Wu Zhihao, Huang Anqi, Chen Huan, Sun Shi-Hai, Ding Jiangfang, Qiang Xiaogang, Fu Xiang, Xu Ping, Wu Junjie
Opt Express. 2020 Aug 17;28(17):25574-25590. doi: 10.1364/OE.397962.
Quantum key distribution (QKD) has been proved to be information-theoretically secure in theory. Unfortunately, the imperfect devices in practice compromise its security. Thus, to improve the security property of practical QKD systems, a commonly used method is to patch the loopholes in the existing QKD systems. However, in this work, we show an adversary's capability of exploiting the imperfection of the patch itself to bypass the patch. Specifically, we experimentally demonstrate that, in the detector under test, the patch of photocurrent monitor against the detector blinding attack can be defeated by the pulse illumination attack proposed in this paper. We also analyze the secret key rate under the pulse illumination attack, which theoretically confirmed that Eve can conduct the attack to learn the secret key. This work indicates the importance of inspecting the security loopholes in a detection unit to further understand their impacts on a QKD system. The method of pulse illumination attack can be a general testing item in the security evaluation standard of QKD.
量子密钥分发(QKD)在理论上已被证明在信息理论上是安全的。不幸的是,实际中不完善的设备损害了其安全性。因此,为了提高实际QKD系统的安全性能,一种常用的方法是弥补现有QKD系统中的漏洞。然而,在这项工作中,我们展示了对手利用补丁本身的不完善来绕过补丁的能力。具体而言,我们通过实验证明,在被测探测器中,本文提出的脉冲照明攻击可以破解针对探测器致盲攻击的光电流监测器补丁。我们还分析了脉冲照明攻击下的密钥率,从理论上证实了伊芙(Eve)可以进行攻击来获取密钥。这项工作表明了检查检测单元中安全漏洞以进一步了解其对QKD系统影响的重要性。脉冲照明攻击方法可以成为QKD安全评估标准中的一个通用测试项目。
