Secure gated detection scheme for quantum cryptography

Several attacks have been proposed on quantum key distribution systems with gated single-photon detectors. The attacks involve triggering the detectors outside the center of the detector gate, and/or using bright illumination to exploit classical photodiode mode of the detectors. Hence a secure detection scheme requires two features: The detection events must take place in the middle of the gate, and the detector must be single-photon sensitive. Here we present a technique called bit-mapped gating, which is an elegant way to force the detections in the middle of the detector gate by coupling detection time and quantum bit error rate. We also discuss how to guarantee single-photon sensitivity by directly measuring detector parameters. Bit-mapped gating also provides a simple way to measure the detector blinding parameter in security proofs for quantum key distribution systems with detector efficiency mismatch, which up until now has remained a theoretical, unmeasurable quantity. Thus if single-photon sensitivity can be guaranteed within the gates, a detection scheme with bit-mapped gating satisfies the assumptions of the current security proofs.Comment: 7 pages, 3 figure

Avoiding the Detector Blinding Attack on Quantum Cryptography

We show the detector blinding attack by Lydersen et al [1] will be ineffective on most single photon avalanche photodiodes (APDs) and certainly ineffective on any detectors that are operated correctly. The attack is only successful if a redundant resistor is included in series with the APD, or if the detector discrimination levels are set inappropriately

Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-law-Johnson-noise scheme

Recently, Bennett and Riedel (BR) (http://arxiv.org/abs/1303.7435v1) argued that thermodynamics is not essential in the Kirchhoff-law–Johnson-noise (KLJN) classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive) attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional) security of the KLJN method has not been successfully challenged.Laszlo B. Kish, Derek Abbott, Claes G. Granqvis

Information theoretic security by the laws of classical physics

It has been shown recently that the use of two pairs of resistors with enhanced Johnson-noise and a Kirchhoff-loop-i.e., a Kirchhoff-Law-Johnson-Noise (KLJN) protocol-for secure key distribution leads to information theoretic security levels superior to those of a quantum key distribution, including a natural immunity against a man-in-the-middle attack. This issue is becoming particularly timely because of the recent full cracks of practical quantum communicators, as shown in numerous peer-reviewed publications. This presentation first briefly surveys the KLJN system and then discusses related, essential questions such as: what are perfect and imperfect security characteristics of key distribution, and how can these two types of securities be unconditional (or information theoretical)? Finally the presentation contains a live demonstration.Comment: Featured in MIT Technology Review http://www.technologyreview.com/view/428202/quantum-cryptography-outperformed-by-classical/ ; Plenary talk at the 5th IEEE Workshop on Soft Computing Applications, August 22-24, 2012, (SOFA 2012). Typos correcte

Full-field implementation of a perfect eavesdropper on a quantum cryptography system

Quantum key distribution (QKD) allows two remote parties to grow a shared secret key. Its security is founded on the principles of quantum mechanics, but in reality it significantly relies on the physical implementation. Technological imperfections of QKD systems have been previously explored, but no attack on an established QKD connection has been realized so far. Here we show the first full-field implementation of a complete attack on a running QKD connection. An installed eavesdropper obtains the entire 'secret' key, while none of the parameters monitored by the legitimate parties indicate a security breach. This confirms that non-idealities in physical implementations of QKD can be fully practically exploitable, and must be given increased scrutiny if quantum cryptography is to become highly secure.Comment: Revised after editorial and peer-review feedback. This version is published in Nat. Commun. 8 pages, 6 figures, 1 tabl

Hacking commercial quantum cryptography systems by tailored bright illumination

The peculiar properties of quantum mechanics allow two remote parties to communicate a private, secret key, which is protected from eavesdropping by the laws of physics. So-called quantum key distribution (QKD) implementations always rely on detectors to measure the relevant quantum property of single photons. Here we demonstrate experimentally that the detectors in two commercially available QKD systems can be fully remote-controlled using specially tailored bright illumination. This makes it possible to tracelessly acquire the full secret key; we propose an eavesdropping apparatus built of off-the-shelf components. The loophole is likely to be present in most QKD systems using avalanche photodiodes to detect single photons. We believe that our findings are crucial for strengthening the security of practical QKD, by identifying and patching technological deficiencies.Comment: Revised version, rewritten for clarity. 5 pages, 5 figures. To download the Supplementary information (which is in open access), go to the journal web site at http://dx.doi.org/10.1038/nphoton.2010.21

Superlinear threshold detectors in quantum cryptography

We introduce the concept of a superlinear threshold detector, a detector that has a higher probability to detect multiple photons if it receives them simultaneously rather than at separate times. Highly superlinear threshold detectors in quantum key distribution systems allow eavesdropping the full secret key without being revealed. Here, we generalize the detector control attack, and analyze how it performs against quantum key distribution systems with moderately superlinear detectors. We quantify the superlinearity in superconducting single-photon detectors based on earlier published data, and gated avalanche photodiode detectors based on our own measurements. The analysis shows that quantum key distribution systems using detector(s) of either type can be vulnerable to eavesdropping. The avalanche photodiode detector becomes superlinear towards the end of the gate, allowing eavesdropping using trigger pulses containing less than 120 photons per pulse. Such an attack would be virtually impossible to catch with an optical power meter at the receiver entrance.Comment: Rewritten for clearity. Included a discussion on detector dark counts, a discussion on how to tackle this type of loopholes, and updated references. 8 pages, 6 figure

Seasonal variability of the warm Atlantic Water layer in the vicinity of the Greenland shelf break

The warmest water reaching the east and west coast of Greenland is found between 200?m and 600?m. Whilst important for melting Greenland's outlet glaciers, limited winter observations of this layer prohibit determination of its seasonality. To address this, temperature data from Argo profiling floats, a range of sources within the World Ocean Database and unprecedented coverage from marine-mammal borne sensors have been analysed for the period 2002-2011. A significant seasonal range in temperature (~1-2?°C) is found in the warm layer, in contrast to most of the surrounding ocean. The phase of the seasonal cycle exhibits considerable spatial variability, with the warmest water found near the eastern and southwestern shelf-break towards the end of the calendar year. High-resolution ocean model trajectory analysis suggest the timing of the arrival of the year's warmest water is a function of advection time from the subduction site in the Irminger Basin

Quantum key distribution with delayed privacy amplification and its application to security proof of a two-way deterministic protocol

Privacy amplification (PA) is an essential post-processing step in quantum key distribution (QKD) for removing any information an eavesdropper may have on the final secret key. In this paper, we consider delaying PA of the final key after its use in one-time pad encryption and prove its security. We prove that the security and the key generation rate are not affected by delaying PA. Delaying PA has two applications: it serves as a tool for significantly simplifying the security proof of QKD with a two-way quantum channel, and also it is useful in QKD networks with trusted relays. To illustrate the power of the delayed PA idea, we use it to prove the security of a qubit-based two-way deterministic QKD protocol which uses four states and four encoding operations.Comment: 11 pages, 3 figure