The peculiar properties of quantum mechanics allow two remote parties to communicate a private, secret key, which is protected from eavesdropping by the laws of physics(1-4). So-called quantum key distribution (QKD) implementations always rely on detectors to measure the relevant quantum property of single photons(5). Here we demonstrate experimentally that the detectors in two commercially available QKD systems can be fully remote-controlled using specially tailored bright illumination. This makes it possible to tracelessly acquire the full secret key; we propose an eavesdropping apparatus built from off-the-shelf components. The loophole is likely to be present in most QKD systems using avalanche photodiodes to detect single photons. We believe that our findings are crucial for strengthening the security of practical QKD, by identifying and patching technological deficiencies
The quantum internet is predicted to be the next-generation information processing platform, promising secure communication and an exponential speed-up in distributed computation. The distribution of single qubits over large distances via quantum teleportation is a key ingredient for realizing such a global platform. By using quantum teleportation, unknown quantum states can be transferred over arbitrary distances to a party whose location is unknown. Since the first experimental demonstrations of quantum teleportation of independent external qubits, an internal qubit and squeezed states, researchers have progressively extended the communication distance. Usually this occurs without active feed-forward of the classical Bell-state measurement result, which is an essential ingredient in future applications such as communication between quantum computers. The benchmark for a global quantum internet is quantum teleportation of independent qubits over a free-space link whose attenuation corresponds to the path between a satellite and a ground station. Here we report such an experiment, using active feed-forward in real time. The experiment uses two free-space optical links, quantum and classical, over 143 kilometres between the two Canary Islands of La Palma and Tenerife. To achieve this, we combine advanced techniques involving a frequency-uncorrelated polarization-entangled photon pair source, ultra-low-noise single-photon detectors and entanglement-assisted clock synchronization. The average teleported state fidelity is well beyond the classical limit of two-thirds. Furthermore, we confirm the quality of the quantum teleportation procedure without feed-forward by complete quantum process tomography. Our experiment verifies the maturity and applicability of such technologies in real-world scenarios, in particular for future satellite-based quantum teleportation.
Quantum key distribution (QKD) allows two remote parties to grow a shared secret key. Its security is founded on the principles of quantum mechanics, but in reality it significantly relies on the physical implementation. Technological imperfections of QKD systems have been previously explored, but no attack on an established QKD connection has been realized so far. Here we show the first full-field implementation of a complete attack on a running QKD connection. An installed eavesdropper obtains the entire 'secret' key, while none of the parameters monitored by the legitimate parties indicate a security breach. This confirms that non-idealities in physical implementations of QKD can be fully practically exploitable, and must be given increased scrutiny if quantum cryptography is to become highly secure.
We suggest a type of attack on quantum cryptosystems that exploits variations in detector efficiency as a function of a control parameter accessible to an eavesdropper. With gated single-photon detectors, this control parameter can be the timing of the incoming pulse. When the eavesdropper sends short pulses using the appropriate timing so that the two gated detectors in Bob's setup have different efficiencies, the security of quantum key distribution can be compromised. Specifically, we show for the Bennett-Brassard 1984 (BB84) protocol that if the efficiency mismatch between 0 and 1 detectors for some value of the control parameter gets large enough (roughly 15:1 or larger), Eve can construct a successful faked-states attack causing a quantum bit error rate lower than 11%. We also derive a general security bound as a function of the detector sensitivity mismatch for the BB84 protocol. Experimental data for two different detectors are presented, and protection measures against this attack are discussed.
Single photon detectors based on passively-quenched avalanche photodiodes can be temporarily blinded by relatively bright light, of intensity less than a nanowatt. I describe a bright-light regime suitable for attacking a quantum key distribution system containing such detectors. In this regime, all single photon detectors in the receiver Bob are uniformly blinded by continuous illumination coming from the eavesdropper Eve. When Eve needs a certain detector in Bob to produce a click, she modifies polarization (or other parameter used to encode quantum states) of the light she sends to Bob such that the target detector stops receiving light while the other detector(s) continue to be illuminated. The target detector regains single photon sensitivity and, when Eve modifies the polarization again, produces a single click. Thus, Eve has full control of Bob and can do a successful intercept-resend attack. To check the feasibility of the attack, 3 different models of passivelyquenched detectors have been tested. In the experiment, I have simulated the intensity diagrams the detectors would receive in a real quantum key distribution system under attack. Control parameters and side effects are considered. It appears that the attack could be practically possible.
Characterizing the physical channel and calibrating the cryptosystem hardware are prerequisites for establishing a quantum channel for quantum key distribution (QKD). Moreover, an inappropriately implemented calibration routine can open a fatal security loophole. We propose and experimentally demonstrate a method to induce a large temporal detector efficiency mismatch in a commercial QKD system by deceiving a channel length calibration routine. We then devise an optimal and realistic strategy using faked states to break the security of the cryptosystem. A fix for this loophole is also suggested.
We present a method to control the detection events in quantum key distribution systems that use gated single-photon detectors. We employ bright pulses as faked states, timed to arrive at the avalanche photodiodes outside the activation time. The attack can remain unnoticed, since the faked states do not increase the error rate per se. This allows for an intercept-resend attack, where an eavesdropper transfers her detection events to the legitimate receiver without causing any errors. As a side effect, afterpulses, originating from accumulated charge carriers in the detectors, increase the error rate. We have experimentally tested detectors of the system id3110 (Clavis2) from ID Quantique. We identify the parameter regime in which the attack is feasible despite the side effect. Furthermore, we outline how simple modifications in the implementation can make the device immune to this attack.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.