16 research outputs found
Detection Efficiency Mismatch and Finite-Key-Size Attacks on Practical Quantum Cryptography Systems
Security verification for the physical implementation of a cryptography system is an important step to ensure the security level promised by theory. As has been shown many times, any physical device has characteristics and behavior that deviate from theoretical expectations. Frequently, those lead to new security loopholes.
This thesis presents three experimental studies of attacks on quantum key distribution (QKD) systems. The first is the detection efficiency mismatch on free-space systems, which takes advantage of alignment imperfections in Bob's detector to control detection efficiencies. The experiment was done on a polarization-encoding free-space receiver to find the detection efficiencies of each detector for different spatial modes of an incoming photon. Those results were put into an optimization program, which modeled an intercept-and-resend attack on a non-decoy Bennett-Brassard 1984 (BB84) protocol. The result shows that an adversary is able to gain information about the key without being detected by Alice and Bob. The second study is an experimental test of reliability of a spatial filter (a pinhole), which is proposed as a countermeasure for the previous attack. The result shows that, by sending a high-power laser beam focused on the pinhole, the pinhole can be widened without affecting other components in the receiver. Thus, the ability to perform a spatial mode detection efficiency-mismatch attack is recovered. The last experiment is a demonstration of Eve's ability to force a commercial system to distill a key from a raw key of a short length, where the asymptotic assumption of security claimed by the manufacturer might not hold. It was shown that this could be done by inducing transmission loss in the channel at an appropriate time
Toward standardization of Quantum Key Distribution
Information security becomes an inseparable part of our everyday life. An encryption
method widely used today is public-key encryption. The security of this method is based on
a hard to solve mathematical problems against an adversary with limited computational
power. Such an assumption could be broken as our understanding of the mathematics
being improved or new computation tools being developed. One such tool that poses a
threat to the public key encryption is a quantum computer. As a result, a new encryption
method with a new security assumption is required.
Quantum key distribution is a point-to-point symmetric key distribution method with
security based on the law of physics. In theory, the key generated by QKD is informationtheoretic secured. However, in practice, physical devices could have flaws or possess some
behaviors deviated from the theoretical model. These imperfections could open security
loopholes for an adversary to exploit, compromising the security. Thus the security verification and system characterization of practical implementation of QKD are necessary.
The necessity of this verification is further emphasized as several QKD systems are being
commercialized and used in several discrete communication links today.
To extend this new encryption system’s practical implementation on a wider network
scale requires a set of standards or common practices for developers and service providers
to follow. This set of rules is set to ensure the compatibility of different device models in
the network and ensure the security of each component in the system, which would affect
the security of the system as a whole.
To fulfill standardization and certification criteria, a record of best practice on security
analysis, system design, device characterization, and security verification of QKD implementation is required. The research projects throughout my Ph.D. study contribute toward
this practice. These studies also address some issues and provide possible solutions to the
development of a standard for QKD. This thesis is a collection of six experimental studies
on performance evaluation and security verification of different components of practical
quantum key distribution systems.
The first study is a comparison between the performance of the QKD system with
quantum dot (QD) as a single-photon source and the performance of QKD with weakcoherent pulsed (WCP) source. The result shows that the QKD with QD could generate
the key at higher channel loss than WCP QKD using the same laser source. This result
shows the potential of QKD with a single-photon source as a candidate for secret key
distribution over high channel loss, such as up-link satellite-based QKD.
The second study is a theoretical study on the method to characterize the QKD system
against the Trojan-horse attack being considered as a standard for the QKD system. The
result shows a possible loophole of this method against a more powerful adversary than
assumed in the previously proposed model. An improved version of characterization against
a more general form of Trojan-horse attack has been proposed.
The third experiment is on the information leakage from a free-space QKD receiver due
to detector backflash, a photon produced by the detector upon detection. The result shows
that the backflash photons carry the information of the ’clicked’ detector that could be
transmitted back to the channel and discriminated by Eve. An experimental demonstration
of this attack has been performed. Countermeasure both in theory and practical setup has
been proposed.
The next experiment is on the effect of atmospheric turbulence on Eve’s spatial-mode
detection efficiency mismatch attack on the free-space QKD system. We show that, by
using a phase-only spatial light modulator (SLM) and hologram created by Zernike polynomials, atmospheric turbulence with various strength covered from sea level to upper
atmosphere can be experimentally emulated in the lab environment. We then use that
setup to show the limit of the distance that Eve’s attack is successful. The theoretical
limit of the attack distance also shown.
In the fifth study, we use the SLM and Zernike polynomial holograms to characterize a
free-space QKD system against spatial mode attack. The result shows that, with higherorder spatial modes and finer control of wavefront intensity distribution, Eve could bypass
the countermeasure proposed in our previous study. We proposed a more robust version
of countermeasure against spatial mode attack. The new countermeasure is verified by the
SLM setup.
The last study is on the fake-state attack on the transition edge sensor (TES). The
result shows that TES’s voltage response can be deterministically controlled by Eve using
bright laser through the input channel. It also shows that the photon number result from
TES can be controlled by Eve. An attack model exploiting this imperfection has been
shown.
In addition to the contribution to the standardization of the QKD system, I hope that
the result of this thesis would emphasize the necessity of security verification of the QKD
system and the verification of countermeasure and characterization method against more
general attack model. Although the unconditional security, promised in theory, could not
yet be achieved, this loop of hacking and patching should provide us information and insight
on which security level could be claimed from the practical QKD devices implementing
today
Testing random-detector-efficiency countermeasure in a commercial system reveals a breakable unrealistic assumption
In the last decade, efforts have been made to reconcile theoretical security
with realistic imperfect implementations of quantum key distribution (QKD).
Implementable countermeasures are proposed to patch the discovered loopholes.
However, certain countermeasures are not as robust as would be expected. In
this paper, we present a concrete example of ID Quantique's
random-detector-efficiency countermeasure against detector blinding attacks. As
a third-party tester, we have found that the first industrial implementation of
this countermeasure is effective against the original blinding attack, but not
immune to a modified blinding attack. Then, we implement and test a later full
version of this countermeasure containing a security proof [C. C. W. Lim et
al., IEEE Journal of Selected Topics in Quantum Electronics, 21, 6601305
(2015)]. We find that it is still vulnerable against the modified blinding
attack, because an assumption about hardware characteristics on which the proof
relies fails in practice.Comment: 12 pages, 12 figure
Creation of backdoors in quantum communications via laser damage
Practical quantum communication (QC) protocols are assumed to be secure
provided implemented devices are properly characterized and all known side
channels are closed. We show that this is not always true. We demonstrate a
laser-damage attack capable of modifying device behaviour on-demand. We test it
on two practical QC systems for key distribution and coin-tossing, and show
that newly created deviations lead to side channels. This reveals that laser
damage is a potential security risk to existing QC systems, and necessitates
their testing to guarantee security.Comment: Changed the title to match the journal version. 9 pages, 5 figure
Eavesdropping and countermeasures for backflash side channel in quantum cryptography
Quantum key distribution (QKD) promises information theoretic secure key as
long as the device performs as assumed in the theoretical model. One of the
assumptions is an absence of information leakage about individual photon
detection outcomes of the receiver unit. Here we investigate the information
leakage from a QKD receiver due to photon emission caused by detection events
in single-photon detectors (backflash). We test commercial silicon avalanche
photodiodes and a photomultiplier tube, and find that the former emit
backflashes. We study the spectral, timing and polarization characteristics of
these backflash photons. We experimentally demonstrate on a free-space QKD
receiver that an eavesdropper can distinguish which detector has clicked inside
it, and thus acquire secret information. A set of countermeasures both in
theory and on the physical devices are discussed.Comment: 9 pages, 7 figure
Preparing a commercial quantum key distribution system for certification against implementation loopholes
A commercial quantum key distribution (QKD) system needs to be formally
certified to enable its wide deployment. The certification should include the
system's robustness against known implementation loopholes and attacks that
exploit them. Here we ready a fiber-optic QKD system for this procedure. The
system has a prepare-and-measure scheme with decoy-state BB84 protocol,
polarisation encoding, qubit source rate of 312.5 MHz, and is manufactured by
QRate in Russia. We detail its hardware and post-processing. We analyse the
hardware for any possible implementation loopholes and discuss countermeasures.
We then amend the system design to address the highest-risk loopholes
identified. We also work out technical requirements on the certification lab
and outline its possible structure.Comment: 33 pages, 11 figures, 2 table