Stefan Rass,Miralem Mehic,Miroslav Voznak,Sandra König

DOI: https://doi.org/10.1109/access.2024.3490378

IF: 3.9

2024-11-09

IEEE Access

Abstract:We study the significance of the common trusted relay assumption in quantum networks. While most practical implementations of quantum networks rely on trusted devices, the question of security without this assumption has been rarely addressed. Device independent security attempts to minimize the assumptions made on the quantum hardware, entanglement based methods try to avoid relays to the extent possible, and multipath transmission improves robustness and security by enforcing the attacker to conquer more than just a single intermediate node. Common to all these past studies is their focus on the physical layer and direct connections. We describe an attack from the networking and routing layer. Assuming at least one node that is not perfectly tamper-proof, meaning that an attacker has established a foothold to read traffic from the inside, we show how to exploit the eavesdropping detection mechanisms of the quantum key distribution (QKD) devices to cause traffic redirection over the vulnerable node, thus defeating security under the trusted node assumption. We experimentally demonstrate how the attack works on networks of different size and topology, and thereby further substantiate the significance of the trust assumptions for end-to-end security of QKD networks.

computer science, information systems,telecommunications,engineering, electrical & electronic

Peng-Yong Kong

DOI: https://doi.org/10.1109/jiot.2024.3349476

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Cyber-physical systems rely heavily on communication networks for remote monitoring and control. It is crucial to protect the communication networks from cyberattacks because an attack on the physical subsystem can be indirectly launched from a compromised cyber subsystem. Since remote control devices have limited computational power, we ensure communication confidentiality and integrity using one-time-pad (OTP) symmetric cryptography, which despite simple is unconditionally secure. To provide OTP with secret keys, we use quantum key distribution (QKD) across multiple hops, where each intermediate relay is a trusted node. These nodes can be weak points in cyberattacks. Hence, this paper focuses on routing in multi-hop QKD networks that reduces the required number of trusted nodes. We formulate and solve an optimization problem to find the set of QKD routes that minimizes the number of activated trusted nodes while satisfying the secret key rate requirements of multiple communicating pairs. Extensive evaluation results confirm that the proposed scheme can indeed has fewer activated trusted nodes as compared to a benchmark scheme that finds only the shortest paths for communicating pairs.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yi Luo,Qiong Li,Haokun Mao,Nan Chen

DOI: https://doi.org/10.48550/arxiv.2302.07688

2023-01-01

Abstract:Quantum key distribution (QKD) networks are expected to enable information-theoretical secure (ITS) communication over a large-scale network. Most researches on relay-based QKD network assume that all relays or nodes are completely trustworthy. However, the malicious behavior of any single node can undermine security of QKD networks. Current research on Quantum Key Distribution (QKD) networks primarily addresses passive attacks, such as eavesdropping, conducted by malicious nodes. Although there are proposed solutions like majority voting and secret sharing for point-to-point QKD systems to counter active attacks, these strategies are not directly transferable to QKD network research due to different security requirements. We propose the a new paradigm for the security requirements of QKD networks and addresses the active attack by collaborate malicious nodes. Firstly, regarding security, we introduce the ITS distributed authentication scheme, which additionally offers two crucial security properties to QKD networks: identity unforgeability and non-repudiation. Secondly, concerning correctness, we propose an ITS fault-tolerant consensus scheme based on our ITS distributed authentication to ensure global consistency, enabling participating nodes to collaborate correctly in a more practical manner. Through our simulation, we have shown that our scheme exhibits a significantly lower growth trend in key consumption compared to the original pre-shared keys scheme. For instance, in larger networks such as when the nodes number is 80, our scheme's key consumption is only 13.1\% of the pre-shared keys scheme.

Adrian Harkness,Walter O. Krawec,Bing Wang

2024-06-24

Abstract:Quantum Key Distribution allows two parties to establish a secret key that is secure against computationally unbounded adversaries. To extend the distance between parties, quantum networks, and in particular repeater chains, are vital. Typically, security in such scenarios assumes the absolute worst case: namely, an adversary has complete control over all repeaters and fiber links in a network and is able to replace them with perfect devices, thus allowing her to hide her attack within the expected natural noise. In a large-scale network, however, such a powerful attack may be infeasible. In this paper, we analyze the case where the adversary can only corrupt a contiguous subset of a repeater chain connecting Alice and Bob, while some portion of the network near Alice and Bob may be considered safe from attack (though still noisy). We derive a rigorous finite key proof of security assuming this attack model and show that improved performance and noise tolerances are possible.

Quantum Physics

Adrian Harkness,Walter O. Krawec,Bing Wang

DOI: https://doi.org/10.1088/2058-9565/ad7882

IF: 6.568

2024-09-10

Quantum Science and Technology

Abstract:Quantum Key Distribution allows two parties to establish a secret key that is secure against computationally unbounded adversaries. To extend the distance between parties, quantum networks are vital. Typically, security in such scenarios assumes the absolute worst case: namely, an adversary has complete control over all repeaters and fiber links in a network and is able to replace them with perfect devices, thus allowing her to hide her attack within the expected natural noise. In a large-scale network, however, such a powerful attack may be infeasible. In this paper, we analyze the case where the adversary can only corrupt a subset of the repeater network connecting Alice and Bob, while some portion of the network near Alice and Bob may be considered safe from attack (though still noisy). We derive a rigorous finite key proof of security assuming this attack model, and show that improved performance and noise tolerances are possible. Our proof methods may be useful to other researchers investigating partially corrupted quantum networks, and our main result may be beneficial to future network operators.

physics, multidisciplinary,quantum science & technology

Hao Wen,ZhengFu Han,YiBo Zhao,GuangCan Guo,PeiLin Hong

DOI: https://doi.org/10.1007/s11432-009-0001-4

2009-01-01

Abstract:Quantum key distribution (QKD) technology provides proven unconditional point-to-point security based on fundamental quantum physics. A QKD network also holds promise for secure multi-user communications over long distances at high-speed transmission rates. Although many schemes have been proposed so far, the trusted relay QKD network is still the most practical and flexible scenario. In reality, the insecurity of certain relay sections cannot be ignored, so to solve the fatal security problems of partially-trusted relay networks we suggest a multiple stochastic paths scheme. Its features are: (i) a safe probability model that may be more practical for real applications; (ii) a multi-path scheme with an upper bound for the overall safe probability; (iii) an adaptive stochastic routing algorithm to generate sufficient different paths and hidden routes. Simulation results for a typical partially-trusted relay QKD network show that this generalized scheme is effective.

Yi Luo,Qiong Li,Hao-Kun Mao

2024-02-01

Abstract:Quantum key distribution (QKD) networks are expected to enable information-theoretical secure (ITS) communication over a large-scale network. Most researches on relay-based QKD network assume that all relays or nodes are completely trustworthy. However, the malicious behavior of any single node can undermine security of QKD networks. Current research on QKD networks primarily addresses passive attacks conducted by malicious nodes such as eavesdropping. We suggest a novel paradigm, inspired by distributed systems, to address the active attack by collaborate malicious nodes in QKD networks. Firstly, regarding security, we introduce the ITS distributed authentication scheme, which additionally offers two crucial security properties to QKD networks: identity unforgeability and non-repudiation. Secondly, concerning correctness, our ITS fault-tolerant consensus method, ensures ITS and global consistency with fixed classical broadcast rounds, contrasting with the exponentially message-intensive Byzantine agreement method. Through our simulation, we have shown that our scheme exhibits a significantly lower growth trend in authentication key consumption compared to the original end-to-end pre-shared keys scheme.

Quantum Physics

Mingjun Wang,Jian Li,Kaiping Xue,Ruidong Li,Nenghai Yu,Yangyang Li,Yifeng Liu,Qibin Sun,Jun Lu

DOI: https://doi.org/10.1109/mcom.010.2200672

IF: 9.03

2023-01-01

IEEE Communications Magazine

Abstract:As a promising application of quantum information technology, Quantum Key Distribution (QKD) can provide information-theoretically secure key exchange for adjacent communication parties. To achieve long-distance secure communication and scale expansion against inherent channel loss, trusted relays, which are assumed to be absolutely secure, are introduced into QKD networks. However, in practice, trusted relays may be compromised by attacks from ubiquitous eavesdroppers even protected by powerful hardware. Thus, how to ensure the security of end-to-end key distribution in partially-trusted relay QKD networks with the coexistence of trusted relays and untrusted relays becomes a challenging but urgent problem to be solved. To address this critical problem, in this article, we design a segment-based multipath key distribution method. The basic idea of the method is to maximize the security of the end-to-end key distribution through the segment-based multipath key distribution. Under the premise of security level requirements, we further propose a flexible key reconstruction scheme to improve the efficiency of key distribution and obtain available secret keys as many as possible. The extensive simulations are conducted and the results reveal that our method significantly outperforms the traditional multipath QKD method in terms of both security and efficiency.

Luyu Huang,Ziyang Chen,Xiangyu Wang,Song Yu

DOI: https://doi.org/10.1117/12.3006343

2023-01-01

Abstract:An quantum access network, connecting multiple end users and a backbone network in a scalable and cost-effective way with tree or star structures, is suitable to combine with continuous-variable quantum key distribution for network security. Under the realistic condition, in a passive optical network in optical distribution network achieved by a practical passive beam splitter, it is hard to divide the signal into 1/n parts evenly. To well quantify the impact of the imperfection, we modify the formula for secret key rate calculation with the imperfection effect and conduct numerical simulations. The results indicate that if the communication parties neglect this imperfection, Eve can attack the entire network and attain information without the parties’ awareness.

Bing Qi,Chi-Hang Fred Fung,Hoi-Kwong Lo,Xiongfeng Ma

DOI: https://doi.org/10.26421/qic7.1-2-3

2007-01-01

Abstract:Recently, a new type of attack, which exploits the efficiency mismatch of two single photon detectors (SPD) in a quantum key distribution (QKD) system, has been proposed. In this paper, we propose another "time-shift" attack that exploits the same imperfection. In our attack, Eve shifts the arrival time of either the signal pulse or the synchronization pulse or both between Alice and Bob. In particular, in a QKD system where Bob employs time-multiplexing technique to detect both bit "0" and bit "1" with the same SPD, Eve, in some circumstances, could acquire full information on the final key without introducing any error. In addition, we prove that if Alice and Bob are unaware of our attack, the final key they share is insecure. We emphasize that our attack is simple and feasible with current technology. Finally, we discuss some counter measures against our and earlier attacks.

Liu Xingtong,Wang Jian,Li Ruilin,Zhang Chen

DOI: https://doi.org/10.1049/cje.2018.01.013

IF: 1.019

2018-01-01

Chinese Journal of Electronics

Abstract:Quantum key distribution（QKD） technology provides proved unconditional security in pointto-point key transmissions based on quantum mechanics. However, several limitations, most prominently range,make it complex to construct large QKD network. The trusted relay QKD network is the most practical scene,and stochastic routing scheme was proposed to solve the fatal problem that some relay nodes may be controlled by adversary. But most results in stochastic routing scheme hinge on an adversary model without consideration of attacker’s prior-knowledge and attack strategy. To reveal the security problem, we propose a new adversary model and apply it in grid-shaped partially-trusted relay QKD network. Then we analyze the best attack strategy and the impact on security under various situations respectively.Analysis and simulation results show that in some cases the security of stochastic routing scheme will be compromised, and a generalized upper bound for the overall safe probability is obtained. We also discuss how to alleviate the security problem, making the network more robust to attacks.

Bing Qi,Chi-Hang Fred Fung,Yi Zhao,Xiongfeng Ma,Kiyoshi Tamaki,Christine Chen,Hol-Kwong Lo

DOI: https://doi.org/10.1103/physreva.75.032314

2007-01-01

Abstract:Quantum key distribution (QKD) can, in principle, provide unconditional security based on the fundamental laws of physics. Unfortunately, a practical QKD system may contain overlooked imperfections and violate some of the assumptions in a security proof. Here, we report two types of eavesdropping attacks against a practical QKD system. The first one is "time-shift" attack, which is applicable to QKD systems with gated single photon detectors (SPDs). In this attack, the eavesdropper, Eve, exploits the time mismatch between the open windows of the two SPDs. She can acquire a significant amount of information on the final key by simply shifting the quantum signals forwards or backwards in time domain. Our experimental results in [9] with a commercial QKD system demonstrate that, under this attack, the original QKD system is breakable. This is the first experimental demonstration of a feasible attack against a commercial QKD system. This is a surprising result. The second one is "phase-remapping" attack [10]. Here, Eve exploits the fact that a practical phase modulator has a finite response time. In principle, Eve could change the encoded phase value by time-shifting the signal pulse relative to the reference pulse.

Yuan Cao,Xiaosong Yu,Yongli Zhao,Chunhui Zhang,Xingyu Zhou,Jie Zhang,Qin Wang

DOI: https://doi.org/10.1088/1674-1056/ad9018

2024-11-10

Chinese Physics B

Abstract:As the first stage of the quantum Internet, quantum key distribution (QKD) networks hold the promise of providing long-term security for diverse users. Most existing QKD networks have been constructed based on independent QKD protocols, and they commonly rely on the deployment of single-protocol trusted relay chains for long reach. Driven by the evolution of QKD protocols, large-scale QKD networking is expected to migrate from a single-protocol to a multi-protocol paradigm, during which some useful evolutionary elements for the later stages of the quantum Internet may be incorporated. In this work, we delve into a pivotal technique for large-scale QKD networking, namely multi-protocol relay chaining. A multi-protocol relay chain is established by connecting a set of trusted/untrusted relays relying on multiple QKD protocols between a pair of QKD nodes. The structures of diverse multi-protocol relay chains are described, based on which the associated model is formulated and the policies are defined for the deployment of multi-protocol relay chains. Furthermore, we propose three multi-protocol relay chaining heuristics. Numerical simulations indicate that the designed heuristics can effectively reduce the number of trusted relays deployed and enhance the average security level versus the commonly used single-protocol trusted relay chaining methods on backbone network topologies.

physics, multidisciplinary

Nitin Jain,Birgit Stiller,Imran Khan,Vadim Makarov,Christoph Marquardt,Gerd Leuchs

DOI: https://doi.org/10.1109/JSTQE.2014.2365585

2014-12-19

Abstract:An eavesdropper Eve may probe a quantum key distribution (QKD) system by sending a bright pulse from the quantum channel into the system and analyzing the back-reflected pulses. Such Trojan-horse attacks can breach the security of the QKD system if appropriate safeguards are not installed or if they can be fooled by Eve. We present a risk analysis of such attacks based on extensive spectral measurements, such as transmittance, reflectivity, and detection sensitivity of some critical components used in typical QKD systems. Our results indicate the existence of wavelength regimes where the attacker gains considerable advantage as compared to launching an attack at 1550 nm. We also propose countermeasures to reduce the risk of such attacks.

Quantum Physics

Qingquan Peng,Jiu-Peng Chen,Tianyi Xing,Dongyang Wang,Yizhi Wang,Yang Liu,Anqi Huang

2024-08-18

Abstract:The twin-field class quantum key distribution (TF-class QKD) has experimentally demonstrated the ability to surpass the fundamental rate-distance limit without requiring a quantum repeater, as a revolutional milestone. In TF-class QKD implementation, an optical phase-locked loop (OPLL) structure is commonly employed to generate a reference light with correlated phase, ensuring coherence of optical fields between Alice and Bob. In this configuration, the reference light, typically located in the untrusted station Charlie, solely provides wavelength reference for OPLL and does not participate in quantum-state encoding. However, the reference light may open a door for Eve to enter the source stations that are supposed to be well protected. Here, by identifying vulnerabilities in the OPLL scheme, we propose and demonstrate a wavelength-switching attack on a TF-class QKD system. This attack involves Eve deliberately manipulating the wavelength of the reference light to increase mean photon number of prepared quantum states, while maintaining stable interference between Alice and Bob as required by TF-class QKD protocols. The maximum observed increase in mean photon number is 8.7%, which has been theoretically proven to compromise the security of a TF-class QKD system. Moreover, we have shown that with well calibration of the modulators, the attack can be eliminated. Through this study, we highlight the importance of system calibration in the practical security in TF-class QKD implementation.

Quantum Physics,Optics

Wang Xiang-bin,Bunkyo Hongo

2001-01-01

Abstract:We consider a strategic problem of the Evesdropping to quantum key distribution. Evesdropper hopes to obtain the maxium information given the disturbance to the qubits is often For this strategy, the optimized individual attack have been extensively constructed under various conditions. However, it seems a difficult task in the case of coherent attack, i.e., Eve may treat a number of intercepted qubits collectively, including the collective unitary transformations and the measurements. It was conjectured by Cirac and Gisin that no coherent attack can be more powerful for this strategy for BB84 protocol. In this paper we give a general conclusion on the role of coherent attacks for the strategy of maxmizing the information given the disturbance. Suppose in a quantum key distribution(QKD) protocol, all the transmitted bits from Alice are independent and only the individual disturbances to each qubits are examined by Alice and Bob. For this type of protocols(so far almost all QKD protocols belong to this type), in principle no coherent attack is more powerful than the product of optimized individual attack to each individual qubits. All coherent attacks to the above QKD protocols can be disregarded for the strategy above.

H. Bechmann-Pasquinucci,A. Pasquinucci

DOI: https://doi.org/10.48550/arXiv.quant-ph/0505089

2005-05-12

Quantum Physics

Abstract:A trusted quantum relay is introduced to enable quantum key distribution links to form the basic legs in a quantum key distribution network. The idea is based on the well-known intercept/resend eavesdropping. The same scheme can be used to make quantum key distribution between several parties. No entanglement is required.

Yundi Huang,Tao Shen,Xiangyu Wang,Ziyang Chen,Bingjie Xu,Song Yu,Hong Guo

DOI: https://doi.org/10.1103/physrevapplied.16.064051

IF: 4.6

2021-12-21

Physical Review Applied

Abstract:Quantum key distribution (QKD), which enables the secure distribution of symmetric keys between two legitimate parties, is highly useful in future network security. An access network that connects multiple end users with one network backbone can be combined with QKD to build security for end users in a scalable and cost-effective way. In this paper, we show that a downstream-access network can be implemented using continuous-variable (CV) QKD. The security analysis is conducted independently with other network nodes, which greatly relax the trustfulness requirement on the network nodes. The security is then obtained against other network parties even when the quantum signals are broadcast throughout the network. The passive beam splitter is sufficient to deterministically distribute the quantum signals, and standard CV QKD systems can be directly fitted in the downstream-access network, which makes it more applicable for practical implementations. Numerous simulation results are provided to demonstrate the performance of the CV QKD downstream-access network, where up to 64 end users are shown to be feasible to access the network. We provide the security-analysis framework for realizing CV QKD in the downstream-access network, which will boost the diversity for constructing practical CV QKD networks.

physics, applied

Jia-Meng Yao,Qiong Li,Hao-Kun Mao,Ahmed A. Abd El-Latif

2023-12-14

Abstract:With the advancement of quantum computing, the security of public key cryptography is under serious threat. To guarantee security in the quantum era, Quantum Key Distribution has become a competitive solution. QKD networks can be classified into measurement-device-dependent network and measurement-device-independent network. In measurement-device-dependent networks, the information is available for all trusted relays. This means that all trusted relays are strongly trusted relays that require strict control, which is difficult to realize. To address this issue, measurement-device-independent networks reduce the proportion of strongly trusted relay nodes by introducing untrusted relays. However, due to the higher key rate of measurement-device-dependent protocols over short distances, the communication capability of measurement-device-independent networks has a degradation compared to measurement-device-dependent networks. Therefore, how to reduce the dependence of QKD networks on strong trusted relays without significantly affecting the communication capability has become a major issue in the practicalization process of QKD networks. To address this issue, a novel Multi-Protocol Collaborative networking cell is proposed in this paper. The QKD network built by the MPC networking cell reduces the dependence on strongly trusted relays by combining the two protocols to introduce weak trusted relays while maintaining the high communication capacity. What's more, to further enhance the overall performance of the QKD network, an optimal topology design method is presented via the proposed flow-based mathematical model and optimization method. The simulation results show that the proposed scheme reduces the dependence on strongly trusted relays without a significant reduction in communication capability, our work holds great significance in promoting the practicalization of QKD networks.

Quantum Physics

Haokun Mao,Qiang Zhao,Yucheng Qiao,Bingze Yan,Bingjie Xu,Ahmed A. Abd El-Latif,Qiong Li

2021-01-01

Abstract:Quantum key distribution (QKD) is an important branch of quantum information science as it holds promise for unconditionally secure communication. For QKD research, a central issue is to improve the final secure key rate (SKR) and the maximal transmission distance. To address this issue, most works focused on reducing the information leakage of QKD. In this paper, we propose a novel approach to further reduce the information leakage by specially considering the overlap between the information leakage of quantum part and post-processing part. The overlap means that the information leakage of post-processing part caused solely by multi-photon pulses is considered twice in previous studies, i.e., both in quantum part and post-processing part. Since the information carried by multi-photon pulses has been considered as completely known by Eve through the photon-number-splitting attack in quantum part, there is no need to consider it in post-processing part repetitively during the SKR calculation. Therefore, our approach can theoretically reduce the information leakage of a QKD protocol. Based on this idea, we derive the formulas to calculate the amount of information leakage for decoy-BB84 and sending-or-not-sending twin-field protocols. Simulation results for these two typical protocols also demonstrate that our approach evidently improves the SKR as well as the maximal transmission distance under practical experimental parameters.