Memory Attacks on Device-Independent Quantum Cryptography

TL;DR

This paper reveals a vulnerability in device-independent quantum cryptography where untrusted devices can leak information through public communication, compromising security, and proposes practical partial defenses and a new protocol structure to mitigate this risk.

Contribution

The paper identifies a critical security weakness in device-independent quantum cryptography protocols and introduces a new protocol design with partial defenses to enhance security in repeated key sharing.

Findings

Untrusted devices can record and leak information via public outputs.

Reusing devices without proper safeguards compromises security.

Proposed a new protocol structure with partial defenses for secure repeated key sharing.

Abstract

Device-independent quantum cryptographic schemes aim to guarantee security to users based only on the output statistics of any components used, and without the need to verify their internal functionality. Since this would protect users against untrustworthy or incompetent manufacturers, sabotage or device degradation, this idea has excited much interest, and many device-independent schemes have been proposed. Here we identify a critical weakness of device-independent protocols that rely on public communication between secure laboratories. Untrusted devices may record their inputs and outputs and reveal information about them via publicly discussed outputs during later runs. Reusing devices thus compromises the security of a protocol and risks leaking secret data. Possible defences include securely destroying or isolating used devices. However, these are costly and often impractical. We propose other more practical partial defences as well as a new protocol structure for device-independent quantum key distribution that aims to achieve composable security in the case of two parties using a small number of devices to repeatedly share keys with each another (and no other party).