Laser-seeding Attack in Quantum Key Distribution

Anqi Huang,Poompong Chaiwongkhot,Álvaro Navarrete,Shi-Hai Sun,Vadim Makarov,Marcos Curty

doi:10.1103/physrevapplied.12.064043

Abstract

Quantum key distribution (QKD) based on the laws of quantum physics allows the secure distribution of secret keys over an insecure channel. Unfortunately, imperfect implementations of QKD compromise its information-theoretical security. Measurement-device-independent quantum key distribution (MDI-QKD) is a promising approach to remove all side channels from the measurement unit, which is regarded as the "Achilles' heel" of QKD. An essential assumption in MDI-QKD is however that the sources are trusted. Here we experimentally demonstrate that a practical source based on a semiconductor laser diode is vulnerable to a laser seeding attack, in which light injected from the communication line into the laser results in an increase of the intensities of the prepared states. The unnoticed increase of intensity may compromise the security of QKD, as we show theoretically for the prepare-and-measure decoy-state BB84 and MDI-QKD protocols. Our theoretical security analysis is general and can be applied to any vulnerability that increases the intensity of the emitted pulses. Moreover, a laser seeding attack might be launched as well against decoy-state based quantum cryptographic protocols beyond QKD.

Highlights

The distribution of a secret key between two authorized parties, Alice and Bob, is a fundamental but challenging cryptographic task
This study has experimentally demonstrated that the laser-seeding attack is able to increase the intensity of the light emitted by the laser diode used in a Quantum key distribution (QKD) system, breaking the fundamental assumption about the mean photon number of a QKD protocol
We show theoretically that such increase of the intensity might seriously compromise the security of QKD implementations

Summary

Introduction

The distribution of a secret key between two authorized parties, Alice and Bob, is a fundamental but challenging cryptographic task. There is, a big gap between the theory and the practice of QKD because the behavior of real QKD devices typically deviates from that considered in the security proofs Such a deviation could be exploited by an eavesdropper, Eve, to obtain information about the secret key without being detected in QKD implementations [7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27]. The upper bound on the key rate is given by RU ≤ rn(1 − λnBSA)Inent(A; B),

Methods

Results

Discussion

Conclusion