Abstract
The existing paradigm for the security of quantum key distribution (QKD) suffers from two fundamental weaknesses. First, covert channels have emerged as an important threat and have attracted a lot of attention in security research in conventional information and communication systems. Covert channels (e.g. memory attacks) can fatally break the security of even device-independent quantum key distribution (DI-QKD), whenever QKD devices are re-used. Second, it is often implicitly assumed that the classical post-processing units of a QKD system are trusted. This is a rather strong assumption and is very hard to justify in practice. Here, we propose a new paradigm for the security of QKD that addresses these two fundamental problems. Specifically, we show that by using verifiable secret sharing and multiple optical devices and classical post-processing units, one could re-establish the security of QKD. Our techniques are rather general and they apply to both DI-QKD and non-DI-QKD.
Highlights
It was shown in ref. 25 that DI-quantum key distribution (QKD) is highly vulnerable to the so-called memory attacks, where a hidden memory device stores up the key material generated in each QKD session and leaks this information to Eve in subsequent QKD runs
Alice and Bob have n pairs of QKD modules, and say Alice (Bob) has s (r) classical postnpj Quantum Information (2019) 14
Each QKDAi is connected to its partner QKDBi via a quantum channel, and each CPAi′ is connected to all CPBi′′, with i′′ = 1,...,r, via authenticated classical channels.[64,65]
Summary
There has been much interest in the subject of quantum key distribution (QKD) in recent years because it holds the promise of providing information-theoretically secure communications based on the laws of quantum physics.[1,2] There is, a big gap between the theory[3,4] and the practice[5,6,7,8] of QKD, and the security of QKD implementations is seriously threatened by quantum hacking.[9,10,11,12,13] To solve this problem, the ultimate solution is deviceindependent (DI)-QKD,[14,15,16,17] which allows the legitimate users of the system (typically called Alice and Bob) to treat their quantum devices as “black boxes”. Like in the classical error correction scenario, in standard conventional cryptography it is up to Alice and Bob to determine their security policy and to decide in advance how many corrupt parties they want to be secure against With these assumptions in place, we can prove security in different QKD scenarios with malicious devices by applying privacy amplification techniques[63] in combination with VSS42,43 from secure multiparty computation[38] in conventional cryptography.[39,40,41] Importantly, if we disregard the cost of authenticating the classical communications, our protocols are optimal with respect to the resulting secret key rate. In contrast to this naive approach, our solution can guarantee both the correctness and the secrecy of the final key
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
