No Arabic abstract
Counterfactual quantum key distribution protocols allow two sides to establish a common secret key using an insecure channel and authenticated public communication. As opposed to many other quantum key distribution protocols, part of the quantum state used to establish each bit never leaves the transmitting side, which hinders some attacks. We show how to adapt detector blinding attacks to this setting. In blinding attacks, gated avalanche photodiode detectors are disabled or forced to activate using bright light pulses. We present two attacks that use this ability to compromise the security of counterfactual quantum key distribution. The first is a general attack but technologically demanding (the attacker must be able to reduce the channel loss by half). The second attack could be deployed with easily accessible technology and works for implementations where single photon sources are approximated by attenuated coherent states. The attack is a combination of a photon number splitting attack and the first blinding attack which could be deployed with easily accessible technology. The proposed attacks show counterfactual quantum key distribution is vulnerable to detector blinding and that experimental implementations should include explicit countermeasures against it.
This is a brief comment on the Letter by Balygin and his coworkers [Laser Phys. Lett. 15, 095203 (2018)]. We point out an error that invalidates the Letters conclusions.
In a two-way deterministic quantum key distribution (DQKD) protocol, Bob randomly prepares qubits in one of four states and sends them to Alice. To encode a bit, Alice performs an operation on each received qubit and returns it to Bob. Bob then measures the backward qubits to learn about Alices operations and hence the key bits. Recently, we proved the unconditional security of the final key of this protocol in the ideal device setting. In this paper, we prove that two-way DQKD protocols are immune to all detector side channel attacks at Bobs side, while we assume ideal detectors at Alices side for error testing. Our result represents a step forward in making DQKD protocols secure against general detector side channel attacks.
Modern single-photon detectors based on avalanche photodiodes offer increasingly higher triggering speeds, thus fostering their use in several fields, prominently in the recent area of Quantum Key Distribution. To reduce the probability of an afterpulse, these detectors are usually equipped with a circuitry that disables the trigger for a certain time after a positive detection event, known as dead time. If the acquisition system connected to the detector is not properly designed, efficiency issues arise when the triggering rate is faster than the inverse of detectors dead-time. Moreover, when this happens with two or more detectors used in coincidence, a security risk called self-blinding can jeopardize the distribution of a secret quantum key. In this paper we introduce a trigger-disabling circuitry based on an FPGA-driven feedback loop, so to avoid the above-mentioned inconveniences. In the regime of single-photon-attenuated light, the electronics dynamically accept a trigger only after detectors complete recovery from dead-time. This technique proves useful to work with detectors at their maximum speed and to increase the security of a quantum key distribution setup.
Counterfactual quantum key distribution (QKD) enables two parties to share a secret key using an interaction-free measurement. Here, we point out that the efficiency of counterfactual QKD protocols can be enhanced by including non-counterfactual bits. This inclusion potentially gives rise to the possibility of noiseless attacks, in which Eve can gain knowledge of the key bits without introducing any errors in the quantum channel. We show how this problem can be resolved in a simple way that naturally leads to the idea of counterfactual security, whereby the non-counterfactual key bits are indicated to be secure by counterfactual detections. This method of enhancing the key rate is shown to be applicable to various existing quantum counterfactual key distribution protocols, increasing their efficiency without weakening their security.
The work by Christandl, Konig and Renner [Phys. Rev. Lett. 102, 020504 (2009)] provides in particular the possibility of studying unconditional security in the finite-key regime for all discrete-variable protocols. We spell out this bound from their general formalism. Then we apply it to the study of a recently proposed protocol [Laing et al., Phys. Rev. A 82, 012304 (2010)]. This protocol is meaningful when the alignment of Alices and Bobs reference frames is not monitored and may vary with time. In this scenario, the notion of asymptotic key rate has hardly any operational meaning, because if one waits too long time, the average correlations are smeared out and no security can be inferred. Therefore, finite-key analysis is necessary to find the maximal achievable secret key rate and the corresponding optimal number of signals.