Best-Practice Criteria for Practical Security of Self-Differencing Avalanche Photodiode Detectors in Quantum Key Distribution

Fast gated avalanche photodiodes (APDs) are the most commonly used single photon detectors for high bit rate quantum key distribution (QKD). Their robustness against external attacks is crucial to the overall security of a QKD system or even an entire QKD network. Here, we investigate the behavior of a gigahertz-gated, self-differencing InGaAs APD under strong illumination, a tactic Eve often uses to bring detectors under her control. Our experiment and modelling reveal that the negative feedback by the photocurrent safeguards the detector from being blinded through reducing its avalanche probability and/or strengthening the capacitive response. Based on this finding, we propose a set of best-practice criteria for designing and operating fast-gated APD detectors to ensure their practical security in QKD

Intensity modulation as a preemptive measure against blinding of single-photon detectors based on self-differencing cancellation

Quantum key distribution is rising as an important cryptographic primitive for protecting the communication infrastructure in the digital era. However, its implementation security is often weakened by components whose behavior deviates from what is expected. Here we analyze the response of a self-differencing avalanche photodiode, a key enabler for high speed quantum key distribution, to intense light shone from a continuous-wave laser. Under incorrect settings, the cancellation entailed by the self-differencing circuitry can make the detector insensitive to single photons. However, we experimentally demonstrate that even in such cases intensity modulation can be used as an effective measure to restore the detector's expected response to the input light.A.K.-S. gratefully acknowledges financial support from Toshiba Research Europe Ltd. and the Engineering and Physical Sciences Research Council (EPSRC) through an Industrial CASE studentship Grant No. NMZE\187 (RG84410)

Intrinsic mitigation of the after-gate attack in quantum key distribution through fast-gated delayed detection

The information theoretic security promised by quantum key distribution (QKD) holds as long as the assumptions in the theoretical model match the parameters in the physical implementation. The superlinear behaviour of sensitive single-photon detectors represents one such mismatch and can pave the way to powerful attacks hindering the security of QKD systems, a prominent example being the after-gate attack. A longstanding tenet is that trapped carriers causing delayed detection can help mitigate this attack, but despite intensive scrutiny, it remains largely unproven. Here we approach this problem from a physical perspective and find new evidence to support a detector's secure response. We experimentally investigate two different carrier trapping mechanisms causing delayed detection in fast-gated semiconductor avalanche photodiodes, one arising from the multiplication layer, the other from the heterojunction interface between absorption and charge layers. The release of trapped carriers increases the quantum bit error rate measured under the after-gate attack above the typical QKD security threshold, thus favouring the detector's inherent security. This represents a significant step to avert quantum hacking of QKD systems

Backflashes from fast-gated avalanche photodiodes in quantum key distribution

InGaAs single-photon avalanche photodiodes (APDs) are key enablers for high-bit rate quantum key distribution. However, the deviation of such detectors from ideal models can open side-channels for an eavesdropper, Eve, to exploit. The phenomenon of backflashes, whereby APDs reemit photons after detecting a photon, gives Eve the opportunity to passively learn the information carried by the detected photon without the need to actively interact with the legitimate receiver, Bob. While this has been observed in slow-gated detectors, it has not been investigated in fast-gated APDs where it has been posited that this effect would be lessened. Here, we perform the first experiment to characterize the security threat that backflashes provide in a GHz-gated self-differencing APD using the metric of information leakage. We find that, indeed, the information leakage is lower than that reported for slower-gated detectors, and we show that its effect on the secure key rate is negligible. We also relate the rate of backflash events to the APD dark current, thereby suggesting that their origin is the InP multiplication region in the APD

Radiofrequency emanations of a single-photon detector

Quantum key distribution (QKD) offers the possibility of information theoretic secure key establishment. However, non-ideal behaviour of some components used in practical implementations causes security risks and loopholes that need to be addressed. Previously identified loopholes have resulted in changes to hardware and the invention of new QKD protocols. In this document, we report an investigation into the eavesdropping risk due to out-of-band radiofrequency emanations produced by a QKD receiver. We present experimental results that show a QKD receiver may produce significant pulsed-like emissions that can be detected by a passive eavesdropper antenna to identify clicks in single-photon detectors.<br/

Setting best practice criteria for self-differencing avalanche photodiodes in quantum key distribution

In recent years, the security of avalanche photodiodes as single photon detectors for quantum key distribution has been subjected to much scrutiny. The most prominent example of this surrounds the vulnerability of such devices to blinding under strong illumination. We focus on self-differencing avalanche photodiodes, single photon detectors that have demonstrated count rates exceeding 1 GCounts/s resulting in secure key rates over 1 MBit/s. These detectors use a passive electronic circuit to cancel any periodic signals thereby enhancing detection sensitivity. However this intrinsic feature can be exploited by adversaries to gain control of the devices using illumination of a moderate intensity. Through careful experimental examinations, we define here a set of criteria for these detectors to avoid such attacks

Radiofrequency emanations of a single-photon detector

Quantum key distribution (QKD) offers the possibility of information theoretic secure key establishment. However, non-ideal behaviour of some components used in practical implementations causes security risks and loopholes that need to be addressed. Previously identified loopholes have resulted in changes to hardware and the invention of new QKD protocols. In this document, we report an investigation into the eavesdropping risk due to out-of-band radiofrequency emanations produced by a QKD receiver. We present experimental results that show a QKD receiver may produce significant pulsed-like emissions that can be detected by a passive eavesdropper antenna to identify clicks in single-photon detectors.<br/