光子数分束攻击对星地量子密钥分配系统安全的影响

由于仪器设备性能的不完美和信道传输损耗的存在,光子数分束(PNS)攻击对采用弱相干脉冲(WCP)光源的量子密钥分配(QKD)系统的安全性构成重大威胁.以基于WCP光源的星地QKD系统为研究对象,推导了在PNS攻击者采用最佳窃听策略进行窃听时,保证密钥绝对安全的最大天顶角和可采用的平均光子数之间的关系.理论分析和计算结果表明,星地QKD系统的最大安全传输天顶角和可使用的平均光子数等重要系统参数的取值上限均受PNS攻击的限制,最终系统的密钥交换速率和系统容量受到限制.对星地QKD系统的传输容量来说,天顶角和平均光子数是一对矛盾的影响因素.提供了一种对实际星地QKD系统的天顶角和平均光子数参数进行估算的方法.     

诱惑态量子密钥分配系统中统计涨落的研究

针对实用的量子密钥分配(QKD)系统是基于强衰减的弱激光脉冲作为单光子源, 光子数分束攻击极大限制了通信双方在非理想条件下QKD的传输距离和密钥生成率,采用大数定律对诱惑态协议中单光子的计数率、单光子增益和误码率分别进行统计涨落分析, 利用双诱惑态比较了1310 nm和1550 nm条件下,编码脉冲的长度为(N = 10⁶-N = 10¹²)实际QKD协议中密钥的生成率与安全传输距离之间的关系、安全传输距离随编码长度的变化的关系, 得出脉冲编码长度增大到N = 10¹²时,密钥的最大安全传输距离为135 km.     

基于六态协议的实际QKD系统的窃听问题研究

基于实际量子密钥分配系统中所使用的强衰减的激光脉冲不是单光子，量子密钥分配的信道不是无损耗的，光子计数器存在探测效率和暗计数以及窃听者的技术能力也不是无限的这些具体问题.采用了分束与Breidbart基相结合的窃听策略讨论了窃听问题并给出了合法用户在筛选后的密钥中所能容忍的误码率上限公式. 关键词： 量子密钥分配 六态协议 光子数统计分布 Breidbart基窃听     

基于随机相位编码的确定性量子密钥分配

提出一种新的随机相位编码的确定性量子密钥分配(QKD)方案.在该方案中，通信双方不需要公布测量基，就可以共享秘密信息，提高了密钥生成效率.因为传输的量子比特是随机编码的，即便光源非严格为单光子，该方案仍旧是安全的.理论分析显示出，对于光子数分裂攻击，中间人攻击和特洛伊木马等攻击手段，本方案比之前的QKD方案具有更强的安全性.     

基于BB84协议的实际QKD系统的窃听问题研究

基于实际量子密钥分配系统中所使用的强衰减的激光脉冲并不是单光子,量子密钥分配的信道不是无损耗的,窃听者的技术能力也不是无限的这些具体问题,采用了分束窃听与截获重发窃听策略相结合的方案讨论了窃听问题并给出了合法用户在筛选后的密钥中所能容忍的误码率上限.     

光纤偏振编码量子密钥分发系统荧光边信道攻击与防御

实际安全性是目前量子密钥分发系统中最大的挑战.在实际实现中,接收单元的单光子探测器在雪崩过程的二次光子发射(反向荧光)会导致信息泄露.目前,已有研究表明该反向荧光会泄露时间和偏振信息并且窃听行为不会在通信过程中产生额外误码率,在自由空间量子密钥分发系统中提出了利用反向荧光获取偏振信息的攻击方案,但是在光纤量子密钥分发系统中暂未见报道.本文提出了在光纤偏振编码量子密钥分发系统中利用反向荧光获取信息的窃听方案与减少信息泄露的解决方法,在时分复用偏振补偿的光纤偏振编码量子密钥分发系统的基础上对该方案中窃听者如何获取密钥信息进行了理论分析.实验上测量了光纤偏振编码量子密钥分发系统中反向荧光的概率为0.05,并对本文提出的窃听方案中的信息泄露进行量化,得出窃听者获取密钥信息的下限为2.5×10~(–4).     

实际量子密钥分配扩展BB84协议窃听下的安全性分析

考虑强衰减激光脉冲技术实现的准单光子源和量子信道损耗以及窃听者Eve窃听能力有限等实际情况, 提出了一种窃听装置;同时对扩展BB84协议的各种窃听做了全面分析,计算得出发送者Alice/窃听者Eve所获得的交互信息量和发送者Alice/接收者Bob所能容忍的误码率上限,以此作为检测量子信道安全性的标准,同时得出Breidbart基/分束攻击相结合的方法是比截取/重发更为有效的窃听方案.     

基于指示单光子源的量子密钥分配协议

主要介绍了量子光源,尤其是指示单光子源在量子密钥分配(QKD)中的应用,提出了一种新的基于指示单光子源的不依赖于测量装置的量子密钥分配(MDI-QKD)方案。与现有的其他方案,如弱相干态方案相比,该方案具有安全性好,密钥提取率与安全传输距离都显著提高等优点。因而,该方案在未来的量子密钥分配实用化进程中具有广阔的发展前景。     

基于条件参量下转换光子对的非正交编码诱惑态量子密钥分发

诱惑态方法和非正交编码协议可以有效的抵制光子数分束攻击,所以近来得到了广泛的关注.这里结合了这两种方法提出了一种新方案,光源采用呈泊松分布的参量下转换光子对,发送方随机的改变抽运光的强度获得不同强度的信号光,信号态用来产生密钥,诱惑态用来监测窃听,并估算单光子和两光子的计数率和量子误码率,模拟了密钥产生率与传输距离的关系曲线,分析了该方案可以进一步提高安全量子密钥分发的性能.     

量子密钥分发中分束器攻击和瑞利散射的解决方案

实用被动调制量子密钥分发系统中分束器存在波长依赖性,窃听者据此攻击分束器,以获取密钥信息并且不被发现,而且光纤中存在瑞利散射导致误码率增大。文中提出波分复用器方案来保障量子密钥分发的安全性,并且通过双波长交叉传递来降低误码率。方案中借助于波分复用器将不同波长的光子进行分离,只对部分波长的光子进行偏振测量,Alice和Bob可以通过公共信道分析误码率和收益,得出是否存在窃听者。     

Countermeasure against probabilistic blinding attack in practical quantum key distribution systems

In a practical quantum key distribution(QKD) system, imperfect equipment, especially the single-photon detector,can be eavesdropped on by a blinding attack. However, the original blinding attack may be discovered by directly detecting the current. In this paper, we propose a probabilistic blinding attack model, where Eve probabilistically applies a blinding attack without being caught by using only an existing intuitive countermeasure. More precisely, our countermeasure solves the problem of how to define the bound in the limitation of precision of current detection, and then we prove security of the practical system by considering the current parameter. Meanwhile, we discuss the bound of the quantum bit error rate(QBER) introduced by Eve, by which Eve can acquire information without the countermeasure.     

Controlling a sine wave gating single-photon detector by exploiting its filtering loophole

GHz single-photon detector(SPD) is a crucial part in the practical high speed quantum key distribution(QKD) system.However, any imperfections in a practical QKD system may be exploited by an eavesdropper(Eve) to collect information about the key without being discovered. The sine wave gating SPD(SG-SPD) based on InGaAs/InP avalanche photodiode,one kind of practical high speed SPD, may also contain loopholes. In this paper, we study the principle and characteristic of the SG-SPD and find out the filtering loophole of the SG-SPD for the first time. What is more, the proof-of-principle experiment shows that Eve could blind and control Bob's SG-SPD by exploiting this loophole. We believe that giving enough attention to this loophole can improve the practical security of the existing QKD system.     

Detecting the possibility of a type of photon number splitting attack in decoy-state quantum key distribution

The existing decoy-state quantum key distribution (QKD) beating photon-number-splitting (PNS) attack provides a more accurate method to estimate the secure key rate, while it still considers that only single-photon pulses can generate secure keys in any case. However, multiphoton pulses can also generate secure keys if we can detect the possibility of PNS attack in the channel. The ultimate goal of this line of research is to confirm the absence of all types of PNS attacks. In particular, the PNS attack mentioned and detected in this paper is only the weaker version of PNS attack which significantly changes the observed values of the legitimate users. In this paper, under the null hypothesis of no weaker version of PNS attack, we first determine whether there is an attack or not by retrieving the missing information of the existing decoy-state protocols, extract a Cauchy distribution statistic, and further provide a detection method and the type I error probability. If the result is judged to be an attack, we can use the existing decoy-state method and the GLLP formula to estimate the secure key rate. Otherwise, the pulses with the same basis received including both single-photon pulses and multiphoton pulses, can be used to generate the keys and we give the secure key rate in this case. Finally, the associated experiments we performed (i.e., the significance level is 5%) show the correctness of our method.     

Quantum Hacking on an Integrated Continuous-Variable Quantum Key Distribution System via Power Analysis

In quantum key distribution (QKD), there are some security loopholes opened by the gaps between the theoretical model and the practical system, and they may be exploited by eavesdroppers (Eve) to obtain secret key information without being detected. This is an effective quantum hacking strategy that seriously threatens the security of practical QKD systems. In this paper, we propose a new quantum hacking attack on an integrated silicon photonic continuous-variable quantum key distribution (CVQKD) system, which is known as a power analysis attack. This attack can be implemented by analyzing the power originating from the integrated electrical control circuit in state preparation with the help of machine learning, where the state preparation is assumed to be perfect in initial security proofs. Specifically, we describe a possible power model and show a complete attack based on a support vector regression (SVR) algorithm. The simulation results show that the secret key information decreases with the increase of the accuracy of the attack, especially in a situation with less excess noise. In particular, Eve does not have to intrude into the transmitter chip (Alice), and may perform a similar attack in practical chip-based discrete-variable quantum key distribution (DVQKD) systems. To resist this attack, the electrical control circuit should be improved to randomize the corresponding power. In addition, the power can be reduced by utilizing the dynamic voltage and frequency scaling (DVFS) technology.     

Influence of multi-photon pulses on practical differential-phase-shift quantum key distribution

The influence of multi-photon pulses on practical differcBtial-phase-shift quantum key distribution （DPS-Qt（D） is analysed. We have estimated the information which Eve obtained by PNS （photon-number splitting） attack and BS （beam splitting） attack. The result indicates that the PNS attack and BS attack will not limit the transmission distance as long as we select an appropriate mean photon number. Also, the maximum mean photon number under BS attack in practical DPS-QKD system and the set of practical assumptions about Eve＇s capabilities are presented.[第一段]     

Upper bound on key generation rate of quantum key distribution with two-way or two-step quantum channels

We present an asymptotic security proof of deterministic quantum key distribution (DQKD) with a two-way quantum channel. The security proof of DQKD with a two-way quantum channel is different from that of BB84, because Eve can attack the travel qubits twice, both in line Bob to Alice and in line Alice to Bob. With the no-signaling principle and the property of mutual information, we obtain an upper bound of the final key generation of entanglement-based DQKD and hence single-photon four-state DQKD. Our results can be applied to the protocol of QKD with two-step quantum channels.     

预报单光子源诱骗态量子密钥产生率及数值计算

独立推导预报单光子源诱骗态量子密钥分发的密钥产生率计算公式,讨论密钥产生率和发送端探测效率的关系;进行弱相干光和预报单光子源诱骗态量子密钥分发的最优强度估计和密钥产生率数值计算.结果表明,预报单光子源诱骗态量子密钥分发的密钥产生率随着发送端探测效率的增加而增加,其安全通信距离与完美单光子源的通信距离一致;诱骗态量子密钥分发可提高安全通信距离和密钥产生率;预报单光子源由于减少了暗计数的影响,进一步提高了安全通信距离.     

Key Rate of Practical Quantum Communication Network

The security properties of quantum key distribution(QKD) system are analyzed with the practical light source using decoy state method. The secure key rate with the change of transmission distance is computed under the condition of ideal system, infinite light source system, untrusted light source and passive system. The influence of the fluctuation of transmission rate on the security characteristics of the system is discussed. Our numerical simulation results offer a useful reference for the practical QKD experiment.     

A Review of Security Evaluation of Practical Quantum Key Distribution System

Although the unconditional security of quantum key distribution (QKD) has been widely studied, the imperfections of the practical devices leave potential loopholes for Eve to spy the final key. Thus, how to evaluate the security of QKD with realistic devices is always an interesting and opening question. In this paper, we briefly review the development of quantum hacking and security evaluation technology for a practical decoy state BB84 QKD system. The security requirement and parameters in each module (source, encoder, decoder and detector) are discussed, and the relationship between quantum hacking and security parameter are also shown.