Security analysis on some experimental quantum key distribution systems with imperfect optical and electrical devices

In general, quantum key distribution （QKD） has been proved unconditionally secure for perfect devices due to quantum uncertainty principle, quantum noneloning theorem and quantum nondividing principle which means that a quantum cannot be divided further. However, the practical optical and electrical devices used in the system are imperfect, which can be exploited by the eavesdropper to partially or totally spy the secret key between the legitimate parties. In this article, we first briefly review the recent work on quantum hacking on some experimental QKD systems with respect to imperfect devices carried out internationally, then we will present our recent hacking works in details, including passive faraday mirror attack, partially random phase attack, wavelength-selected photon-number-splitting attack, frequency shift attack, and single-photon-detector attack. Those quantum attack reminds people to improve the security existed in practical QKD systems due to imperfect devices by simply adding countermeasure or adopting a totally different protocol such as measurement-device independent protocol to avoid quantum hacking on the imperfection of measurement devices [Lo, et al., Phys. Rev. Lett., 2012, 108： 130503].     

Attacking a high-dimensional quantum key distribution system with wavelength-dependent beam splitter

The unconditional security of quantum key distribution(QKD) can be guaranteed by the nature of quantum physics.Compared with the traditional two-dimensional BB84 QKD protocol, high-dimensional quantum key distribution(HDQKD) can be applied to generate much more secret key.Nonetheless, practical imperfections in realistic systems can be exploited by the third party to eavesdrop the secret key.The practical beam splitter has a correlation with wavelength,where different wavelengths have different coupling ratios.Using this property, we propose a wavelength-dependent attack towards time-bin high-dimensional QKD system.What is more, we demonstrate that this attacking protocol can be applied to arbitrary d-dimensional QKD system, and higher-dimensional QKD system is more vulnerable to this attacking strategy.     

基于二进制均匀调制相干态的量子密钥分发方案

提出了一种基于二进制均匀调制相干态的量子密钥分发方案. 相对于高斯调制相干态量子密钥分发方案中的高斯信源,二进制信源是最简单的信源,二进制调制是目前数字光纤通信中最普遍的调制方式,技术上容易实现. 采用Shannon信息论分析了该协议抵抗光束分离攻击的能力,得到秘密信息速率与调制参数、解调参数以及信道参数之间的解析表达式. 关键词： 量子密钥分发 二进制调制 光束分离攻击     

Security of the Decoy State Two-Way Quantum Key Distribution with Finite Resources

The quantum key distribution(QKD) allows two parties to share a secret key by typically making use of a one-way quantum channel However,the two-way QKD has its own unique advantages,which means the two-way QKD has become a focus recently.To improve the practical performance of the two-way QKD,we present a security analysis of a two-way QKD protocol based on the decoy method with heralded single-photon sources(HSPSs).We make use of two approaches to calculate the yield and the quantum bit error rate of single-photon and two-photon pulses.Then we present the secret key generation rate based on the GLLP formula.The numerical simulation shows that the protocol with HSPSs has an advantage in the secure distance compared with weak coherent state sources.In addition,we present the final secret key generation rate of the LM05 protocol with finite resources by considering the statistical fluctuation of the yield and the error rate.     

量子直接通信

量子直接通信是量子通信中的一个重要分支, 它是一种不需要事先建立密钥而直接传输机密信息的新型通信模式. 本综述将介绍量子直接通信的基本原理, 回顾量子直接通信的发展历程, 从最早的高效量子直接通信协议、两步量子直接通信模型、量子一次一密直接通信模型等, 到抗噪声的量子直接通信模型以及基于单光子多自由度量子态及超纠缠态的量子直接通信模型, 最后介绍量子直接通信的研究现状并展望其发展未来.     

Countermeasure against probabilistic blinding attack in practical quantum key distribution systems

In a practical quantum key distribution(QKD) system, imperfect equipment, especially the single-photon detector,can be eavesdropped on by a blinding attack. However, the original blinding attack may be discovered by directly detecting the current. In this paper, we propose a probabilistic blinding attack model, where Eve probabilistically applies a blinding attack without being caught by using only an existing intuitive countermeasure. More precisely, our countermeasure solves the problem of how to define the bound in the limitation of precision of current detection, and then we prove security of the practical system by considering the current parameter. Meanwhile, we discuss the bound of the quantum bit error rate(QBER) introduced by Eve, by which Eve can acquire information without the countermeasure.     

基于六光子量子避错码的量子密钥分发方案

量子信道中不可避免存在的噪声将扭曲被传输的信息,对通信造成危害。目前克服量子信道噪声的较好方案是量子避错码（QEAC）。将量子避错码思想用于量子密钥分发,能有效克服信道中的噪声,且无需复杂的系统。用六光子构造了量子避错码,提出了一种丛于六光子避错码的量子密钥分发（QDK）方案。以提高量子密钥分发的量子比特效率和安全性为前提,对六光子避错码的所有可能态进行组合,得到一种六光子避错码的最优组合方法,可将两比特信息编码在一个态中,根据测肇结果和分组信息进行解码,得到正确信息的平均概率为7／16。与最近的基于四光子避错码的克服量子信道噪声的量子密钥分发方案相比,该方案的量子比特效率提高了16．67％,密钥分发安全性足它的3．5倍。     

Security of a practical semi-device-independent quantum key distribution protocol against collective attacks

Similar to device-independent quantum key distribution(DI-QKD), semi-device-independent quantum key distribution(SDI-QKD) provides secure key distribution without any assumptions about the internal workings of the QKD devices.The only assumption is that the dimension of the Hilbert space is bounded. But SDI-QKD can be implemented in a oneway prepare-and-measure configuration without entanglement compared with DI-QKD. We propose a practical SDI-QKD protocol with four preparation states and three measurement bases by considering the maximal violation of dimension witnesses and specific processes of a QKD protocol. Moreover, we prove the security of the SDI-QKD protocol against collective attacks based on the min-entropy and dimension witnesses. We also show a comparison of the secret key rate between the SDI-QKD protocol and the standard QKD.     

Effect of excess noise on continuous variable entanglement sudden death and Gaussian quantum discord

A symmetric two-mode Gaussian entangled state is used to investigate the effect of excess noise on entanglement sudden death and Gaussian quantum discord with continuous variables. The results show that the excess noise in the channel can lead to entanglement sudden death of a symmetric two-mode Gaussian entangled state, while Gaussian quantum discord never vanishes. As a practical application, the security of a quantum key distribution （QKD） scheme based on a symmetric two-mode Gaussian entangled state against collective Gaussian attacks is analyzed. The calculation results show that the secret key cannot be distilled when entanglement vanishes and only quantum discord exists in such a QKD scheme.     

基于弱相干光的实际QKD系统的安全性研究

实际量子密钥分发系统使用的单光子源主要是由弱激光脉冲经衰减得到。它不是理想单光子源而是服从泊松分布的准单光子源。每个非空光脉冲中包含多光子的概率不为零,强大的窃听者可利用此获得一些关于最终密钥的信息。因此,有必要研究实际QKD系统的安全性。采用对多光子进行分束窃听、单光子最佳攻击相结合的方案,用Shannon信息理论分析了基于弱相干光的实际QKD系统的安全性。研究结果表明实际QKD系统对于分束窃听和最佳攻击是安全的,并给出合法通信双方在该攻击方案下所容忍的误码率上限。     

Quantum key distribution system against the probabilistic faint after-gate attack

In practical quantum key distribution (QKD) systems, a single photon-detector (SPD) is one of the most vulnerable components. Faint after-gate attack is a universal attack against the detector. However, the original faint after-gate attack can be discovered by monitoring the photocurrent. This paper presents a probabilistic generalization of the attack, which we refer to as probabilistic faint after-gate attack, by introducing probability control modules. Previous countermeasures for photocurrent monitoring may fail in detecting the eavesdropper under some specific probabilities. To mitigate this threat, we provide a method to determine the detectable boundary in the limitation of precision of photocurrent monitoring, and investigate the security of QKD systems under such boundaries using the weak randomness model.     

Energy Conservation in Distributed Interference as a Guarantee for Detecting a Detector Blinding Attack in Quantum Cryptography

Journal of Experimental and Theoretical Physics - An avalanche single-photon detector blinding attack is one of the methods for quantum hacking of quantum key distribution (QKD) systems. The attack...     

Upper bound on key generation rate of quantum key distribution with two-way or two-step quantum channels

We present an asymptotic security proof of deterministic quantum key distribution (DQKD) with a two-way quantum channel. The security proof of DQKD with a two-way quantum channel is different from that of BB84, because Eve can attack the travel qubits twice, both in line Bob to Alice and in line Alice to Bob. With the no-signaling principle and the property of mutual information, we obtain an upper bound of the final key generation of entanglement-based DQKD and hence single-photon four-state DQKD. Our results can be applied to the protocol of QKD with two-step quantum channels.     

Attacks on practical quantum key distribution systems (and how to prevent them)

With the emergence of an information society, the idea of protecting sensitive data is steadily gaining importance. Conventional encryption methods may not be sufficient to guarantee data protection in the future. Quantum key distribution (QKD) is an emerging technology that exploits fundamental physical properties to guarantee perfect security in theory. However, it is not easy to ensure in practice that the implementations of QKD systems are exactly in line with the theoretical specifications. Such theory–practice deviations can open loopholes and compromise security. Several such loopholes have been discovered and investigated in the last decade. These activities have motivated the proposal and implementation of appropriate countermeasures, thereby preventing future attacks and enhancing the practical security of QKD. This article introduces the so-called field of quantum hacking by summarising a variety of attacks and their prevention mechanisms.     

光子数分束攻击对星地量子密钥分配系统安全的影响

由于仪器设备性能的不完美和信道传输损耗的存在,光子数分束(PNS)攻击对采用弱相干脉冲(WCP)光源的量子密钥分配(QKD)系统的安全性构成重大威胁.以基于WCP光源的星地QKD系统为研究对象,推导了在PNS攻击者采用最佳窃听策略进行窃听时,保证密钥绝对安全的最大天顶角和可采用的平均光子数之间的关系.理论分析和计算结果表明,星地QKD系统的最大安全传输天顶角和可使用的平均光子数等重要系统参数的取值上限均受PNS攻击的限制,最终系统的密钥交换速率和系统容量受到限制.对星地QKD系统的传输容量来说,天顶角和平均光子数是一对矛盾的影响因素.提供了一种对实际星地QKD系统的天顶角和平均光子数参数进行估算的方法.     

Provably Secure Symmetric Private Information Retrieval with Quantum Cryptography

Private information retrieval (PIR) is a database query protocol that provides user privacy in that the user can learn a particular entry of the database of his interest but his query would be hidden from the data centre. Symmetric private information retrieval (SPIR) takes PIR further by additionally offering database privacy, where the user cannot learn any additional entries of the database. Unconditionally secure SPIR solutions with multiple databases are known classically, but are unrealistic because they require long shared secret keys between the parties for secure communication and shared randomness in the protocol. Here, we propose using quantum key distribution (QKD) instead for a practical implementation, which can realise both the secure communication and shared randomness requirements. We prove that QKD maintains the security of the SPIR protocol and that it is also secure against any external eavesdropper. We also show how such a classical-quantum system could be implemented practically, using the example of a two-database SPIR protocol with keys generated by measurement device-independent QKD. Through key rate calculations, we show that such an implementation is feasible at the metropolitan level with current QKD technology.     

Cryptanalysis of Multiparty Quantum Secret Sharing of Quantum State Using Entangled States

Security of a quantum secret sharing of quantum state protocol proposed by Guo et al. [Chin. Phys. Lett. 25 （2008） 16] is reexamined. It is shown that an eavesdropper can obtain some of the transmitted secret information by monitoring the classical channel or the entire secret by intercepting the quantum states, and moreover, the eavesdropper can even maliciously replace the secret message with an arbitrary message without being detected. Finally, the deep reasons why an eavesdropper can attack this protocol are discussed and the modified protocol is presented to amend the security loopholes.     

Practical security analysis of continuous-variable quantum key distribution with an unbalanced heterodyne detector

When developing a practical continuous-variable quantum key distribution (CVQKD), the detector is necessary at the receiver's side. We investigate the practical security of the CVQKD system with an unbalanced heterodyne detector. The results show that unbalanced heterodyne detector introduces extra excess noise into the system and decreases the lower bound of the secret key rate without awareness of the legitimate communicators, which leaves loopholes for Eve to attack the system. In addition, we find that the secret key rate decreases more severely with the increase in the degree of imbalance and the excess noise induced by the imbalance is proportional to the intensity of the local oscillator (LO) under the same degree of imbalance. Finally, a countermeasure is proposed to resist these kinds of effects.     

预报单光子源诱骗态量子密钥产生率及数值计算

独立推导预报单光子源诱骗态量子密钥分发的密钥产生率计算公式,讨论密钥产生率和发送端探测效率的关系;进行弱相干光和预报单光子源诱骗态量子密钥分发的最优强度估计和密钥产生率数值计算.结果表明,预报单光子源诱骗态量子密钥分发的密钥产生率随着发送端探测效率的增加而增加,其安全通信距离与完美单光子源的通信距离一致;诱骗态量子密钥分发可提高安全通信距离和密钥产生率;预报单光子源由于减少了暗计数的影响,进一步提高了安全通信距离.     

Controlling a sine wave gating single-photon detector by exploiting its filtering loophole

GHz single-photon detector(SPD) is a crucial part in the practical high speed quantum key distribution(QKD) system.However, any imperfections in a practical QKD system may be exploited by an eavesdropper(Eve) to collect information about the key without being discovered. The sine wave gating SPD(SG-SPD) based on InGaAs/InP avalanche photodiode,one kind of practical high speed SPD, may also contain loopholes. In this paper, we study the principle and characteristic of the SG-SPD and find out the filtering loophole of the SG-SPD for the first time. What is more, the proof-of-principle experiment shows that Eve could blind and control Bob's SG-SPD by exploiting this loophole. We believe that giving enough attention to this loophole can improve the practical security of the existing QKD system.