Attacking a high-dimensional quantum key distribution system with wavelength-dependent beam splitter

The unconditional security of quantum key distribution(QKD) can be guaranteed by the nature of quantum physics.Compared with the traditional two-dimensional BB84 QKD protocol, high-dimensional quantum key distribution(HDQKD) can be applied to generate much more secret key.Nonetheless, practical imperfections in realistic systems can be exploited by the third party to eavesdrop the secret key.The practical beam splitter has a correlation with wavelength,where different wavelengths have different coupling ratios.Using this property, we propose a wavelength-dependent attack towards time-bin high-dimensional QKD system.What is more, we demonstrate that this attacking protocol can be applied to arbitrary d-dimensional QKD system, and higher-dimensional QKD system is more vulnerable to this attacking strategy.     

A Review of Security Evaluation of Practical Quantum Key Distribution System

Although the unconditional security of quantum key distribution (QKD) has been widely studied, the imperfections of the practical devices leave potential loopholes for Eve to spy the final key. Thus, how to evaluate the security of QKD with realistic devices is always an interesting and opening question. In this paper, we briefly review the development of quantum hacking and security evaluation technology for a practical decoy state BB84 QKD system. The security requirement and parameters in each module (source, encoder, decoder and detector) are discussed, and the relationship between quantum hacking and security parameter are also shown.     

光子数分束攻击对星地量子密钥分配系统安全的影响

由于仪器设备性能的不完美和信道传输损耗的存在,光子数分束(PNS)攻击对采用弱相干脉冲(WCP)光源的量子密钥分配(QKD)系统的安全性构成重大威胁.以基于WCP光源的星地QKD系统为研究对象,推导了在PNS攻击者采用最佳窃听策略进行窃听时,保证密钥绝对安全的最大天顶角和可采用的平均光子数之间的关系.理论分析和计算结果表明,星地QKD系统的最大安全传输天顶角和可使用的平均光子数等重要系统参数的取值上限均受PNS攻击的限制,最终系统的密钥交换速率和系统容量受到限制.对星地QKD系统的传输容量来说,天顶角和平均光子数是一对矛盾的影响因素.提供了一种对实际星地QKD系统的天顶角和平均光子数参数进行估算的方法.     

Time–energy high-dimensional one-side device-independent quantum key distribution

Compared with full device-independent quantum key distribution(DI-QKD), one-side device-independent QKD(1s DI-QKD) needs fewer requirements, which is much easier to meet. In this paper, by applying recently developed novel time–energy entropic uncertainty relations, we present a time–energy high-dimensional one-side device-independent quantum key distribution(HD-QKD) and provide the security proof against coherent attacks. Besides, we connect the security with the quantum steering. By numerical simulation, we obtain the secret key rate for Alice's different detection efficiencies. The results show that our protocol can performance much better than the original 1s DI-QKD. Furthermore, we clarify the relation among the secret key rate, Alice's detection efficiency, and the dispersion coefficient. Finally, we simply analyze its performance in the optical fiber channel.     

Phase-matching quantum key distribution with light source monitoring

The transmission loss of photons during quantum key distribution (QKD) process leads to the linear key rate bound for practical QKD systems without quantum repeaters. Phase matching quantum key distribution (PM-QKD) protocol, an novel QKD protocol, can overcome the constraint with a measurement-device-independent structure, while it still requires the light source to be ideal. This assumption is not guaranteed in practice, leading to practical secure issues. In this paper, we propose a modified PM-QKD protocol with a light source monitoring, named PM-QKD-LSM protocol, which can guarantee the security of the system under the non-ideal source condition. The results show that our proposed protocol performs almost the same as the ideal PM-QKD protocol even considering the imperfect factors in practical systems. PM-QKD-LSM protocol has a better performance with source fluctuation, and it is robust in symmetric or asymmetric cases.     

Finite-Key Analysis for a Practical High-Dimensional Quantum Key Distribution System Based on Time-Phase States

High-dimensional quantum states key distribution(HD-QKD) can enable more than one bit per photon and tolerate more noise. Recently, a practical HD-QKD system based on time-phase states has provided a secret key at Mbps over metropolitan distances. For the purposes of further improving the secret key rate of a practical HD-QKD system, we make two main contributions in this work. Firstly, we present an improved parameter estimation for this system in the finite-key scenario based on the Chernoff bound and the improved Chernoff bound. Secondly, we analyze how the dimension d affects the performance of the practical HD-QKD system.We present numerical simulations about the secret key rate of the practical HD-QKD system based on different parameter estimation methods. It is found that using the improved Chernoff bound can improve the secret key rate and maximum channel loss of the practical HD-QKD system. In addition, a mixture of the 4-level and 8-level practical HD-QKD system can provide better performance in terms of the key generation rate over metropolitan distances.     

基于弱相干光的实际QKD系统的安全性研究

实际量子密钥分发系统使用的单光子源主要是由弱激光脉冲经衰减得到。它不是理想单光子源而是服从泊松分布的准单光子源。每个非空光脉冲中包含多光子的概率不为零,强大的窃听者可利用此获得一些关于最终密钥的信息。因此,有必要研究实际QKD系统的安全性。采用对多光子进行分束窃听、单光子最佳攻击相结合的方案,用Shannon信息理论分析了基于弱相干光的实际QKD系统的安全性。研究结果表明实际QKD系统对于分束窃听和最佳攻击是安全的,并给出合法通信双方在该攻击方案下所容忍的误码率上限。     

Quantum Hacking on an Integrated Continuous-Variable Quantum Key Distribution System via Power Analysis

In quantum key distribution (QKD), there are some security loopholes opened by the gaps between the theoretical model and the practical system, and they may be exploited by eavesdroppers (Eve) to obtain secret key information without being detected. This is an effective quantum hacking strategy that seriously threatens the security of practical QKD systems. In this paper, we propose a new quantum hacking attack on an integrated silicon photonic continuous-variable quantum key distribution (CVQKD) system, which is known as a power analysis attack. This attack can be implemented by analyzing the power originating from the integrated electrical control circuit in state preparation with the help of machine learning, where the state preparation is assumed to be perfect in initial security proofs. Specifically, we describe a possible power model and show a complete attack based on a support vector regression (SVR) algorithm. The simulation results show that the secret key information decreases with the increase of the accuracy of the attack, especially in a situation with less excess noise. In particular, Eve does not have to intrude into the transmitter chip (Alice), and may perform a similar attack in practical chip-based discrete-variable quantum key distribution (DVQKD) systems. To resist this attack, the electrical control circuit should be improved to randomize the corresponding power. In addition, the power can be reduced by utilizing the dynamic voltage and frequency scaling (DVFS) technology.     

Cryptanalysis of Multiparty Quantum Secret Sharing of Quantum State Using Entangled States

Security of a quantum secret sharing of quantum state protocol proposed by Guo et al. [Chin. Phys. Lett. 25 （2008） 16] is reexamined. It is shown that an eavesdropper can obtain some of the transmitted secret information by monitoring the classical channel or the entire secret by intercepting the quantum states, and moreover, the eavesdropper can even maliciously replace the secret message with an arbitrary message without being detected. Finally, the deep reasons why an eavesdropper can attack this protocol are discussed and the modified protocol is presented to amend the security loopholes.     

Experimental Decoy State Quantum Key Distribution Over 120km Fibre

Decoy state quantum key distribution （QKD）, being capable of beating PNS attack and being unconditionally secure has become attractive recently. However, in many QKD systems, disturbances of transmission channel make the quantum bit error rate （QBER） increase, which limits both security distance and key bit rate of real-world decoy state QKD systems. We demonstrate the two-intensity decoy QKD with a one-way Faraday- Michelson phase modulation system, which is free of channel disturbance and keeps an interference fringe visibility （99%） long period, over a 120 km single mode optical fibre in telecom （1550nm） wavelength. This is the longest distance fibre decoy state QKD system based on the two-intensity protocol.     

Attacks on practical quantum key distribution systems (and how to prevent them)

With the emergence of an information society, the idea of protecting sensitive data is steadily gaining importance. Conventional encryption methods may not be sufficient to guarantee data protection in the future. Quantum key distribution (QKD) is an emerging technology that exploits fundamental physical properties to guarantee perfect security in theory. However, it is not easy to ensure in practice that the implementations of QKD systems are exactly in line with the theoretical specifications. Such theory–practice deviations can open loopholes and compromise security. Several such loopholes have been discovered and investigated in the last decade. These activities have motivated the proposal and implementation of appropriate countermeasures, thereby preventing future attacks and enhancing the practical security of QKD. This article introduces the so-called field of quantum hacking by summarising a variety of attacks and their prevention mechanisms.     

Key Rate of Practical Quantum Communication Network

The security properties of quantum key distribution(QKD) system are analyzed with the practical light source using decoy state method. The secure key rate with the change of transmission distance is computed under the condition of ideal system, infinite light source system, untrusted light source and passive system. The influence of the fluctuation of transmission rate on the security characteristics of the system is discussed. Our numerical simulation results offer a useful reference for the practical QKD experiment.     

Security of a practical semi-device-independent quantum key distribution protocol against collective attacks

Similar to device-independent quantum key distribution(DI-QKD), semi-device-independent quantum key distribution(SDI-QKD) provides secure key distribution without any assumptions about the internal workings of the QKD devices.The only assumption is that the dimension of the Hilbert space is bounded. But SDI-QKD can be implemented in a oneway prepare-and-measure configuration without entanglement compared with DI-QKD. We propose a practical SDI-QKD protocol with four preparation states and three measurement bases by considering the maximal violation of dimension witnesses and specific processes of a QKD protocol. Moreover, we prove the security of the SDI-QKD protocol against collective attacks based on the min-entropy and dimension witnesses. We also show a comparison of the secret key rate between the SDI-QKD protocol and the standard QKD.     

Security analysis on some experimental quantum key distribution systems with imperfect optical and electrical devices

In general, quantum key distribution （QKD） has been proved unconditionally secure for perfect devices due to quantum uncertainty principle, quantum noneloning theorem and quantum nondividing principle which means that a quantum cannot be divided further. However, the practical optical and electrical devices used in the system are imperfect, which can be exploited by the eavesdropper to partially or totally spy the secret key between the legitimate parties. In this article, we first briefly review the recent work on quantum hacking on some experimental QKD systems with respect to imperfect devices carried out internationally, then we will present our recent hacking works in details, including passive faraday mirror attack, partially random phase attack, wavelength-selected photon-number-splitting attack, frequency shift attack, and single-photon-detector attack. Those quantum attack reminds people to improve the security existed in practical QKD systems due to imperfect devices by simply adding countermeasure or adopting a totally different protocol such as measurement-device independent protocol to avoid quantum hacking on the imperfection of measurement devices [Lo, et al., Phys. Rev. Lett., 2012, 108： 130503].     

Security of the Decoy State Two-Way Quantum Key Distribution with Finite Resources

The quantum key distribution(QKD) allows two parties to share a secret key by typically making use of a one-way quantum channel However,the two-way QKD has its own unique advantages,which means the two-way QKD has become a focus recently.To improve the practical performance of the two-way QKD,we present a security analysis of a two-way QKD protocol based on the decoy method with heralded single-photon sources(HSPSs).We make use of two approaches to calculate the yield and the quantum bit error rate of single-photon and two-photon pulses.Then we present the secret key generation rate based on the GLLP formula.The numerical simulation shows that the protocol with HSPSs has an advantage in the secure distance compared with weak coherent state sources.In addition,we present the final secret key generation rate of the LM05 protocol with finite resources by considering the statistical fluctuation of the yield and the error rate.     

The queueing model for quantum key distribution network

This paper develops a QKD (quantum key distribution)-based queueing model to investigate the data delay on QKD link and network, especially that based on trusted relays. It shows the mean packet delay performance of the QKD system. Furthermore, it proposes a key buffering policy which could effectively improve the delay performance in practice. The results will be helpful for quality of service in practical QKD systems.     

Bound on Noise of Coherent Source for Secure Continuous-Variable Quantum Key Distribution

Coherent source of continuous-variable quantum key distribution (CV QKD) system may become noisy in practical applications. The security of CV-QKD scheme with the noisy coherent source is investigated under realistic conditions of quantum channel and detector. In particular, two models are proposed to characterize the noisy coherent source through introducing a party (Fred) who induces the noise with an optical amplifier. When supposing the party Fred is untrusted, two lower security bounds to the noise of the coherent source are derived for reverse reconciliation and realistic homodyne and heterodyne detections. While supposing Fred is a neutral party, we derive two tight security bounds without knowing Fred’s exact state for ideal detections. Moreover, the simulation results show that the security of the reverse reconciliation CV-QKD protocols is very sensitive to the noise of coherent source for both the homodyne and heterodyne detections.     

Controlling a sine wave gating single-photon detector by exploiting its filtering loophole

GHz single-photon detector(SPD) is a crucial part in the practical high speed quantum key distribution(QKD) system.However, any imperfections in a practical QKD system may be exploited by an eavesdropper(Eve) to collect information about the key without being discovered. The sine wave gating SPD(SG-SPD) based on InGaAs/InP avalanche photodiode,one kind of practical high speed SPD, may also contain loopholes. In this paper, we study the principle and characteristic of the SG-SPD and find out the filtering loophole of the SG-SPD for the first time. What is more, the proof-of-principle experiment shows that Eve could blind and control Bob's SG-SPD by exploiting this loophole. We believe that giving enough attention to this loophole can improve the practical security of the existing QKD system.     

Practical decoy state quantum key distribution with finite resource

In this paper, we consider the controllably secure quantum key distribution (QKD) with coherent source, i.e., the practical decoy state QKD with finite resource is studied within the scope of some controllable security parameters. Our simulation shows the controllably secure QKD is more resource-consuming compared with the practical decoy QKD with relatively statistical fluctuation. However, further numerically solutions show that both protocols agree well with each other in the asymptotic limit, where the resource is large enough but not infinite. Our work shows the dark counts will contribute apparently to the transmission distance when communication distance approaches to the asymptotic limit. It also shows that both the secure transmission distance and the rate of the secure final key can be increased apparently when the security estimation parameters are not fixed but numerically optimized.     

基于不可信光源的量子密钥分配的统计特性研究

通过比较被动系统与主动系统的特性, 得出可信光源、不可信光源主动系统和不可信光源被动系统的密钥生成率随距离的变化关系; 采用标准误差分析法, 得到相应变量的偏离量; 基于诱骗态方案分析不可信光源被动系统暗计数率和光源强度参数波动对系统安全特性的影响, 得出在1310 nm 和1550 nm通信窗口下, 系统最大安全通信距离范围分别为[73.2 km, 96.5 km] 和[104.5 km, 137.9 km]. 这可为实用量子通信实验提供重要的理论参数. 关键词： 量子密钥分配 不可信光源 被动系统 统计波动