18 research outputs found
Preparing a commercial quantum key distribution system for certification against implementation loopholes
A commercial quantum key distribution (QKD) system needs to be formally
certified to enable its wide deployment. The certification should include the
system's robustness against known implementation loopholes and attacks that
exploit them. Here we ready a fiber-optic QKD system for this procedure. The
system has a prepare-and-measure scheme with decoy-state BB84 protocol,
polarisation encoding, qubit source rate of 312.5 MHz, and is manufactured by
QRate in Russia. We detail its hardware and post-processing. We analyse the
hardware for any possible implementation loopholes and discuss countermeasures.
We then amend the system design to address the highest-risk loopholes
identified. We also work out technical requirements on the certification lab
and outline its possible structure.Comment: 33 pages, 11 figures, 2 table
Backflashes from fast-gated avalanche photodiodes in quantum key distribution
InGaAs single-photon avalanche photodiodes (APDs) are key enablers for high-bit rate quantum key distribution. However, the deviation of such detectors from ideal models can open side-channels for an eavesdropper, Eve, to exploit. The phenomenon of backflashes, whereby APDs reemit photons after detecting a photon, gives Eve the opportunity to passively learn the information carried by the detected photon without the need to actively interact with the legitimate receiver, Bob. While this has been observed in slow-gated detectors, it has not been investigated in fast-gated APDs where it has been posited that this effect would be lessened. Here, we perform the first experiment to characterize the security threat that backflashes provide in a GHz-gated self-differencing APD using the metric of information leakage. We find that, indeed, the information leakage is lower than that reported for slower-gated detectors, and we show that its effect on the secure key rate is negligible. We also relate the rate of backflash events to the APD dark current, thereby suggesting that their origin is the InP multiplication region in the APD
A Comparison of Cryptographic Methods
While elliptic curve cryptography and quantum cryptography are significantly different branches of cryptography, they provide a suitable reference point for comparison of the value of developing methods used in the present and investing in methods to be used in the future. Elliptic curve cryptography is quite common today, as it is generally secure and efficient. However, as the field of cryptography advances, the value of quantum cryptographyâs inherent security from its basic properties should be considered, as a fully realized quantum cryptosystem has the potential to be quite powerful. Ultimately, it is of critical importance to determine the value of investing in strengthening current cryptosystems in comparison to seeking to accelerate the development of new ones. While both are of importance, the question should be asked if one avenue of development will be more effective overall
Toward standardization of Quantum Key Distribution
Information security becomes an inseparable part of our everyday life. An encryption
method widely used today is public-key encryption. The security of this method is based on
a hard to solve mathematical problems against an adversary with limited computational
power. Such an assumption could be broken as our understanding of the mathematics
being improved or new computation tools being developed. One such tool that poses a
threat to the public key encryption is a quantum computer. As a result, a new encryption
method with a new security assumption is required.
Quantum key distribution is a point-to-point symmetric key distribution method with
security based on the law of physics. In theory, the key generated by QKD is informationtheoretic secured. However, in practice, physical devices could have flaws or possess some
behaviors deviated from the theoretical model. These imperfections could open security
loopholes for an adversary to exploit, compromising the security. Thus the security verification and system characterization of practical implementation of QKD are necessary.
The necessity of this verification is further emphasized as several QKD systems are being
commercialized and used in several discrete communication links today.
To extend this new encryption systemâs practical implementation on a wider network
scale requires a set of standards or common practices for developers and service providers
to follow. This set of rules is set to ensure the compatibility of different device models in
the network and ensure the security of each component in the system, which would affect
the security of the system as a whole.
To fulfill standardization and certification criteria, a record of best practice on security
analysis, system design, device characterization, and security verification of QKD implementation is required. The research projects throughout my Ph.D. study contribute toward
this practice. These studies also address some issues and provide possible solutions to the
development of a standard for QKD. This thesis is a collection of six experimental studies
on performance evaluation and security verification of different components of practical
quantum key distribution systems.
The first study is a comparison between the performance of the QKD system with
quantum dot (QD) as a single-photon source and the performance of QKD with weakcoherent pulsed (WCP) source. The result shows that the QKD with QD could generate
the key at higher channel loss than WCP QKD using the same laser source. This result
shows the potential of QKD with a single-photon source as a candidate for secret key
distribution over high channel loss, such as up-link satellite-based QKD.
The second study is a theoretical study on the method to characterize the QKD system
against the Trojan-horse attack being considered as a standard for the QKD system. The
result shows a possible loophole of this method against a more powerful adversary than
assumed in the previously proposed model. An improved version of characterization against
a more general form of Trojan-horse attack has been proposed.
The third experiment is on the information leakage from a free-space QKD receiver due
to detector backflash, a photon produced by the detector upon detection. The result shows
that the backflash photons carry the information of the âclickedâ detector that could be
transmitted back to the channel and discriminated by Eve. An experimental demonstration
of this attack has been performed. Countermeasure both in theory and practical setup has
been proposed.
The next experiment is on the effect of atmospheric turbulence on Eveâs spatial-mode
detection efficiency mismatch attack on the free-space QKD system. We show that, by
using a phase-only spatial light modulator (SLM) and hologram created by Zernike polynomials, atmospheric turbulence with various strength covered from sea level to upper
atmosphere can be experimentally emulated in the lab environment. We then use that
setup to show the limit of the distance that Eveâs attack is successful. The theoretical
limit of the attack distance also shown.
In the fifth study, we use the SLM and Zernike polynomial holograms to characterize a
free-space QKD system against spatial mode attack. The result shows that, with higherorder spatial modes and finer control of wavefront intensity distribution, Eve could bypass
the countermeasure proposed in our previous study. We proposed a more robust version
of countermeasure against spatial mode attack. The new countermeasure is verified by the
SLM setup.
The last study is on the fake-state attack on the transition edge sensor (TES). The
result shows that TESâs voltage response can be deterministically controlled by Eve using
bright laser through the input channel. It also shows that the photon number result from
TES can be controlled by Eve. An attack model exploiting this imperfection has been
shown.
In addition to the contribution to the standardization of the QKD system, I hope that
the result of this thesis would emphasize the necessity of security verification of the QKD
system and the verification of countermeasure and characterization method against more
general attack model. Although the unconditional security, promised in theory, could not
yet be achieved, this loop of hacking and patching should provide us information and insight
on which security level could be claimed from the practical QKD devices implementing
today
Implementation security in quantum key distribution
The problem of implementation security in quantum key distribution (QKD)
refers to the difficulty of meeting the requirements of mathematical security
proofs in real-life QKD systems. Here, we provide a succint review on this
topic, focusing on discrete variable QKD setups. Particularly, we discuss some
of their main vulnerabilities and comment on possible approaches to overcome
them.Comment: Submitted to Advanced Quantum Technologie
Recommended from our members
The Security of Self-Differencing Avalanche Photodiodes for Quantum Key Distribution
Quantum key distribution (QKD) allows two users to communicate with information theoretic security by encoding information on single photons. This security is based on the laws of physics and as such can never be broken in theory. However, in practice, components do not always behave according to their theoretical models and these deviations can be exploited by an eavesdropper.
In recent years, exposing loopholes in QKD systems, known as quantum hacking, has attracted significant attention. The components most susceptible to being hacked are the single-photon detectors, often avalanche photodiodes (APDs), as they are directly exposed to the optical channel. Whilst measurement-device-independent QKD removes detector vulnerability from the system, secure key rates with this technique can be much lower than point-to-point links. As such, mitigating attacks on QKD systems is a pressing challenge in QKD.
In this thesis, the focus is on a special class of detectors, self-differencing APDs (SD-APDs), which have facilitated state-of-the art demonstrations of QKD. The susceptibility of SD-APDs to blinding attacks, the most explored and successful attack to date, was investigated and it was shown that by following best practice for their operation, such an attack would be unsuccessful. We have also proposed and developed a countermeasure such that the onus for appropriate operation could be removed from the user.
We have also explored an arguably more dangerous attack, in the form of the after-gate attack. We have shown that delayed detection events, ordinarily considered detrimental in QKD, can provide inherent protection against this attack. Finally, backflashes in GHz-gated APDs were investigated for the first time and it was shown that threat they pose to QKD security is negligible. These results highlight the inherent protection to a number of attacks that self-differencing APDs possess. We stress that the findings presented in this thesis are also applicable to other types of fast-gated InGaAs APDs that don't possess self-differencing circuitry.EPSRC ICASE Award with Toshib
Transient Attacks against the VMG-KLJN Secure Key Exchanger
The security vulnerability of the Vadai, Mingesz, and Gingl (VMG)
Kirchhoff-Law-Johnson-Noise (KLJN) key exchanger, as presented in the
publication "Nature, Science Report 5 (2015) 13653," has been exposed to
transient attacks. Recently an effective defense protocol was introduced (Appl.
Phys. Lett. 122 (2023) 143503) to counteract mean-square voltage-based (or
mean-square current-based) transient attacks targeted at the ideal KLJN
framework.
In the present study, this same mitigation methodology has been employed to
fortify the security of the VMG-KLJN key exchanger. It is worth noting that the
protective measures need to be separately implemented for the HL and LH
scenarios. This conceptual framework is corroborated through computer
simulations, demonstrating that the application of this defensive technique
substantially mitigates information leakage to a point of insignificance