Zero-Error Attacks and Detection Statistics in the Coherent One-Way Protocol for Quantum Cryptography

This is a study of the security of the Coherent One-Way (COW) protocol for quantum cryptography, proposed recently as a simple and fast experimental scheme. In the zero-error regime, the eavesdropper Eve can only take advantage of the losses in the transmission. We consider new attacks, based on unambiguous state discrimination, which perform better than the basic beam-splitting attack, but which can be detected by a careful analysis of the detection statistics. These results stress the importance of testing several statistical parameters in order to achieve higher rates of secret bits

Trusted Noise in Continuous-Variable Quantum Key Distribution: a Threat and a Defense

We address the role of the phase-insensitive trusted preparation and detection noise in the security of a continuous-variable quantum key distribution, considering the Gaussian protocols on the basis of coherent and squeezed states and studying them in the conditions of Gaussian lossy and noisy channels. The influence of such a noise on the security of Gaussian quantum cryptography can be crucial, even despite the fact that a noise is trusted, due to a strongly nonlinear behavior of the quantum entropies involved in the security analysis. We recapitulate the known effect of the preparation noise in both direct and reverse-reconciliation protocols, as well as the detection noise in the reverse-reconciliation scenario. As a new result, we show the negative role of the trusted detection noise in the direct-reconciliation scheme. We also describe the role of the trusted preparation or detection noise added at the reference side of the protocols in improving the robustness of the protocols to the channel noise, confirming the positive effect for the coherent-state reverse-reconciliation protocol. Finally, we address the combined effect of trusted noise added both in the source and the detector.Comment: 25 pages, 9 figure

Continuous Variable Quantum Cryptography using Two-Way Quantum Communication

Quantum cryptography has been recently extended to continuous variable systems, e.g., the bosonic modes of the electromagnetic field. In particular, several cryptographic protocols have been proposed and experimentally implemented using bosonic modes with Gaussian statistics. Such protocols have shown the possibility of reaching very high secret-key rates, even in the presence of strong losses in the quantum communication channel. Despite this robustness to loss, their security can be affected by more general attacks where extra Gaussian noise is introduced by the eavesdropper. In this general scenario we show a "hardware solution" for enhancing the security thresholds of these protocols. This is possible by extending them to a two-way quantum communication where subsequent uses of the quantum channel are suitably combined. In the resulting two-way schemes, one of the honest parties assists the secret encoding of the other with the chance of a non-trivial superadditive enhancement of the security thresholds. Such results enable the extension of quantum cryptography to more complex quantum communications.Comment: 12 pages, 7 figures, REVTe

Trojan-horse attacks threaten the security of practical quantum cryptography

A quantum key distribution system may be probed by an eavesdropper Eve by sending in bright light from the quantum channel and analyzing the back-reflections. We propose and experimentally demonstrate a setup for mounting such a Trojan-horse attack. We show it in operation against the quantum cryptosystem Clavis2 from ID~Quantique, as a proof-of-principle. With just a few back-reflected photons, Eve discerns Bob's secret basis choice, and thus the raw key bit in the Scarani-Ac\'in-Ribordy-Gisin 2004 protocol, with higher than 90% probability. This would clearly breach the security of the cryptosystem. Unfortunately in Clavis2 Eve's bright pulses have a side effect of causing high level of afterpulsing in Bob's single-photon detectors, resulting in a high quantum bit error rate that effectively protects this system from our attack. However, in a Clavis2-like system equipped with detectors with less-noisy but realistic characteristics, an attack strategy with positive leakage of the key would exist. We confirm this by a numerical simulation. Both the eavesdropping setup and strategy can be generalized to attack most of the current QKD systems, especially if they lack proper safeguards. We also propose countermeasures to prevent such attacks.Comment: 22 pages including appendix and references, 6+2 figure

The Security of Practical Quantum Key Distribution

Quantum key distribution (QKD) is the first quantum information task to reach the level of mature technology, already fit for commercialization. It aims at the creation of a secret key between authorized partners connected by a quantum channel and a classical authenticated channel. The security of the key can in principle be guaranteed without putting any restriction on the eavesdropper's power. The first two sections provide a concise up-to-date review of QKD, biased toward the practical side. The rest of the paper presents the essential theoretical tools that have been developed to assess the security of the main experimental platforms (discrete variables, continuous variables and distributed-phase-reference protocols).Comment: Identical to the published version, up to cosmetic editorial change

Quantum Cryptography

Quantum cryptography could well be the first application of quantum mechanics at the individual quanta level. The very fast progress in both theory and experiments over the recent years are reviewed, with emphasis on open questions and technological issues.Comment: 55 pages, 32 figures; to appear in Reviews of Modern Physic