A Review of Security Evaluation of Practical Quantum Key Distribution System

Although the unconditional security of quantum key distribution (QKD) has been widely studied, the imperfections of the practical devices leave potential loopholes for Eve to spy the final key. Thus, how to evaluate the security of QKD with realistic devices is always an interesting and opening question. In this paper, we briefly review the development of quantum hacking and security evaluation technology for a practical decoy state BB84 QKD system. The security requirement and parameters in each module (source, encoder, decoder and detector) are discussed, and the relationship between quantum hacking and security parameter are also shown.     

Quantum Hacking on an Integrated Continuous-Variable Quantum Key Distribution System via Power Analysis

In quantum key distribution (QKD), there are some security loopholes opened by the gaps between the theoretical model and the practical system, and they may be exploited by eavesdroppers (Eve) to obtain secret key information without being detected. This is an effective quantum hacking strategy that seriously threatens the security of practical QKD systems. In this paper, we propose a new quantum hacking attack on an integrated silicon photonic continuous-variable quantum key distribution (CVQKD) system, which is known as a power analysis attack. This attack can be implemented by analyzing the power originating from the integrated electrical control circuit in state preparation with the help of machine learning, where the state preparation is assumed to be perfect in initial security proofs. Specifically, we describe a possible power model and show a complete attack based on a support vector regression (SVR) algorithm. The simulation results show that the secret key information decreases with the increase of the accuracy of the attack, especially in a situation with less excess noise. In particular, Eve does not have to intrude into the transmitter chip (Alice), and may perform a similar attack in practical chip-based discrete-variable quantum key distribution (DVQKD) systems. To resist this attack, the electrical control circuit should be improved to randomize the corresponding power. In addition, the power can be reduced by utilizing the dynamic voltage and frequency scaling (DVFS) technology.     

Phase-matching quantum key distribution with light source monitoring

The transmission loss of photons during quantum key distribution (QKD) process leads to the linear key rate bound for practical QKD systems without quantum repeaters. Phase matching quantum key distribution (PM-QKD) protocol, an novel QKD protocol, can overcome the constraint with a measurement-device-independent structure, while it still requires the light source to be ideal. This assumption is not guaranteed in practice, leading to practical secure issues. In this paper, we propose a modified PM-QKD protocol with a light source monitoring, named PM-QKD-LSM protocol, which can guarantee the security of the system under the non-ideal source condition. The results show that our proposed protocol performs almost the same as the ideal PM-QKD protocol even considering the imperfect factors in practical systems. PM-QKD-LSM protocol has a better performance with source fluctuation, and it is robust in symmetric or asymmetric cases.     

光子数分束攻击对星地量子密钥分配系统安全的影响

由于仪器设备性能的不完美和信道传输损耗的存在,光子数分束(PNS)攻击对采用弱相干脉冲(WCP)光源的量子密钥分配(QKD)系统的安全性构成重大威胁.以基于WCP光源的星地QKD系统为研究对象,推导了在PNS攻击者采用最佳窃听策略进行窃听时,保证密钥绝对安全的最大天顶角和可采用的平均光子数之间的关系.理论分析和计算结果表明,星地QKD系统的最大安全传输天顶角和可使用的平均光子数等重要系统参数的取值上限均受PNS攻击的限制,最终系统的密钥交换速率和系统容量受到限制.对星地QKD系统的传输容量来说,天顶角和平均光子数是一对矛盾的影响因素.提供了一种对实际星地QKD系统的天顶角和平均光子数参数进行估算的方法.     

Attacking a high-dimensional quantum key distribution system with wavelength-dependent beam splitter

The unconditional security of quantum key distribution(QKD) can be guaranteed by the nature of quantum physics.Compared with the traditional two-dimensional BB84 QKD protocol, high-dimensional quantum key distribution(HDQKD) can be applied to generate much more secret key.Nonetheless, practical imperfections in realistic systems can be exploited by the third party to eavesdrop the secret key.The practical beam splitter has a correlation with wavelength,where different wavelengths have different coupling ratios.Using this property, we propose a wavelength-dependent attack towards time-bin high-dimensional QKD system.What is more, we demonstrate that this attacking protocol can be applied to arbitrary d-dimensional QKD system, and higher-dimensional QKD system is more vulnerable to this attacking strategy.     

Energy Conservation in Distributed Interference as a Guarantee for Detecting a Detector Blinding Attack in Quantum Cryptography

Journal of Experimental and Theoretical Physics - An avalanche single-photon detector blinding attack is one of the methods for quantum hacking of quantum key distribution (QKD) systems. The attack...     

Quantum key distribution series network protocol with M-classical Bobs

Secure key distribution among classical parties is impossible both between two parties and in a network. In this paper, we present a quantum key distribution (QKD) protocol to distribute secure key bits among one quantum party and numerous classical parties who have no quantum capacity. We prove that our protocol is completely robust, i.e., any eavesdropping attack should be detected with nonzero probability. Our calculations show that our protocol may be secure against Eve’s symmetrically individual attack.     

Security of a practical semi-device-independent quantum key distribution protocol against collective attacks

Similar to device-independent quantum key distribution(DI-QKD), semi-device-independent quantum key distribution(SDI-QKD) provides secure key distribution without any assumptions about the internal workings of the QKD devices.The only assumption is that the dimension of the Hilbert space is bounded. But SDI-QKD can be implemented in a oneway prepare-and-measure configuration without entanglement compared with DI-QKD. We propose a practical SDI-QKD protocol with four preparation states and three measurement bases by considering the maximal violation of dimension witnesses and specific processes of a QKD protocol. Moreover, we prove the security of the SDI-QKD protocol against collective attacks based on the min-entropy and dimension witnesses. We also show a comparison of the secret key rate between the SDI-QKD protocol and the standard QKD.     

Attacks on practical quantum key distribution systems (and how to prevent them)

With the emergence of an information society, the idea of protecting sensitive data is steadily gaining importance. Conventional encryption methods may not be sufficient to guarantee data protection in the future. Quantum key distribution (QKD) is an emerging technology that exploits fundamental physical properties to guarantee perfect security in theory. However, it is not easy to ensure in practice that the implementations of QKD systems are exactly in line with the theoretical specifications. Such theory–practice deviations can open loopholes and compromise security. Several such loopholes have been discovered and investigated in the last decade. These activities have motivated the proposal and implementation of appropriate countermeasures, thereby preventing future attacks and enhancing the practical security of QKD. This article introduces the so-called field of quantum hacking by summarising a variety of attacks and their prevention mechanisms.     

Security proof of counterfactual quantum cryptography against general intercept-resend attacks and its vulnerability

Counterfactual quantum cryptography,recently proposed by Noh,is featured with no transmission of signal particles.This exhibits evident security advantages,such as its immunity to the well-known photon-number-splitting attack.In this paper,the theoretical security of counterfactual quantum cryptography protocol against the general interceptresend attacks is proved by bounding the information of an eavesdropper Eve more tightly than in Yin’s proposal [Phys.Rev.A 82 042335(2010)].It is also shown that practical counterfactual quantum cryptography implementations may be vulnerable when equipped with imperfect apparatuses,by proving that a negative key rate can be achieved when Eve launches a time-shift attack based on imperfect detector efficiency.     

Quantum key distribution system against the probabilistic faint after-gate attack

In practical quantum key distribution (QKD) systems, a single photon-detector (SPD) is one of the most vulnerable components. Faint after-gate attack is a universal attack against the detector. However, the original faint after-gate attack can be discovered by monitoring the photocurrent. This paper presents a probabilistic generalization of the attack, which we refer to as probabilistic faint after-gate attack, by introducing probability control modules. Previous countermeasures for photocurrent monitoring may fail in detecting the eavesdropper under some specific probabilities. To mitigate this threat, we provide a method to determine the detectable boundary in the limitation of precision of photocurrent monitoring, and investigate the security of QKD systems under such boundaries using the weak randomness model.     

Upper bound on key generation rate of quantum key distribution with two-way or two-step quantum channels

We present an asymptotic security proof of deterministic quantum key distribution (DQKD) with a two-way quantum channel. The security proof of DQKD with a two-way quantum channel is different from that of BB84, because Eve can attack the travel qubits twice, both in line Bob to Alice and in line Alice to Bob. With the no-signaling principle and the property of mutual information, we obtain an upper bound of the final key generation of entanglement-based DQKD and hence single-photon four-state DQKD. Our results can be applied to the protocol of QKD with two-step quantum channels.     

诱惑态在“双探测器”准单光子光源量子密钥分发系统中的应用

现在诱惑态已被证明是一种可以大大提高量子密钥分发安全性能的现实可行的方法.由于考虑到现实应用中激光器在调制过程中的消光比不能做到100%,以及激光器固有的自发辐射因而使得制备真空态并不是一件容易的事情. 因此本文将对理想情况下准单光子光源量子密钥分发系统应用中的诱惑态结论作了补充和扩展,提出了两个弱光强态的诱惑态方案和一个弱光强诱惑态方案.最后,将“双探测器”的理论应用在准单光子源(HSPS)光源系统中,使系统的安全传输距离可达到2215km,比使用普通探测器的系统增加了约50km. 关键词： 量子密钥分发 诱惑态 HSPS光源 双探测器     

Fluctuation Analysis of Decoy State QKD with Finite Data-Set Size

Decoy state method quantum key distribution (QKD) is one of the promisingpractical solutions for BB84 QKD with coherent light pulses. The number ofdata-set size in practical QKD protocol is always finite, which will causestatistical fluctuations. In this paper, we apply absolutely statisticalfluctuation to amend the yield and error rate of the quantum state. Therelationship between exchanged number of quantum signals and key generation rate is analyzed in our simulation, which offers a useful reference for experiment.     

基于不同介质间量子密钥分发的研究

文章主要解决了偏振编码的光子在不同介质间进行量子密钥分发的问题,定量地分析了光子不同分量的不同透过率引起的误码率问题,并实际分析了空气-水介质间量子密钥分发引起的误码率.进一步给出了可以消除这种非理想BB84协议的单光子补偿方案,以及可以采用更加鲁棒、实用性的抗界面非幺正噪声的双光子编码方案,从而为未来实现全地域广域量子通信迈出了重要的一步.     

Free-Space QKD with Modulating Retroreflectors Based on the B92 Protocol

Free-space quantum key distribution (QKD) has attracted considerable attention due to its lower channel loss and link flexibility. It allows two participants share theoretical unconditional secure keys, and can potentially be applied to air-to-ground quantum communication to establish a global quantum network. Free-space QKD using modulating retro-reflectors (MRR-QKD) significantly reduces the pointing requirement and simplifies the structure of the mobile terminal, therefore making it suitable for lightweight aircraft such as unmanned aerial vehicle and Cubesat, etc. Based on intensity modulation of two non-orthogonal states and the B92 protocol, we proposed a scheme to improve the previous work (Optics Express 2018, 26, 11331). Our scheme simplifies the optical structure and shows more robustness in equipment imperfection. The analysis and simulation show that the number of multiple quantum well modulators needed in our scheme decreases from eight to three with similar performance. Additionally, while the previous scheme cannot work due to low modulator extinction ratio or high optical misalignment, our scheme can still operate.     

The queueing model for quantum key distribution network

This paper develops a QKD (quantum key distribution)-based queueing model to investigate the data delay on QKD link and network, especially that based on trusted relays. It shows the mean packet delay performance of the QKD system. Furthermore, it proposes a key buffering policy which could effectively improve the delay performance in practice. The results will be helpful for quality of service in practical QKD systems.     

基于量子存储的长距离测量设备无关量子密钥分配研究

针对量子中继器短时间内难以应用于长距离量子密钥分配系统的问题, 提出了基于量子存储的长距离测量设备无关量子密钥分配协议, 分析了其密钥生成率与存储效率、信道传输效率和安全传输距离等参数间的关系, 研究了该协议中量子存储单元的退相干效应对最终密钥生成率的影响, 比较了经典测量设备无关量子密钥分配协议和基于量子存储的测量设备无关量子密钥分配协议的密钥生成率与安全传输距离的关系. 仿真结果表明, 添加量子存储单元后, 协议的安全传输距离由无量子存储的216 km增加至500 km, 且量子存储退相干效应带来的误码对最终的密钥生成率影响较小. 实验中可以采取调节信号光强度的方式提高测量设备无关量子密钥分配系统的密钥生成率, 为实用量子密钥分配实验提供了重要的理论参数.     

诱惑态量子密钥分配系统中统计涨落的研究

针对实用的量子密钥分配(QKD)系统是基于强衰减的弱激光脉冲作为单光子源, 光子数分束攻击极大限制了通信双方在非理想条件下QKD的传输距离和密钥生成率,采用大数定律对诱惑态协议中单光子的计数率、单光子增益和误码率分别进行统计涨落分析, 利用双诱惑态比较了1310 nm和1550 nm条件下,编码脉冲的长度为(N = 10⁶-N = 10¹²)实际QKD协议中密钥的生成率与安全传输距离之间的关系、安全传输距离随编码长度的变化的关系, 得出脉冲编码长度增大到N = 10¹²时,密钥的最大安全传输距离为135 km.     

Phase-Matching Quantum Key Distribution with Discrete Phase Randomization

The twin-field quantum key distribution (TF-QKD) protocol and its variations have been proposed to overcome the linear Pirandola–Laurenza–Ottaviani–Banchi (PLOB) bound. One variation called phase-matching QKD (PM-QKD) protocol employs discrete phase randomization and the phase post-compensation technique to improve the key rate quadratically. However, the discrete phase randomization opens a loophole to threaten the actual security. In this paper, we first introduce the unambiguous state discrimination (USD) measurement and the photon-number-splitting (PNS) attack against PM-QKD with imperfect phase randomization. Then, we prove the rigorous security of decoy state PM-QKD with discrete phase randomization. Simulation results show that, considering the intrinsic bit error rate and sifting factor, there is an optimal discrete phase randomization value to guarantee security and performance. Furthermore, as the number of discrete phase randomization increases, the key rate of adopting vacuum and one decoy state approaches infinite decoy states, the key rate between discrete phase randomization and continuous phase randomization is almost the same.