Weak randomness completely trounces the security of QKD

TL;DR

This paper demonstrates that the security of quantum key distribution (QKD) protocols can be completely compromised if the adversary has even limited access to the randomness sources used by the legitimate parties, highlighting a critical vulnerability.

Contribution

It reveals a previously overlooked vulnerability in QKD security proofs, showing that weak randomness can nullify unconditional security guarantees.

Findings

Limited access to randomness sources by Eve can break QKD security.

Security proofs assuming perfect randomness are vulnerable in realistic scenarios.

Weak randomness sources can be exploited through side channels to compromise keys.

Abstract

In usual security proofs of quantum protocols the adversary (Eve) is expected to have full control over any quantum communication between any communicating parties (Alice and Bob). Eve is also expected to have full access to an authenticated classical channel between Alice and Bob. Unconditional security against any attack by Eve can be proved even in the realistic setting of device and channel imperfection. In this Letter we show that the security of QKD protocols is ruined if one allows Eve to possess a very limited access to the random sources used by Alice. Such knowledge should always be expected in realistic experimental conditions via different side channels.