Effects of detector efficiency mismatch on security of quantum cryptosystems

We suggest a type of attack on quantum cryptosystems that exploits variations in detector efficiency as a function of a control parameter accessible to an eavesdropper. With gated single-photon detectors, this control parameter can be the timing of the incoming pulse. When the eavesdropper sends short pulses using the appropriate timing so that the two gated detectors in Bob's setup have different efficiencies, the security of quantum key distribution can be compromised. Specifically, we show for the Bennett-Brassard 1984 (BB84) protocol that if the efficiency mismatch between 0 and 1 detectors for some value of the control parameter gets large enough (roughly 15:1 or larger), Eve can construct a successful faked-states attack causing a quantum bit error rate lower than 11%. We also derive a general security bound as a function of the detector sensitivity mismatch for the BB84 protocol. Experimental data for two different detectors are presented, and protection measures against this attack are discussed.

[1]  Kyo Inoue,et al.  Differential-phase-shift quantum key distribution , 2002, 2006 Digest of the LEOS Summer Topical Meetings.

[2]  Thierry Paul,et al.  Quantum computation and quantum information , 2007, Mathematical Structures in Computer Science.

[3]  N. Gisin,et al.  Low jitter up-conversion detectors for telecom wavelength GHz QKD , 2006 .

[4]  N. Gisin,et al.  Trojan-horse attacks on quantum-key-distribution systems (6 pages) , 2005, quant-ph/0507063.

[5]  M. Fejer,et al.  Differential phase shift quantum key distribution experiment over 105 km fibre , 2005, quant-ph/0507110.

[6]  M. Fejer,et al.  Highly efficient single-photon detection at communication wavelengths by use of upconversion in reverse-proton-exchanged periodically poled LiNbO3 waveguides. , 2005, Optics letters.

[7]  E. Diamanti,et al.  Performance of various quantum-key-distribution systems using 1.55-μm up-conversion single-photon detectors , 2005, quant-ph/0506036.

[8]  V. Scarani,et al.  Security of two quantum cryptography protocols using the same four qubit states (18 pages) , 2005, quant-ph/0505035.

[9]  Dag R. Hjelme,et al.  Faked states attack on quantum cryptosystems , 2005 .

[10]  Gilles Brassard,et al.  Quantum Cryptography , 2005, Encyclopedia of Cryptography and Security.

[11]  V. Makarov,et al.  Real-time phase tracking in single-photon interferometers. , 2004, Applied optics.

[12]  Yoshihiro Nambu,et al.  BB84 Quantum Key Distribution System Based on Silica-Based Planar Lightwave Circuits , 2004, quant-ph/0404015.

[13]  M. Koashi Unconditional security of coherent-state quantum key distribution with a strong phase-reference pulse. , 2004, Physical review letters.

[14]  V. Scarani,et al.  Coherent-pulse implementations of quantum cryptography protocols resistant to photon-number-splitting attacks , 2003, quant-ph/0302037.

[15]  John Preskill,et al.  Security of quantum key distribution with imperfect devices , 2002, International Symposium onInformation Theory, 2004. ISIT 2004. Proceedings..

[16]  V. Scarani,et al.  Quantum cryptography protocols robust against photon number splitting attacks for weak laser pulse implementations. , 2002, Physical review letters.

[17]  John Preskill,et al.  Secure quantum key distribution with an uncharacterized source. , 2003, Physical review letters.

[18]  Hoi-Kwong Lo,et al.  Proof of security of quantum key distribution with two-way classical communications , 2001, IEEE Trans. Inf. Theory.

[19]  S. Lamoreaux,et al.  New, efficient and robust, fiber-based quantum key distribution schemes , 2002, quant-ph/0203098.

[20]  N. Lütkenhaus,et al.  Quantum key distribution with realistic states: photon-number statistics in the photon-number splitting attack , 2001, quant-ph/0112147.

[21]  Ivan Damgård,et al.  Experimental quantum key distribution with proven security against realistic attacks , 2001 .

[22]  Dag Roar Hjelme,et al.  Large pulse attack as a method of conventional optical eavesdropping in quantum cryptography , 2001 .

[23]  N. Gisin,et al.  Faint laser quantum key distribution: Eavesdropping exploiting multiphoton pulses , 2001, quant-ph/0102062.

[24]  Dominic Mayers,et al.  Unconditional security in quantum cryptography , 1998, JACM.

[25]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[26]  N. Lütkenhaus Security against individual attacks for realistic quantum key distribution , 2000 .

[27]  Shor,et al.  Simple proof of security of the BB84 quantum key distribution protocol , 2000, Physical review letters.

[28]  Gisin,et al.  Quantum cryptography using entangled photons in energy-time bell states , 1999, Physical review letters.

[29]  G. Brassard,et al.  Security aspects of practical quantum cryptography , 1999, Conference Digest. 2000 International Quantum Electronics Conference (Cat. No.00TH8504).

[30]  Thomas Durt,et al.  Comment on “Practical Free-Space Quantum Key Distribution over 1 km” , 1999 .

[31]  C. G. Peterson,et al.  Buttler {ital et al.} Reply , 1999 .

[32]  Jean-Marc Merolla,et al.  Single-Photon Interference in Sidebands of Phase-Modulated Light for Quantum Cryptography , 1999 .

[33]  H. Bechmann-Pasquinucci,et al.  Incoherent and coherent eavesdropping in the six-state protocol of quantum cryptography , 1998, quant-ph/9807041.

[34]  H. Chau,et al.  Unconditional security of quantum key distribution over arbitrarily long distances , 1998, Science.

[35]  Richard J. Hughes,et al.  Practical free-space quantum key distribution over 1 km , 1998, quant-ph/9805071.

[36]  D. Bruß Optimal Eavesdropping in Quantum Cryptography with Six States , 1998, quant-ph/9805019.

[37]  F Zappa,et al.  Single-photon detection beyond 1 µm: performance of commercially available InGaAs/lnP detectors. , 1996, Applied optics.

[38]  Andrea L. Lacaita,et al.  SOLID-STATE SINGLE-PHOTON DETECTORS , 1996 .

[39]  Ueli Maurer,et al.  Generalized privacy amplification , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[40]  Ueli Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.

[41]  Charles H. Bennett,et al.  Quantum cryptography using any two nonorthogonal states. , 1992, Physical review letters.

[42]  Ekert,et al.  Quantum cryptography based on Bell's theorem. , 1991, Physical review letters.

[43]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.