Hacking single-photon avalanche detectors in quantum key distribution via pulse illumination.

Quantum key distribution (QKD) has been proved to be information-theoretically secure in theory. Unfortunately, the imperfect devices in practice compromise its security. Thus, to improve the security property of practical QKD systems, a commonly used method is to patch the loopholes in the existing QKD systems. However, in this work, we show an adversary's capability of exploiting the imperfection of the patch itself to bypass the patch. Specifically, we experimentally demonstrate that, in the detector under test, the patch of photocurrent monitor against the detector blinding attack can be defeated by the pulse illumination attack proposed in this paper. We also analyze the secret key rate under the pulse illumination attack, which theoretically confirmed that Eve can conduct the attack to learn the secret key. This work indicates the importance of inspecting the security loopholes in a detection unit to further understand their impacts on a QKD system. The method of pulse illumination attack can be a general testing item in the security evaluation standard of QKD.