# Phase-Remapping Attack in Practical Quantum Key Distribution Systems

@article{Fung2006PhaseRemappingAI, title={Phase-Remapping Attack in Practical Quantum Key Distribution Systems}, author={Chi-Hang Fred Fung and Bing Qi and Kiyoshi Tamaki and Hoi-Kwong Lo}, journal={ArXiv}, year={2006}, volume={abs/quant-ph/0601115} }

Quantum key distribution (QKD) can be used to generate secret keys between two distant parties. Even though QKD has been proven unconditionally secure against eavesdroppers with unlimited computation power, practical implementations of QKD may contain loopholes that may lead to the generated secret keys being compromised. In this paper, we propose a phase-remapping attack targeting two practical bidirectional QKD systems (the 'plug-and-play' system and the Sagnac system). We showed that if the…

## 152 Citations

### Quantum hacking: attacking practical quantum key distribution systems

- Physics, Computer ScienceSPIE Optical Engineering + Applications
- 2007

Two types of eavesdropping attacks against a practical QKD system are reported, including "time-shift" attack, which is applicable toQKD systems with gated single photon detectors (SPDs), and "phase-remapping" attack which exploits the fact that a practical phase modulator has a finite response time.

### Experimental demonstration of phase-remapping attack in a practical quantum key distribution system

- Computer Science
- 2010

This paper performs a proof-of-principle experiment to demonstrate a technically feasible 'intercept- and-resend' attack that exploits such a security loophole in a commercial 'plug & play' QKD system.

### Quantum Flows for Secret Key Distribution

- Computer Science
- 2018

A new theoretical approach called quantum flows is proposed to be able to detect the eavesdropping activity in the channel without requiring additional optical components different from the BB84 protocol because the system can be implemented as a high software module.

### Security evaluation of quantum key distribution with weak basis-choice flaws

- Computer ScienceScientific reports
- 2020

This paper evaluates the security of QKD with weak basis-choice flaws, in which the random bits used by Alice and Bob are weakly controlled by Eve, and obtains a tight and analytical bound to estimate the phase error and key rate for both the single photon source and the weak coherent source.

### Quantum Flows for Secret Key Distribution Quantum Flows for Secret Key Distribution

- Computer Science
- 2018

A new theoretical approach called quantum flows is proposed to be able to detect the eavesdropping activity in the channel without requiring additional optical components different from the BB84 protocol because the system can be implemented as a high software module.

### Quantum Key Distribution in the Presence of the Intercept-Resend with Faked States Attack

- Computer ScienceEntropy
- 2017

The negative acknowledgment state quantum key distribution protocol is proposed as a novel protocol capable of detecting the eavesdropping activity of the Intercept Resend with Faked Sates attack without requiring additional optical components different from the B B 84 protocol because the system can be implemented as a high software module.

### Security of QKD-systems with detector efficiency mismatch

- Computer Science
- 2008

A general security bound is presented, quantifying the required amount of extra privacy amplification to remove Eve's information about the key, and is valid for any basis dependent, possibly lossy, linear optical imperfections in the channel and receiver/detectors.

### Quantum man-in-the-middle attack on the calibration process of quantum key distribution

- Computer ScienceScientific Reports
- 2018

This paper reveals the security risk of the calibration process of a passive-basis-choice BB84 QKD system by launching a quantum man-in-the-middle attack which intercepts all calibration signals and resends faked ones, and proposes a basis-dependent detector efficiency mismatch (BEM) based faked states attack on a single photon BB84QKD to stress the threat of BEM.

### Decoy-state quantum key distribution with a leaky source

- Computer ScienceNew Journal of Physics
- 2016

This work proves the security of optical QKD systems using phase and intensity modulators in their transmitters, which leak the setting information in an arbitrary manner, and applies the security proof to cases of practical interest and shows key rates similar to those obtained in a perfectly shielded environment.

### Measurement-device-independent semiquantum key distribution

- Computer Science, Mathematics
- 2018

This paper designs a measurement-device-independent SQKD protocol, which can remove the threat of all detector side-channel attacks and show that it is also robust, and discusses the possible use of the proposed protocol in real-world applications and in QKD networks.

## References

SHOWING 1-10 OF 41 REFERENCES

### Time-shift attack in practical quantum cryptosystems

- Computer ScienceQuantum Inf. Comput.
- 2007

This paper proposes another "time-shift" attack that exploits the efficiency mismatch of two single photon detectors in a quantum key distribution (QKD) system and proves that if Alice and Bob are unaware of the attack, the final key they share is insecure.

### Proof of security of quantum key distribution with two-way classical communications

- Computer ScienceIEEE Trans. Inf. Theory
- 2003

This investigation suggests that two-way entanglement purification is a useful tool in the study of advantage distillation, error correction, and privacy amplification protocols.

### Practical scheme to share a secret key through a quantum channel with a 27.6% bit error rate

- Physics
- 2002

A secret key shared through quantum key distribution between two cooperative players is secure against any eavesdropping attack allowed by the laws of physics. Yet, such a key can be established only…

### Unconditional security of practical quantum key distribution

- Computer Science
- 2007

This paper is identical to the preprint arXiv:quant-ph/0107017, which was finalized in 2001, therefore, some of the more recent developments, including the question of composability, are not addressed.

### Security of quantum key distribution with imperfect devices

- Computer ScienceInternational Symposium onInformation Theory, 2004. ISIT 2004. Proceedings.
- 2004

This paper prove the security of the Bennett-Brassard (BB84) quantum key distribution protocol in the case where the source and detector are under the limited control of an adversary. This proof…

### Effects of detector efficiency mismatch on security of quantum cryptosystems

- Physics, Computer Science
- 2006

For the Bennett-Brassard 1984 (BB84) protocol, it is shown that if the efficiency mismatch between 0 and 1 detectors for some value of the control parameter gets large enough, Eve can construct a successful faked-states attack causing a quantum bit error rate lower than 11%.

### Trojan-horse attacks on quantum-key-distribution systems (6 pages)

- Computer Science, Mathematics
- 2006

It is shown that all systems must implement active counter measures, including an auxiliary detector that monitors any incoming light, to reduce the maximal information gain that an adversary can gain using Trojan-horse attacks.

### Unconditional security of quantum key distribution over arbitrarily long distances

- Computer ScienceScience
- 1999

The problem is solved by showing that, given fault-tolerant quantum computers, quantum key distribution over an arbitrarily long distance of a realistic noisy channel can be made unconditionally secure.

### Unconditional security in quantum cryptography

- Computer ScienceJACM
- 2001

Basic techniques to prove the unconditional security of quantum crypto graphy are described and a practical variation on the protocol in which the channel is noisy and photos may be lost during the transmission is considered.

### Simple proof of security of the BB84 quantum key distribution protocol

- Computer SciencePhysical review letters
- 2000

We prove that the 1984 protocol of Bennett and Brassard (BB84) for quantum key distribution is secure. We first give a key distribution protocol based on entanglement purification, which can be…