Abstract
Inspired by the methodology used for classical cryptographic hardware, we consider the use of attack ratings in the context of QKD security evaluation. To illustrate the relevance of this approach, we conduct an experimental vulnerability assessment of CV-QKD against saturation attacks, for two different attack strategies. The first strategy relies on inducing detector saturation by performing a large coherent displacement. This strategy is experimentally challenging and therefore translates into a high attack rating. We also propose and experimentally demonstrate a second attack strategy that simply consists in saturating the detector with an external laser. The low rating we obtain indicates that this attack constitutes a primary threat for practical CV-QKD systems. These results highlight the benefits of combining theoretical security considerations with vulnerability analysis based on attack ratings, in order to guide the design and engineering of practical QKD systems towards the highest possible security standards.
Highlights
Inspired by the methodology used for classical cryptographic hardware, we consider the use of attack ratings in the context of Quantum Key Distribution (QKD) security evaluation
As a matter of fact, engineering constraints may impose stringent limits to the security level that a QKD system can reach. Such constraints can lead to significant deviations between the theoretical security level that could be expected with an idealized implementation and the security level that can be reached in practice by the real QKD system
One crucial part of the complex methodology for this security evaluation is the process of identifying, classifying and prioritizing threats associated to vulnerabilities in QKD systems
Summary
Inspired by the methodology used for classical cryptographic hardware, we consider the use of attack ratings in the context of QKD security evaluation. The low rating we obtain indicates that this attack constitutes a primary threat for practical CV-QKD systems These results highlight the benefits of combining theoretical security considerations with vulnerability analysis based on attack ratings, in order to guide the design and engineering of practical QKD systems towards the highest possible security standards. On the other hand, such as the photon number splitting attack[13] and more generally collective and coherent attacks on QKD8, have played a fundamental role in our understanding of QKD theory Their implementation requires the ability to store and retrieve single photons from a quantum memory, potentially over ms or larger timescales, which is currently out of reach, given the limitations of existing quantum memory technology[14]. To guarantee a very high security level for QKD, forward-looking methods and standards in quantum cryptography implementation security shall be adopted, following a methodology similar to the one used to certify the security of classical crypto-systems[15], called Common Criteria
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
