Characterizing the physical channel and calibrating the cryptosystem hardware
are prerequisites for establishing a quantum channel for quantum key
distribution (QKD). Moreover, an inappropriately implemented calibration
routine can open a fatal security loophole. We propose and experimentally
demonstrate a method to induce a large temporal detector efficiency mismatch in
a commercial QKD system by deceiving a channel length calibration routine. We
then devise an optimal and realistic strategy using faked states to break the
security of the cryptosystem. A fix for this loophole is also suggested.Comment: 4 pages + 1 page of supplementary information. Considerable
modification of Eve's attack strategy and QBER minimization technique. All
figures have also been improve
