A Review of Security Evaluation of Practical Quantum Key Distribution System

Abstract

Although the unconditional security of quantum key distribution (QKD) has been widely studied, the imperfections of the practical devices leave potential loopholes for Eve to spy the final key. Thus, how to evaluate the security of QKD with realistic devices is always an interesting and opening question. In this paper, we briefly review the development of quantum hacking and security evaluation technology for a practical decoy state BB84 QKD system. The security requirement and parameters in each module (source, encoder, decoder and detector) are discussed, and the relationship between quantum hacking and security parameter are also shown.

Keywords: practical security; quantum communication; quantum cryptography; quantum key distribution; security evaluation.

Figure 1

The concept communication model of a QKD system, which includes five modules: source, encoder, channel, decoder and detector. The source generates the required optical pulse, single photon pulse for BB84, or the weak coherent pulses with different average intensities. The encoder and decoder transform two classical bits into quantum states, back and forth. The detector absorbs the photon and registers the click of SPDs. The detailed definition and security requirement for each module are given in the main text.

Figure 2

The phase distribution and intensity with and without Eve’s laser-injection attack, reprinted from Refs. [30,31]. (a,b) Phase distribution of Alice’s adjacent pulses tested from two samples of ID300 lasers. Without Eve’s attack, the phase is random. However, under 50 $\mu \mathrm{W}$ or 100 $\mu \mathrm{W}$ of Eve’s injected light, the phase follows a Gaussian distribution. (c) The increased intensity under laser-injection attack.

Figure 3

The experimental measurement of distinguishable states. (a) The pulse shapes of the decoy state and the signal state driven by electrical current. Reprinted from Ref. [32]. (b) Four encoded signal states and decoy states generated by individual laser diodes. Reprinted from Ref. [33].

Figure 4

The typical testing result of intersymbol interference, which shows the intensity correlation between neighboring pulses. Reprinted from Ref. [34].

Figure 5

The testing results of the laser damage attack on attenuator. (a) The attenuation values before and after the laser damage attack. (b) The attenuator with the damaged areas. Reprinted from Ref. [38].

Figure 6

The working principle of Trojan horse attack. Reprinted from Ref. [44].

Figure 7

The change of coupling ratio depending on the wavelength, which can be exploited by Eve to conduct the wavelength-dependent attack. Reprinted from Ref. [48].

Figure 8

The working principle of time-shift attack. (a) The typical mismatched curves of detection efficiency. (b) The scheme of experimental demonstration. Reprinted from Ref. [49].

Figure 9

The illustration of dead-time attack. Reprinted from Ref. [52]. (a) The scheme of the dead-time attack; (b) the timings of faked pulses and signal pulses with detection efficiency of signal pulses under dead-time attack.

Figure 10

The illustration of the blinding attack. (a) The equivalent circuit related to the APD in a detector, reprinted from [56]; (b) the working modes of a APD, reprinted from Ref. [26].