Abstract
We report here a new side channel attack on a practical continuous-variable (CV) quantum key distribution (QKD) system. Inspired by blinding attack in discrete-variable QKD, we formalize an attack strategy by inserting an external light into a CV QKD system implemented Gaussian-modulated coherent state protocol and show that our attack can compromise its practical security. In this attack, we concern imperfections of a balanced homodyne detector used in CV QKD. According to our analysis, if one inserts an external light into Bob’s signal port, due to the imperfect subtraction from the homodyne detector, the leakage of the external light contributes a displacement on the homodyne signal which causes detector electronics saturation. In consequence, Bob’s quadrature measurement is not linear with the quadrature sent by Alice. By considering such vulnerability, a potential Eve can launch a full intercept-resend attack meanwhile she inserts an external light into Bob’s signal port. By selecting proper properties of the external light, Eve actively controls the induced displacement value from the inserted light which results saturation of homodyne detection. In consequence, Eve can bias the excess noise due to the intercept-resend attack and the external light, such that Alice and Bob believe their excess noise estimation is below the null key threshold and they can still share a secret key. Our attack shows that the detector loopholes also exist in CV QKD, and it seems influence all the CV QKD systems using homodyne detection, since all the practical detectors have finite detection range.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.