基于弱相干光的实际QKD系统的安全性研究

实际量子密钥分发系统使用的单光子源主要是由弱激光脉冲经衰减得到。它不是理想单光子源而是服从泊松分布的准单光子源。每个非空光脉冲中包含多光子的概率不为零,强大的窃听者可利用此获得一些关于最终密钥的信息。因此,有必要研究实际QKD系统的安全性。采用对多光子进行分束窃听、单光子最佳攻击相结合的方案,用Shannon信息理论分析了基于弱相干光的实际QKD系统的安全性。研究结果表明实际QKD系统对于分束窃听和最佳攻击是安全的,并给出合法通信双方在该攻击方案下所容忍的误码率上限。     

基于随机相位编码的确定性量子密钥分配

提出一种新的随机相位编码的确定性量子密钥分配(QKD)方案.在该方案中，通信双方不需要公布测量基，就可以共享秘密信息，提高了密钥生成效率.因为传输的量子比特是随机编码的，即便光源非严格为单光子，该方案仍旧是安全的.理论分析显示出，对于光子数分裂攻击，中间人攻击和特洛伊木马等攻击手段，本方案比之前的QKD方案具有更强的安全性.     

The security and recent technology of quantum key distribution

In principle, quantum key distribution (QKD) can be used to make unconditionally secure private communication. However, the security of the existing real system for QKD needs to be carefully examined. Actually, the existing experiments based on weak coherent states are not secure under photon-number-splitting attack. Fortunately, the decoy-state method and the entanglement-distribution method can be used to realize the unconditionally secure QKD based on real-life systems with existing technology.     

量子保密通信的技术现状及安全性

理论上，量子密钥分发可以带来绝对安全的保密通信．但是真实系统的量子密钥分发的安全性需要进一步证明．现有的基于弱相干态的量子密码实验在光子数分离攻击下是完全不安全的．诱骗信号方案（decoy-state method）及纠缠对分发方案可以实现基于现有技术的、真实系统的绝对安全量子密钥分发．     

Self-referenced continuous-variable measurement-device-independent quantum key distribution

We propose a scheme to remove the demand of transmitting a high-brightness local oscillator (LO) in continuous-variable measurement-device-independent quantum key distribution (CV-MDI QKD) protocol, which we call as the self-referenced (SR) CV-MDI QKD. We show that our scheme is immune to the side-channel attacks, such as the calibration attacks, the wavelength attacks and the LO fluctuation attacks, which are all exploiting the security loopholes introduced by transmitting the LO. Besides, the proposed scheme waives the necessity of complex multiplexer and demultiplexer, which can greatly simplify the QKD processes and improve the transmission efficiency. The numerical simulations under collective attacks show that all the improvements brought about by our scheme are only at the expense of slight transmission distance shortening. This scheme shows an available method to mend the security loopholes incurred by transmitting LO in CV-MDI QKD.     

Security analysis on some experimental quantum key distribution systems with imperfect optical and electrical devices

In general, quantum key distribution （QKD） has been proved unconditionally secure for perfect devices due to quantum uncertainty principle, quantum noneloning theorem and quantum nondividing principle which means that a quantum cannot be divided further. However, the practical optical and electrical devices used in the system are imperfect, which can be exploited by the eavesdropper to partially or totally spy the secret key between the legitimate parties. In this article, we first briefly review the recent work on quantum hacking on some experimental QKD systems with respect to imperfect devices carried out internationally, then we will present our recent hacking works in details, including passive faraday mirror attack, partially random phase attack, wavelength-selected photon-number-splitting attack, frequency shift attack, and single-photon-detector attack. Those quantum attack reminds people to improve the security existed in practical QKD systems due to imperfect devices by simply adding countermeasure or adopting a totally different protocol such as measurement-device independent protocol to avoid quantum hacking on the imperfection of measurement devices [Lo, et al., Phys. Rev. Lett., 2012, 108： 130503].     

Detecting the possibility of a type of photon number splitting attack in decoy-state quantum key distribution

The existing decoy-state quantum key distribution (QKD) beating photon-number-splitting (PNS) attack provides a more accurate method to estimate the secure key rate, while it still considers that only single-photon pulses can generate secure keys in any case. However, multiphoton pulses can also generate secure keys if we can detect the possibility of PNS attack in the channel. The ultimate goal of this line of research is to confirm the absence of all types of PNS attacks. In particular, the PNS attack mentioned and detected in this paper is only the weaker version of PNS attack which significantly changes the observed values of the legitimate users. In this paper, under the null hypothesis of no weaker version of PNS attack, we first determine whether there is an attack or not by retrieving the missing information of the existing decoy-state protocols, extract a Cauchy distribution statistic, and further provide a detection method and the type I error probability. If the result is judged to be an attack, we can use the existing decoy-state method and the GLLP formula to estimate the secure key rate. Otherwise, the pulses with the same basis received including both single-photon pulses and multiphoton pulses, can be used to generate the keys and we give the secure key rate in this case. Finally, the associated experiments we performed (i.e., the significance level is 5%) show the correctness of our method.     

光子数分束攻击对星地量子密钥分配系统安全的影响

由于仪器设备性能的不完美和信道传输损耗的存在,光子数分束(PNS)攻击对采用弱相干脉冲(WCP)光源的量子密钥分配(QKD)系统的安全性构成重大威胁.以基于WCP光源的星地QKD系统为研究对象,推导了在PNS攻击者采用最佳窃听策略进行窃听时,保证密钥绝对安全的最大天顶角和可采用的平均光子数之间的关系.理论分析和计算结果表明,星地QKD系统的最大安全传输天顶角和可使用的平均光子数等重要系统参数的取值上限均受PNS攻击的限制,最终系统的密钥交换速率和系统容量受到限制.对星地QKD系统的传输容量来说,天顶角和平均光子数是一对矛盾的影响因素.提供了一种对实际星地QKD系统的天顶角和平均光子数参数进行估算的方法.     

Measurement-device-independent quantum key distribution

How to remove detector side channel attacks has been a notoriously hard problem in quantum cryptography. Here, we propose a simple solution to this problem--measurement-device-independent quantum key distribution (QKD). It not only removes all detector side channels, but also doubles the secure distance with conventional lasers. Our proposal can be implemented with standard optical components with low detection efficiency and highly lossy channels. In contrast to the previous solution of full device independent QKD, the realization of our idea does not require detectors of near unity detection efficiency in combination with a qubit amplifier (based on teleportation) or a quantum nondemolition measurement of the number of photons in a pulse. Furthermore, its key generation rate is many orders of magnitude higher than that based on full device independent QKD. The results show that long-distance quantum cryptography over say 200 km will remain secure even with seriously flawed detectors.     

A Modified Quantum Key Distribution Without Public Announcement Bases Against Photon-Number-Splitting Attack

The security of quantum cryptography without public announcement bases in photon-number-splitting attack is discussed. Based on unambiguous state discrimination, we propose two attack strategies and shown that partial information about the raw key may be eavesdropped by these attacks. Though this flaw can be overcame by performing classical privacy amplification, it will decrease the efficiency of the protocol greatly. Hence, drawing ideas from cipher block chaining, we put forward a possible modified protocol, which is secure against the presented attacks at zero error.     

Attacks on practical quantum key distribution systems (and how to prevent them)

With the emergence of an information society, the idea of protecting sensitive data is steadily gaining importance. Conventional encryption methods may not be sufficient to guarantee data protection in the future. Quantum key distribution (QKD) is an emerging technology that exploits fundamental physical properties to guarantee perfect security in theory. However, it is not easy to ensure in practice that the implementations of QKD systems are exactly in line with the theoretical specifications. Such theory–practice deviations can open loopholes and compromise security. Several such loopholes have been discovered and investigated in the last decade. These activities have motivated the proposal and implementation of appropriate countermeasures, thereby preventing future attacks and enhancing the practical security of QKD. This article introduces the so-called field of quantum hacking by summarising a variety of attacks and their prevention mechanisms.     

Multiparameter QKD authentication protocol design over optical quantum channel

Quantum cryptography is the first application of quantum physics at the single photon level. The most important application of quantum cryptography is Quantum Key Distribution (QKD). One of the biggest problems of QKD implementation is enormous number of possible attacks, which puts out specific need for more refined simulation strategies in bridging the gap between theoretic models and their implementation. In this work we have introduced generalized optical architecture which can provide various solutions of some actual problems for two mostly used QKD protocols: BB84 and B92 protocols. Simulations, which included the influence of optical losses over a quantum channel with concrete realistic lengths, have confirmed validity and high level of provable security of the proposed generalized QKD authentication architecture. Due to simplicity of the proposed architecture and obtained QKD B92 protocol communication efficiency, we believe that it can be implemented, solving out some of the most relevant implementation problems which are common for both QKD protocols.     

Side-channel-free quantum key distribution

Quantum key distribution (QKD) offers the promise of absolutely secure communications. However, proofs of absolute security often assume perfect implementation from theory to experiment. Thus, existing systems may be prone to insidious side-channel attacks that rely on flaws in experimental implementation. Here we replace all real channels with virtual channels in a QKD protocol, making the relevant detectors and settings inside private spaces inaccessible while simultaneously acting as a Hilbert space filter to eliminate side-channel attacks. By using a quantum memory we find that we are able to bound the secret-key rate below by the entanglement-distillation rate computed over the distributed states.     

Security of a practical semi-device-independent quantum key distribution protocol against collective attacks

Similar to device-independent quantum key distribution(DI-QKD), semi-device-independent quantum key distribution(SDI-QKD) provides secure key distribution without any assumptions about the internal workings of the QKD devices.The only assumption is that the dimension of the Hilbert space is bounded. But SDI-QKD can be implemented in a oneway prepare-and-measure configuration without entanglement compared with DI-QKD. We propose a practical SDI-QKD protocol with four preparation states and three measurement bases by considering the maximal violation of dimension witnesses and specific processes of a QKD protocol. Moreover, we prove the security of the SDI-QKD protocol against collective attacks based on the min-entropy and dimension witnesses. We also show a comparison of the secret key rate between the SDI-QKD protocol and the standard QKD.     

Lower and upper bounds on the secret-key rate for quantum key distribution protocols using one-way classical communication

We investigate a general class of quantum key distribution (QKD) protocols using one-way classical communication. We show that full security can be proven by considering only collective attacks. We derive computable lower and upper bounds on the secret-key rate of those QKD protocols involving only entropies of two-qubit density operators. As an illustration of our results, we determine new bounds for the Bennett-Brassard 1984, the 6-state, and the Bennett 1992 protocols. We show that in all these cases the first classical processing that the legitimate partners should apply consists in adding noise.     

Phase-Matching Quantum Key Distribution with Discrete Phase Randomization

The twin-field quantum key distribution (TF-QKD) protocol and its variations have been proposed to overcome the linear Pirandola–Laurenza–Ottaviani–Banchi (PLOB) bound. One variation called phase-matching QKD (PM-QKD) protocol employs discrete phase randomization and the phase post-compensation technique to improve the key rate quadratically. However, the discrete phase randomization opens a loophole to threaten the actual security. In this paper, we first introduce the unambiguous state discrimination (USD) measurement and the photon-number-splitting (PNS) attack against PM-QKD with imperfect phase randomization. Then, we prove the rigorous security of decoy state PM-QKD with discrete phase randomization. Simulation results show that, considering the intrinsic bit error rate and sifting factor, there is an optimal discrete phase randomization value to guarantee security and performance. Furthermore, as the number of discrete phase randomization increases, the key rate of adopting vacuum and one decoy state approaches infinite decoy states, the key rate between discrete phase randomization and continuous phase randomization is almost the same.     

Effect of excess noise on continuous variable entanglement sudden death and Gaussian quantum discord

A symmetric two-mode Gaussian entangled state is used to investigate the effect of excess noise on entanglement sudden death and Gaussian quantum discord with continuous variables. The results show that the excess noise in the channel can lead to entanglement sudden death of a symmetric two-mode Gaussian entangled state, while Gaussian quantum discord never vanishes. As a practical application, the security of a quantum key distribution （QKD） scheme based on a symmetric two-mode Gaussian entangled state against collective Gaussian attacks is analyzed. The calculation results show that the secret key cannot be distilled when entanglement vanishes and only quantum discord exists in such a QKD scheme.     

Secure quantum key distribution with a single not-so-weak coherent pulse

We propose a secure quantum key distribution (QKD) protocol using a single not-so-weak coherent qubit. With two preprocesses for random rotation and compensation, a key bit is encoded to a randomly polarized not-so-weak coherent qubit. We analyze the security of the QKD protocol, which counters the photon number splitting and the impersonation attacks. The estimated mean number of photon, which is less than 6.0, guarantees security. Additionally, we discuss the possibility of quantum secure direct communication.     

复合量子密钥分发系统双速协议及其安全性分析

基于真空光速c是极限信号速度这一基本假设,提出了复合量子密钥分发(QKD)系统和双速协议,并证明双速协议的安全性与原BB84协议的安全性相同.结果表明,双速协议在将量子密钥生成效率从50%提高到100%的同时,还降低了窃听者Eve可能得到的信息量.双速协议由于打破了公开讨论之前Bob和Eve的对等地位,使QKD在概念上有了明显的改进,使协议基的选择空间有了本质性的扩充.具体给出了三个双速协议的实例,并详细分析了它们在截取重发攻击下的安全性 关键词： 量子密码 光纤量子密钥分发 双速协议     

Continuous variable quantum cryptography using coherent states

We propose several methods for quantum key distribution (QKD) based on the generation and transmission of random distributions of coherent or squeezed states, and we show that they are secure against individual eavesdropping attacks. These protocols require that the transmission of the optical line between Alice and Bob is larger than 50%, but they do not rely on "sub-shot-noise" features such as squeezing. Their security is a direct consequence of the no-cloning theorem, which limits the signal-to-noise ratio of possible quantum measurements on the transmission line. Our approach can also be used for evaluating various QKD protocols using light with Gaussian statistics.