Secure gated detection scheme for quantum cryptography

Several attacks have been proposed on quantum key distribution systems with gated single-photon detectors. The attacks involve triggering the detectors outside the center of the detector gate, and/or using bright illumination to exploit classical photodiode mode of the detectors. Hence a secure detection scheme requires two features: The detection events must take place in the middle of the gate, and the detector must be single-photon sensitive. Here we present a technique called bit-mapped gating, which is an elegant way to force the detections in the middle of the detector gate by coupling detection time and quantum bit error rate. We also discuss how to guarantee single-photon sensitivity by directly measuring detector parameters. Bit-mapped gating also provides a simple way to measure the detector blinding parameter in security proofs for quantum key distribution systems with detector efficiency mismatch, which up until now has remained a theoretical, unmeasurable quantity. Thus if single-photon sensitivity can be guaranteed within the gates, a detection scheme with bit-mapped gating satisfies the assumptions of the current security proofs.Comment: 7 pages, 3 figure

Full-field implementation of a perfect eavesdropper on a quantum cryptography system

Quantum key distribution (QKD) allows two remote parties to grow a shared secret key. Its security is founded on the principles of quantum mechanics, but in reality it significantly relies on the physical implementation. Technological imperfections of QKD systems have been previously explored, but no attack on an established QKD connection has been realized so far. Here we show the first full-field implementation of a complete attack on a running QKD connection. An installed eavesdropper obtains the entire 'secret' key, while none of the parameters monitored by the legitimate parties indicate a security breach. This confirms that non-idealities in physical implementations of QKD can be fully practically exploitable, and must be given increased scrutiny if quantum cryptography is to become highly secure.Comment: Revised after editorial and peer-review feedback. This version is published in Nat. Commun. 8 pages, 6 figures, 1 tabl

Hacking commercial quantum cryptography systems by tailored bright illumination

The peculiar properties of quantum mechanics allow two remote parties to communicate a private, secret key, which is protected from eavesdropping by the laws of physics. So-called quantum key distribution (QKD) implementations always rely on detectors to measure the relevant quantum property of single photons. Here we demonstrate experimentally that the detectors in two commercially available QKD systems can be fully remote-controlled using specially tailored bright illumination. This makes it possible to tracelessly acquire the full secret key; we propose an eavesdropping apparatus built of off-the-shelf components. The loophole is likely to be present in most QKD systems using avalanche photodiodes to detect single photons. We believe that our findings are crucial for strengthening the security of practical QKD, by identifying and patching technological deficiencies.Comment: Revised version, rewritten for clarity. 5 pages, 5 figures. To download the Supplementary information (which is in open access), go to the journal web site at http://dx.doi.org/10.1038/nphoton.2010.21

Superlinear threshold detectors in quantum cryptography

We introduce the concept of a superlinear threshold detector, a detector that has a higher probability to detect multiple photons if it receives them simultaneously rather than at separate times. Highly superlinear threshold detectors in quantum key distribution systems allow eavesdropping the full secret key without being revealed. Here, we generalize the detector control attack, and analyze how it performs against quantum key distribution systems with moderately superlinear detectors. We quantify the superlinearity in superconducting single-photon detectors based on earlier published data, and gated avalanche photodiode detectors based on our own measurements. The analysis shows that quantum key distribution systems using detector(s) of either type can be vulnerable to eavesdropping. The avalanche photodiode detector becomes superlinear towards the end of the gate, allowing eavesdropping using trigger pulses containing less than 120 photons per pulse. Such an attack would be virtually impossible to catch with an optical power meter at the receiver entrance.Comment: Rewritten for clearity. Included a discussion on detector dark counts, a discussion on how to tackle this type of loopholes, and updated references. 8 pages, 6 figure

Exploitation of Antarctic krill Euphausia superba by three air-breathing predators with contrasting foraging strategies – implications for fisheries feedback management

-SCAR Open Science Conference, Kuala Lumpur 201

Quantum key distribution with delayed privacy amplification and its application to security proof of a two-way deterministic protocol

Privacy amplification (PA) is an essential post-processing step in quantum key distribution (QKD) for removing any information an eavesdropper may have on the final secret key. In this paper, we consider delaying PA of the final key after its use in one-time pad encryption and prove its security. We prove that the security and the key generation rate are not affected by delaying PA. Delaying PA has two applications: it serves as a tool for significantly simplifying the security proof of QKD with a two-way quantum channel, and also it is useful in QKD networks with trusted relays. To illustrate the power of the delayed PA idea, we use it to prove the security of a qubit-based two-way deterministic QKD protocol which uses four states and four encoding operations.Comment: 11 pages, 3 figure

Effect of Intensity Modulator Extinction on Practical Quantum Key Distribution System

We study how the imperfection of intensity modulator effects on the security of a practical quantum key distribution system. The extinction ratio of the realistic intensity modulator is considered in our security analysis. We show that the secret key rate increases, under the practical assumption that the indeterminable noise introduced by the imperfect intensity modulator can not be controlled by the eavesdropper.Comment: 6 pages, 5 figures. EPJD accepte

Tight Finite-Key Analysis for Quantum Cryptography

Despite enormous progress both in theoretical and experimental quantum cryptography, the security of most current implementations of quantum key distribution is still not established rigorously. One of the main problems is that the security of the final key is highly dependent on the number, M, of signals exchanged between the legitimate parties. While, in any practical implementation, M is limited by the available resources, existing security proofs are often only valid asymptotically for unrealistically large values of M. Here, we demonstrate that this gap between theory and practice can be overcome using a recently developed proof technique based on the uncertainty relation for smooth entropies. Specifically, we consider a family of Bennett-Brassard 1984 quantum key distribution protocols and show that security against general attacks can be guaranteed already for moderate values of M.Comment: 11 pages, 2 figure

Experimental demonstration of phase-remapping attack in a practical quantum key distribution system

Unconditional security proofs of various quantum key distribution (QKD) protocols are built on idealized assumptions. One key assumption is: the sender (Alice) can prepare the required quantum states without errors. However, such an assumption may be violated in a practical QKD system. In this paper, we experimentally demonstrate a technically feasible "intercept-and-resend" attack that exploits such a security loophole in a commercial "plug & play" QKD system. The resulting quantum bit error rate is 19.7%, which is below the proven secure bound of 20.0% for the BB84 protocol. The attack we utilize is the phase-remapping attack (C.-H. F. Fung, et al., Phys. Rev. A, 75, 32314, 2007) proposed by our group.Comment: 16 pages, 6 figure

Controlling a superconducting nanowire single-photon detector using tailored bright illumination

We experimentally demonstrate that a superconducting nanowire single-photon detector is deterministically controllable by bright illumination. We found that bright light can temporarily make a large fraction of the nanowire length normally-conductive, can extend deadtime after a normal photon detection, and can cause a hotspot formation during the deadtime with a highly nonlinear sensitivity. In result, although based on different physics, the superconducting detector turns out to be controllable by virtually the same techniques as avalanche photodiode detectors. As demonstrated earlier, when such detectors are used in a quantum key distribution system, this allows an eavesdropper to launch a detector control attack to capture the full secret key without being revealed by to many errors in the key.Comment: Expanded discussions, updated references. 9 pages, 8 figure