigate the impact of Trojan insertion on QAOA circuits and develop a Convolutional Neural Network (CNN) model, referred to as TrojanNet, to identify their presence accurately. Using the Qiskit framework, we generate 12 diverse datasets by introducing variations in Trojan gate types, the number of gates, insertion locations, and compiler backends. These datasets consist of both original Trojan-free QAOA circuits and their corresponding Trojan-inserted counterparts. The generated datasets are then utilized for training and evaluating the TrojanNet model. Experimental results showcase an average accuracy of 98.80% and an average F1-score of 98.53% in effectively detecting and classifying Trojan-inserted QAOA circuits. Finally, we conduct a performance comparison between TrojanNet and existing machine learning-based Trojan detection methods specifically designed for conventional netlists.

Quantum Physics,Cryptography and Security

Marcos Curty,Hoi-Kwong Lo

DOI: https://doi.org/10.1038/s41534-019-0131-5

IF: 10.758

2019-02-06

npj Quantum Information

Abstract:The existing paradigm for the security of quantum key distribution (QKD) suffers from two fundamental weaknesses. First, covert channels have emerged as an important threat and have attracted a lot of attention in security research in conventional information and communication systems. Covert channels (e.g. memory attacks) can fatally break the security of even device-independent quantum key distribution (DI-QKD), whenever QKD devices are re-used. Second, it is often implicitly assumed that the classical post-processing units of a QKD system are trusted. This is a rather strong assumption and is very hard to justify in practice. Here, we propose a new paradigm for the security of QKD that addresses these two fundamental problems. Specifically, we show that by using verifiable secret sharing and multiple optical devices and classical post-processing units, one could re-establish the security of QKD. Our techniques are rather general and they apply to both DI-QKD and non-DI-QKD.

physics, condensed matter, applied, atomic, molecular & chemical,quantum science & technology

Yi Zheng,Haobin Shi,Wei Pan,Quantao Wang,Jiahui Mao

DOI: https://doi.org/10.3390/e23020176

IF: 2.738

2021-01-01

Entropy

Abstract:In quantum key distribution (QKD), there are some security loopholes opened by the gaps between the theoretical model and the practical system, and they may be exploited by eavesdroppers (Eve) to obtain secret key information without being detected. This is an effective quantum hacking strategy that seriously threatens the security of practical QKD systems. In this paper, we propose a new quantum hacking attack on an integrated silicon photonic continuous-variable quantum key distribution (CVQKD) system, which is known as a power analysis attack. This attack can be implemented by analyzing the power originating from the integrated electrical control circuit in state preparation with the help of machine learning, where the state preparation is assumed to be perfect in initial security proofs. Specifically, we describe a possible power model and show a complete attack based on a support vector regression (SVR) algorithm. The simulation results show that the secret key information decreases with the increase of the accuracy of the attack, especially in a situation with less excess noise. In particular, Eve does not have to intrude into the transmitter chip (Alice), and may perform a similar attack in practical chip-based discrete-variable quantum key distribution (DVQKD) systems. To resist this attack, the electrical control circuit should be improved to randomize the corresponding power. In addition, the power can be reduced by utilizing the dynamic voltage and frequency scaling (DVFS) technology.

Qin Liao,Zheng Wang,Haijie Liu,Yiyu Mao,Xiquan Fu

DOI: https://doi.org/10.1103/physreva.106.022607

IF: 2.971

2022-01-01

Physical Review A

Abstract:Continuous-variable quantum key distribution (CVQKD) has been proven to be secure theoretically. However, the practical CVQKD system may still be subject to various quantum attacks due to the imperfections of devices. In this paper, we suggest a general machine learning-based defense strategy against practical quantum attacks by taking advantage of density-based spatial clustering of applications with noise (DBSCAN), which we called DBSCAN-based attack detection scheme (DADS). Specifically, we first construct a set of features that can well reflect the behaviors of different attacks, then DBSCAN is applied to obtain several clusters. This clustering result can explicitly indicate whether the CVQKD system is being eavesdropped or not. Simulation experiments show that the proposed DADS cannot only detect most of known attacks, but also has ability to identify various unknown attacks, thereby improving practical security of the CVQKD system. We also show that the overestimated secret key rate caused by ignoring practical quantum attacks can be amended by DADS so that a reasonable tighter secure bound of the practical CVQKD system can be obtained.

Sebastian P. Kish,Chandra Thapa,Mikhael Sayat,Hajime Suzuki,Josef Pieprzyk,Seyit Camtepe

2024-06-12

Abstract:Despite significant advancements in continuous-variable quantum key distribution (CV-QKD), practical CV-QKD systems can be compromised by various attacks. Consequently, identifying new attack vectors and countermeasures for CV-QKD implementations is important for the continued robustness of CV-QKD. In particular, as CV-QKD relies on a public quantum channel, vulnerability to communication disruption persists from potential adversaries employing Denial-of-Service (DoS) attacks. Inspired by DoS attacks, this paper introduces a novel threat in CV-QKD called the Channel Amplification (CA) attack, wherein Eve manipulates the communication channel through amplification. We specifically model this attack in a CV-QKD optical fiber setup. To counter this threat, we propose a detection and mitigation strategy. Detection involves a machine learning (ML) model based on a decision tree classifier, classifying various channel tampering attacks, including CA and DoS attacks. For mitigation, Bob, post-selects quadrature data by classifying the attack type and frequency. Our ML model exhibits high accuracy in distinguishing and categorizing these attacks. The CA attack's impact on the secret key rate (SKR) is explored concerning Eve's location and the relative intensity noise of the local oscillator (LO). The proposed mitigation strategy improves the attacked SKR for CA attacks and, in some cases, for hybrid CA-DoS attacks. Our study marks a novel application of both ML classification and post-selection in this context. These findings are important for enhancing the robustness of CV-QKD systems against emerging threats on the channel.

Quantum Physics

Théo Lejeune,François Damanet

2024-10-05

Abstract:The most important characteristic of a Quantum Key Distribution (QKD) protocol is its security against third-party attacks, and the potential countermeasures available. While new types of attacks are regularly developed in the literature, they rarely involve the use of weak continuous measurement. Here, we design a new attack scheme called $\textit{Deep-learning-based continuous attack}$ (DLCA) that exploits continuous measurement together with the powerful pattern recognition capacities of deep recurrent neural networks. We show that, when applied to the BB84 protocol, our attack can be difficult to notice while still allowing the spy to extract significant information about the states of the qubits sent in the quantum communication channel. Finally, we study how the spy can exploit quantum feedback to further cover their tracks. Our attack scheme, while still at the early stages of a toy model, constitutes a potential threat which is worthwhile to be investigated, also as it could be applied to different QKD protocols and generalized in many different ways.

Quantum Physics