Trojan-horse attacks threaten the security of practical quantum cryptography

  title={Trojan-horse attacks threaten the security of practical quantum cryptography},
  author={Nitin Jain and Elena Anisimova and Imran Khan and Vadim Makarov and Christoph Marquardt and Gerd Leuchs},
  journal={New Journal of Physics},
A quantum key distribution (QKD) system may be probed by an eavesdropper Eve by sending in bright light from the quantum channel and analyzing the back-reflections. We propose and experimentally demonstrate a setup for mounting such a Trojan-horse attack. We show it in operation against the quantum cryptosystem Clavis2 from ID Quantique, as a proof-of-principle. With just a few back-reflected photons, Eve discerns Bobʼs (secret) basis choice, and thus the raw key bit in the Scarani–Acín–Ribordy… 

Figures from this paper

Detection Efficiency Mismatch and Finite-Key-Size Attacks on Practical Quantum Cryptography Systems

This thesis presents three experimental studies of attacks on quantum key distribution (QKD) systems, including a demonstration of Eve’s ability to force a commercial system to distill a key from a raw key of a short length, where the asymptotic assumption of security claimed by the manufacturer might not hold.

Hacking Alice's box in continuous-variable quantum key distribution

This paper considers an attack on a coherent-state protocol, where Eve not only taps the main communication channel but also hacks Alice's device, and shows how the key rate rapidly deteriorates for increasing photons.

Quantum Cryptography with Weak Measurements

It is proved that the accuracy of the weak measurement parameter estimation is robust to reasonable device imperfections, even in an adversarial environment, and hence the asymptotic security of this protocol can be inferred from the security analysis of BB84.

Risk Analysis of Trojan-Horse Attacks on Practical Quantum Key Distribution Systems

This work presents a risk analysis of Trojan-horse attacks on quantum key distribution systems based on extensive spectral measurements, and indicates the existence of wavelength regimes, where the attacker gains considerable advantage as compared to launching an attack at 1550 nm.

Practical security bounds against the Trojan-horse attack in quantum key distribution

The Trojan-horse attack is turned into an information leakage problem and the system security is quantified and related to the specification of the optical elements most relevant to security.

Invisible Trojan-horse attack

It is demonstrated experimentally that the noise response of the detectors to bright pulses is greatly reduced, and by modeling that the same attack will succeed, the invisible nature of the attack poses a threat to the security of practical QKD if proper countermeasures are not adopted.

Quantum key distribution with hacking countermeasures and long term field trial

A QKD system designed with this goal in mind is reported, providing a more resilient target against possible hacking attacks including Trojan horse, detector blinding, phase randomisation and photon number splitting attacks.

Quantum man-in-the-middle attack on the calibration process of quantum key distribution

This paper reveals the security risk of the calibration process of a passive-basis-choice BB84 QKD system by launching a quantum man-in-the-middle attack which intercepts all calibration signals and resends faked ones, and proposes a basis-dependent detector efficiency mismatch (BEM) based faked states attack on a single photon BB84QKD to stress the threat of BEM.

Quantum Hacking in the Age of Measurement-Device-Independent Quantum Cryptography

This thesis further investigates the practical security of quantum cryptography in and beyond MDI quantum cryptography, and shows that detector-device-independent (DDI) QKD security is not equivalent to that of MDIQKD and, further, that DDI QKKD is insecure against detector side-channel attacks.

Backflash Light as a Security Vulnerability in Quantum Key Distribution Systems

This work focuses on a particular effect known as backflash light, which can be a source of eavesdropping attacks and highlights the method for quantifying backflash emission and the different ways to mitigate this effect.



Effects of detector efficiency mismatch on security of quantum cryptosystems

For the Bennett-Brassard 1984 (BB84) protocol, it is shown that if the efficiency mismatch between 0 and 1 detectors for some value of the control parameter gets large enough, Eve can construct a successful faked-states attack causing a quantum bit error rate lower than 11%.

Time-shift attack in practical quantum cryptosystems

This paper proposes another "time-shift" attack that exploits the efficiency mismatch of two single photon detectors in a quantum key distribution (QKD) system and proves that if Alice and Bob are unaware of the attack, the final key they share is insecure.

Large pulse attack as a method of conventional optical eavesdropping in quantum cryptography

It is concluded that additional protection is necessary for currently implemented quantum key distribution systems against the large pulse attack, a new strategy of eavesdropping on quantum cryptosystems, which eliminates the need of immediate interaction with transmitted quantum states.

Quantum cryptography: Public key distribution and coin tossing

Experimental measurement-device-independent quantum key distribution.

Up-conversion single-photon detectors with high efficiency and low noise are developed to faithfully demonstrate the measurement-device-independent quantum-key-distribution protocol, which is immune to all hacking strategies on detection and employed to defend attacks on a nonideal source.

Trojan-horse attacks on quantum-key-distribution systems (6 pages)

It is shown that all systems must implement active counter measures, including an auxiliary detector that monitors any incoming light, to reduce the maximal information gain that an adversary can gain using Trojan-horse attacks.

After-gate attack on a quantum cryptosystem

A method to control the detection events in quantum key distribution systems that use gated single-photon detectors that employs bright pulses as faked states, timed to arrive at the avalanche photodiodes outside the activation time to allow for an intercept–resend attack.

Wavelength-selected photon-number-splitting attack against plug-and-play quantum key distribution systems with decoy states

Since a single photon source is not available for practical quantum key distribution (QKD) systems nowadays, weak coherent state are widely used in practical systems which suffers from the

The security of practical quantum key distribution

Essential theoretical tools that have been developed to assess the security of the main experimental platforms are presented (discrete- variable, continuous-variable, and distributed-phase-reference protocols).

Device calibration impacts security of quantum key distribution.

This work proposes and experimentally demonstrate a method to induce a large temporal detector efficiency mismatch in a commercial QKD system by deceiving a channel length calibration routine, and devise an optimal and realistic strategy using faked states to break the security of the cryptosystem.