Deep-learning-based continuous attacks on quantum key distribution protocols

TL;DR

This work presents a deep-learning–assisted continuous attack (DLCA) on BB84 that exploits weak continuous measurements and an LSTM to infer the initial qubit states from homodyne currents. By modeling the qubit channel with a stochastic master equation and training a neural network to perform quantum state tomography from time-series data, the authors show that the attack yields information gains between intercept-and-resend and optimal individual attacks, while inducing measurable QBER. They quantify information-disturbance bounds, compare to a phase-covariant cloner, and estimate key rates under depolarizing noise, demonstrating both potential vulnerability in practical QKD implementations and the resilience provided by privacy amplification. The results highlight that deep-learning-based tomography can enable more effective quantum hacking in certain regimes, motivating further study of defenses against DL-enabled attacks and extensions to more realistic noise models and protocols.

Abstract

The most important characteristic of a Quantum Key Distribution (QKD) protocol is its security against third-party attacks, and the potential countermeasures available. While new types of attacks are regularly developed in the literature, they rarely involve the use of weak continuous measurement and more specifically machine learning to infer the qubit states. In this paper, we design a new individual attack scheme called \textit{Deep-learning-based continuous attack} (DLCA) that exploits continuous measurement together with the powerful pattern recognition capacities of deep recurrent neural networks. As a minimal model, we present its performances when applied in the case of the BB84 protocol with intrinsic noise in the communication channel. Our results suggest that our attack's performances lie between the ones of standard intercept-and-resend attacks and of the optimal individual attack, namely the phase-covariant quantum cloner. Our attack scheme demonstrates deep-learning-enhanced quantum state tomography applied to QKD, and could be generalized in many different ways, notably in the cases of quantum hacking attacks targeting implementation vulnerabilities that could compromise the security of QKD protocols.

Figures (7)

• Figure 1: Sketch representation of our attack scheme applied on the BB84 protocol. Alice sends linearly polarized photons to Bob via an optical fiber, while traveling they are subject to intrinsic dissipation in the fiber with a rate $\gamma_D$ and to weak measurement with a rate $\gamma_E$ performed by Eve on a certain portion of the fiber, the output of which being treated by a neural network to determine the initial state. In the sketched example, Alice sends six photons to Bob, among which three are polarized in the Pauli-X eigenbasis and three in the Pauli-Z eigenbasis. Bob measures randomly in one of these two bases each of the photons received, and the basis chosen is the right one for four of these. However, even if the measurement basis is right, there are two errors. The sketch highlights the two possible mechanisms for errors: intrinsic dissipation (blue dashed square) and measurement by a third party (purple dashed square). In this example, if Alice and Bob compare all the measurements when they chose the same basis, the QBER [Eq. (\ref{['eqQBER']})] would be $50\%$.
• Figure 2: Sketch representation of the LSTM architecture used in this paper. The input layer is composed of $100$ LSTM units, and is followed by two dense hidden layers of $40$ ReLU neurons and $4$ linear neurons respectively. On the left is a representation of one LSTM recurrent unit, composed of three gates with sigmoid activation functions (forget, input and output). These 3 gates determine which information from the prior hidden state must be erased, taken into account and stored respectively.
• Figure 3: Mean estimated accuracy $A$ (blue) and standard deviation (orange) of the model on the test set as a function of $\theta$. The photo currents of the test set were obtained using Eq. (\ref{['SME']}) and (\ref{['Jhom']}). Circled in red are the four maximum accuracy values and their corresponding standard deviations, reported in Table I. Other parameters are $\omega t_f = 0.1$ and $\gamma_E = 5\omega = 5\gamma_D$.
• Figure 4: QBER as a function of time and measurement angle $\theta$. The evolution of the photon states through time was obtained using Eq. (\ref{['SME']}). Other parameters are $\omega t_f = 0.1$ and $\gamma_E = 5\omega = 5\gamma_D$.
• Figure 5: $\lambda(\theta)$ [Eq. (\ref{['lambda_eq']})] as a function of $\theta$. Circled in red are the four values of $\theta$ maximizing $A$ found in Fig. \ref{['accuracy_theta']} and reported in Table I. Other parameters are $\omega t_f = 0.1$ and $\gamma_E = 5\omega = 5\gamma_D$.