Practical security analysis of continuous-variable quantum key distribution with an unbalanced heterodyne detector

When developing a practical continuous-variable quantum key distribution (CVQKD), the detector is necessary at the receiver's side. We investigate the practical security of the CVQKD system with an unbalanced heterodyne detector. The results show that unbalanced heterodyne detector introduces extra excess noise into the system and decreases the lower bound of the secret key rate without awareness of the legitimate communicators, which leaves loopholes for Eve to attack the system. In addition, we find that the secret key rate decreases more severely with the increase in the degree of imbalance and the excess noise induced by the imbalance is proportional to the intensity of the local oscillator (LO) under the same degree of imbalance. Finally, a countermeasure is proposed to resist these kinds of effects.     

Quantum Hacking on an Integrated Continuous-Variable Quantum Key Distribution System via Power Analysis

In quantum key distribution (QKD), there are some security loopholes opened by the gaps between the theoretical model and the practical system, and they may be exploited by eavesdroppers (Eve) to obtain secret key information without being detected. This is an effective quantum hacking strategy that seriously threatens the security of practical QKD systems. In this paper, we propose a new quantum hacking attack on an integrated silicon photonic continuous-variable quantum key distribution (CVQKD) system, which is known as a power analysis attack. This attack can be implemented by analyzing the power originating from the integrated electrical control circuit in state preparation with the help of machine learning, where the state preparation is assumed to be perfect in initial security proofs. Specifically, we describe a possible power model and show a complete attack based on a support vector regression (SVR) algorithm. The simulation results show that the secret key information decreases with the increase of the accuracy of the attack, especially in a situation with less excess noise. In particular, Eve does not have to intrude into the transmitter chip (Alice), and may perform a similar attack in practical chip-based discrete-variable quantum key distribution (DVQKD) systems. To resist this attack, the electrical control circuit should be improved to randomize the corresponding power. In addition, the power can be reduced by utilizing the dynamic voltage and frequency scaling (DVFS) technology.     

Counteracting a Saturation Attack in Continuous-Variable Quantum Key Distribution Using an Adjustable Optical Filter Embedded in Homodyne Detector

A saturation attack can be employed for compromising the practical security of continuous-variable quantum key distribution (CVQKD). In this paper, we suggest a countermeasure approach to resisting this attack by embedding an adjustable optical filter (AOF) in the CVQKD system. Numerical simulations illustrate the effects of the AOF-enabled countermeasure on the performance in terms of the secret key rate and transmission distance. The legal participants can trace back the information that has been eavesdropped by an attacker from the imperfect receiver, which indicates that this approach can be used for defeating a saturation attack in practical quantum communications.     

Influence of multi-photon pulses on practical differential-phase-shift quantum key distribution

The influence of multi-photon pulses on practical differcBtial-phase-shift quantum key distribution （DPS-Qt（D） is analysed. We have estimated the information which Eve obtained by PNS （photon-number splitting） attack and BS （beam splitting） attack. The result indicates that the PNS attack and BS attack will not limit the transmission distance as long as we select an appropriate mean photon number. Also, the maximum mean photon number under BS attack in practical DPS-QKD system and the set of practical assumptions about Eve＇s capabilities are presented.[第一段]     

Security analysis on some experimental quantum key distribution systems with imperfect optical and electrical devices

In general, quantum key distribution （QKD） has been proved unconditionally secure for perfect devices due to quantum uncertainty principle, quantum noneloning theorem and quantum nondividing principle which means that a quantum cannot be divided further. However, the practical optical and electrical devices used in the system are imperfect, which can be exploited by the eavesdropper to partially or totally spy the secret key between the legitimate parties. In this article, we first briefly review the recent work on quantum hacking on some experimental QKD systems with respect to imperfect devices carried out internationally, then we will present our recent hacking works in details, including passive faraday mirror attack, partially random phase attack, wavelength-selected photon-number-splitting attack, frequency shift attack, and single-photon-detector attack. Those quantum attack reminds people to improve the security existed in practical QKD systems due to imperfect devices by simply adding countermeasure or adopting a totally different protocol such as measurement-device independent protocol to avoid quantum hacking on the imperfection of measurement devices [Lo, et al., Phys. Rev. Lett., 2012, 108： 130503].     

Controlling a sine wave gating single-photon detector by exploiting its filtering loophole

GHz single-photon detector(SPD) is a crucial part in the practical high speed quantum key distribution(QKD) system.However, any imperfections in a practical QKD system may be exploited by an eavesdropper(Eve) to collect information about the key without being discovered. The sine wave gating SPD(SG-SPD) based on InGaAs/InP avalanche photodiode,one kind of practical high speed SPD, may also contain loopholes. In this paper, we study the principle and characteristic of the SG-SPD and find out the filtering loophole of the SG-SPD for the first time. What is more, the proof-of-principle experiment shows that Eve could blind and control Bob's SG-SPD by exploiting this loophole. We believe that giving enough attention to this loophole can improve the practical security of the existing QKD system.     

Security proof of counterfactual quantum cryptography against general intercept-resend attacks and its vulnerability

Counterfactual quantum cryptography,recently proposed by Noh,is featured with no transmission of signal particles.This exhibits evident security advantages,such as its immunity to the well-known photon-number-splitting attack.In this paper,the theoretical security of counterfactual quantum cryptography protocol against the general interceptresend attacks is proved by bounding the information of an eavesdropper Eve more tightly than in Yin’s proposal [Phys.Rev.A 82 042335(2010)].It is also shown that practical counterfactual quantum cryptography implementations may be vulnerable when equipped with imperfect apparatuses,by proving that a negative key rate can be achieved when Eve launches a time-shift attack based on imperfect detector efficiency.     

Cryptanalysis of the Efficient Controlled Quantum Secure Direct Communication and Authentication by Using Four Particle Cluster States Protocol

It shows that there are some serious security issues in the controlled quantum secure direct communication (CQSDC) with authentication protocol based on four particle cluster states via quantum one-time pad and local unitary operations. Some information of the identity strings of the receiver and the controller can be stolen without being detected by the intercept-selectively-measure-resend (ISMR) attack. Furthermore, an eavesdropper (Eve) can eavesdrop on some information of the secret message that the sender transmits. In addition, the receiver can obtain half of information about the secret message without any active attack and the permission of the controller, which is not allowed in a secure CQSDC protocol. The receiver can take the ISMR attack to obtain more information about the secret message without the permission of the controller. If running the protocol many times, the identity strings of the receiver and the controller can be completely acquired by Eve. Finally, the original CQSDC protocol is improved to a secure one.

     

基于弱相干光的实际QKD系统的安全性研究

实际量子密钥分发系统使用的单光子源主要是由弱激光脉冲经衰减得到。它不是理想单光子源而是服从泊松分布的准单光子源。每个非空光脉冲中包含多光子的概率不为零,强大的窃听者可利用此获得一些关于最终密钥的信息。因此,有必要研究实际QKD系统的安全性。采用对多光子进行分束窃听、单光子最佳攻击相结合的方案,用Shannon信息理论分析了基于弱相干光的实际QKD系统的安全性。研究结果表明实际QKD系统对于分束窃听和最佳攻击是安全的,并给出合法通信双方在该攻击方案下所容忍的误码率上限。     

Upper bound on key generation rate of quantum key distribution with two-way or two-step quantum channels

We present an asymptotic security proof of deterministic quantum key distribution (DQKD) with a two-way quantum channel. The security proof of DQKD with a two-way quantum channel is different from that of BB84, because Eve can attack the travel qubits twice, both in line Bob to Alice and in line Alice to Bob. With the no-signaling principle and the property of mutual information, we obtain an upper bound of the final key generation of entanglement-based DQKD and hence single-photon four-state DQKD. Our results can be applied to the protocol of QKD with two-step quantum channels.     

Cascading attack on trusted-relay quantum key distribution networks

Trusted relays are the main state-of-the-art way to realize quantum key distribution networks.However, it is hard to require that all nodes in the network are fully trusted. In a multipath keytransmission mechanism, the nodes can be weakly trusted because the secret key can be split into many parts and each part is transmitted to the receiver through a different path. However, if the capacity of a node's quantum key pool is poorly designed, an attacker, Eve may eavesdrop on the communicating parties' secret message by initiating a redirection attack. In this paper, we show that Eve can trigger a cascading collapse effect by collapsing one of the edges in the network and forcing the communication parties to transmit the message through the nodes controlled by Eve. The influence of the traffic transfer ratio and the control parameters of the edge load on the breakdown probability of the edge are analyzed using a simulation. In order to effectively defend against the cascading attack, it is important for the designer to handle the relationship between the traffic and the capacity of the quantum key pool of each node in the network.     

Enhancing the security of quantum secret sharing against multiphoton attack

It is generally believed that nonorthogonal operations which can realize the state transformation between two nonorthogonal bases may ensure the security of many quantum communication protocols. However, in this paper, we present a powerful attack against quantum secret sharing protocols of these kinds. Applying entangled photons as fake signals, Eve can successfully steal the exact information without being revealed. We also give our effective modification to improve it. Under the suggested checking strategy, even to Eve's most general attack, it is robust and secure.     

Improved Quantum Signature Scheme with Weak Arbitrator

In this paper, we find a man-in-the-middle attack on the quantum signature scheme with a weak arbitrator (Luo et al., Int. J. Theor. Phys., 51:2135, 2012). In that scheme, the authors proposed a quantum signature based on quantum one way function which contains both verifying the signer phase and verifying the signed message phase. However, after our analysis we will show that Eve can adopt different strategies in respective phases to forge the signature without being detected. Then we present an improved scheme to increase the security.     

Implementation of Positive Operator-Valued Measure in Passive Faraday Mirror Attack

Passive Faraday-mirror(PFM) attack is based on imperfect Faraday mirrors in practical quantum cryptography systems and a set of three-dimensional Positive Operator-Valued Measure(POVM) operators plays an important role in this attack.In this paper,we propose a simple scheme to implement the POVM in PFM attack on an FaradayMichelson quantum cryptography system.Since the POVM can not be implemented directly with previous methods,in this scheme it needs to expand the states sent by Alice and the POVM operators in the attack into four-dimensional Hilbert space first,without changing the attacking effect by calculation.Based on the methods proposed by Ahnert and Payne,the linear-optical setup for implementing the POVM operators is derived.At last,the complete setup for realizing the PFM attack is presented with all parameters.Furthermore,our scheme can also be applied to realize PFM attack on a plug-and-play system by changing the parameters in the setup.     

Comment on “Deterministic six states protocol for quantum communication” [Phys. Lett. A 358 (2006) 85]

In [J.S. Shaari, M. Lucamarini, M.R.B. Wahiddin, Phys. Lett. A 358 (2006) 85] the deterministic six states protocol (6DP) for quantum communication has been developed. This protocol is based on three mutually unbiased bases and four encoding operators. Information is transmitted between the users via two qubits from different bases. Three attacks have been studied; namely intercept-resend attack (IRA), double-CNOT attack (2CNOTA) and quantum man-in-the-middle attack. In this Letter, we show that the IRA and 2CNOTA are not properly addressed. For instance, we show that the probability of detecting Eve in the control mode of the IRA is 70% instead of 50% in the previous study. Moreover, in the 2CNOTA, Eve can only obtain 50% of the data not all of it as argued earlier.     

A quantum secure direct communication scheme based on intermediate-basis

Quantum secure direct communication (QSDC) is a method of communication that transmits secret information directly through a quantum channel. This paper proposes a two-step QSDC scheme based on intermediate-basis, in which the intermediate-basis Einstein−Podolsky−Rosen (EPR) pairs can assist to detect channel security and help encode information. Specifically, the intermediate-basis EPR pairs reduce the probability of Eve choosing the correct measurement basis in the first step, enhancing the security of the system. Moreover, they encode information together with information EPR pairs to improve the transmission efficiency in the second step. We consider the security of the protocol under coherent attack when Eve takes different dimensions of the auxiliary system. The simulation results show that intermediate-basis EPR pairs can lower the upper limit of the amount of information that Eve can steal in both attack scenarios. Therefore, the proposed protocol can ensure that the legitimate parties get more confidential information and improve the transmission efficiency.     

Cryptanalysis of Controlled Quantum Secure Direct Communication and Authentication Protocol Based on Five-Particle Cluster State and Quantum One-Time Pad

A new attack strategy, the so-called intercept-selectively-measure-resend attack is put forward. It shows that there are some security issues in the controlled quantum secure direct communication (CQSDC) and authentication protocol based on five-particle cluster states and quantum one-time pad. Firstly, an eavesdropper (Eve) can use this attack to eavesdrop on 0.656 bit of every bit of the identity string of the receiver and 1.406 bits of every couple of the corresponding bits of the secret message without being detected. Also, she can eavesdrop on 0.311 bit of every bit of the identity string of the controller. Secondly, the receiver can also take this attack to obtain 1.311 bits of every couple of the corresponding bits of the secret message without the permission of the controller, which is not allowed in the CQSDC protocols. In fact, there is another security issue in this protocol, that is, one half of the information about the secret is leaked out unconsciously. In addition, an alternative attack strategy which is called as the selective-CNOT-operation attack strategy to attack this protocol is discussed.     

A generalized complexity measure based on Rényi entropy

Phase drift is an inherent problem in one-way phase-encoded quantum key distribution (QKD) systems. Although combining passive with active phase compensation (APC) processes can effectively compensate for the phase drift, the security problems brought about by these processes are rarely considered. In this paper, we point out a security hole in the APC process and put forward a corresponding attack scheme. Under our proposed attack, the quantum bit error rate (QBER) of the QKD can be close to zero for some conditions. However, under the same conditions the ratio r of the key “0” and the key “1” which Bob (the legal communicators Alice and Bob) gets is no longer 1:1 but 2:1, which may expose Eve (the eavesdropper). In order to solve this problem, we modify the resend strategy of the attack scheme, which can force r to reach 1 and the QBER to be lower than the tolerable QBER.     

A Review of Security Evaluation of Practical Quantum Key Distribution System

Although the unconditional security of quantum key distribution (QKD) has been widely studied, the imperfections of the practical devices leave potential loopholes for Eve to spy the final key. Thus, how to evaluate the security of QKD with realistic devices is always an interesting and opening question. In this paper, we briefly review the development of quantum hacking and security evaluation technology for a practical decoy state BB84 QKD system. The security requirement and parameters in each module (source, encoder, decoder and detector) are discussed, and the relationship between quantum hacking and security parameter are also shown.     

Information leakage in three-party simultaneous quantum secure direct communication with EPR pairs

In 2007, Wang et al. [M. Y. Wang and F. L. Yan, Chin. Phys. Lett. 24 (2007) 2486] proposed a three-party simultaneous quantum secure direct communication (3P-SQSDC) scheme with EPR pairs. Recently, Chong et al. [S. K. Chong and T. Hwang, Opt. Commun. OPTICS-15438 (2010(online))] proposed an enhancement on Wang et al.'s scheme. The communications in Chong et al.'s 3P-SQSDC can be paralleled and thus their scheme has higher efficiency. However, we find that both of the schemes have the information leakage, because the legitimate parties' secret messages have a strong correlation. This kind of security loophole leads to the consequence that any eavesdropper (Eve) can directly conjecture some information about the secrets without any active attack.