Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Cybersecurity of Quantum Key Distribution Implementations

Ittay Alfassi, Ran Gelles, Rotem Liss, Tal Mor

TL;DR

This work begins to bridge the gap between current analysis methods for experimental attacks on QKD implementations and the decades-long research in the field of classical cybersecurity, improving the practical security of QKD products and enhancing their usefulness in real-world systems.

Abstract

Practical implementations of Quantum Key Distribution (QKD) often deviate from the theoretical protocols, exposing the implementations to various attacks even when the underlying (ideal) protocol is proven secure. We present new analysis tools and methodologies for quantum cybersecurity, adapting the concepts of vulnerabilities, attack surfaces, and exploits from classical cybersecurity to QKD implementation attacks. We also present three additional concepts, derived from the connection between classical and quantum cybersecurity: "Quantum Fuzzing", which is the first tool for black-box vulnerability research on QKD implementations; "Reversed-Space Attacks", which are a generic exploit method using the attack surface of imperfect receivers; and concrete quantum-mechanical definitions of "Quantum Side-Channel Attacks" and "Quantum State-Channel Attacks", meaningfully distinguishing them from each other and from other attacks. Using our tools, we analyze multiple existing QKD attacks and show that the "Bright Illumination" attack could have been found even with minimal knowledge of the device implementation. This work begins to bridge the gap between current analysis methods for experimental attacks on QKD implementations and the decades-long research in the field of classical cybersecurity, improving the practical security of QKD products and enhancing their usefulness in real-world systems.

Cybersecurity of Quantum Key Distribution Implementations

TL;DR

This work begins to bridge the gap between current analysis methods for experimental attacks on QKD implementations and the decades-long research in the field of classical cybersecurity, improving the practical security of QKD products and enhancing their usefulness in real-world systems.

Abstract

Practical implementations of Quantum Key Distribution (QKD) often deviate from the theoretical protocols, exposing the implementations to various attacks even when the underlying (ideal) protocol is proven secure. We present new analysis tools and methodologies for quantum cybersecurity, adapting the concepts of vulnerabilities, attack surfaces, and exploits from classical cybersecurity to QKD implementation attacks. We also present three additional concepts, derived from the connection between classical and quantum cybersecurity: "Quantum Fuzzing", which is the first tool for black-box vulnerability research on QKD implementations; "Reversed-Space Attacks", which are a generic exploit method using the attack surface of imperfect receivers; and concrete quantum-mechanical definitions of "Quantum Side-Channel Attacks" and "Quantum State-Channel Attacks", meaningfully distinguishing them from each other and from other attacks. Using our tools, we analyze multiple existing QKD attacks and show that the "Bright Illumination" attack could have been found even with minimal knowledge of the device implementation. This work begins to bridge the gap between current analysis methods for experimental attacks on QKD implementations and the decades-long research in the field of classical cybersecurity, improving the practical security of QKD products and enhancing their usefulness in real-world systems.

Paper Structure

This paper contains 62 sections, 58 equations, 6 figures.

Table of Contents

  1. Introduction
  2. Other Related Work
  3. Preliminaries
  4. The (Ideal) BB84 Protocol
  5. Realistic QKD Implementations and Fock Space Notation
  6. Classical and Quantum Cybersecurity
  7. Classical Cybersecurity
  8. Cybersecurity of QKD systems
  9. Vulnerabilities
  10. Examples of Vulnerability Classes in QKD
  11. Attack Surface
  12. Exploits
  13. Generic exploit methods.
  14. Example: Faked States exploit.
  15. Quantum Fuzzing: Vulnerability Research for QKD
  16. ...and 47 more sections

Figures (6)

  • Figure 1: (a) Structure of the QKD receiver targeted in the Bright Illumination attack. PIBS: polarization-independent beam splitter. PBS: polarizing beam splitter. PR: polarization rotator. APD: avalanche photodiode. (b) Propagation of Eve's high-intensity pulse through the QKD receiver.
  • Figure 2: A representation of the relations between QKD attacks and our results.
  • Figure 3: A symmetric beam splitter with two input modes, (1) and (2), and two output modes, (3) and (4).
  • Figure 4: A Mach-Zehnder interferometer. (a) An input qubit. The time-difference between the two incoming modes is identical to the difference between the two arms; (b) a vacuum state entering the second (blocked) arm; (c) beam splitters; (d) phase shifter $P_\phi$; (e) six output modes.
  • Figure 5: Evolution in time of a single photon pulse through the interferometer with $\phi=0$: $| {0{,}0{,}0{,}1} \rangle^{\!\text{\tiny F}}_{3',2',1',1} \to \frac{1}{2} \left (| {0{,}0{,}0{,}1} \rangle^{\!\text{\tiny F}} - | {0{,}0{,}1{,}0} \rangle^{\!\text{\tiny F}}+ i| {0{,}1{,}0{,}0} \rangle^{\!\text{\tiny F}} + i| {1{,}0{,}0{,}0} \rangle^{\!\text{\tiny F}} \right )_{6,4,7,5}$. The output state is denoted by modes $| {n_{d_1}, n_{d_0}, n_{s_1}, n_{s_0}} \rangle^{\!\text{\tiny F}}$ that correspond to modes (6), (4), (7), and (5), respectively.
  • ...and 1 more figures

Theorems & Definitions (6)

  • Definition 4
  • Definition 5
  • Definition 6
  • Definition 7
  • Definition 8
  • Definition 9