Quantum Hacking on Continuous-Variable Quantum Key Distribution System using a Wavelength Attack

TL;DR

This paper demonstrates a wavelength attack on continuous-variable quantum key distribution systems that compromises security by controlling Bob's beam splitter, highlighting the need for additional wavelength filtering.

Contribution

It introduces a practical wavelength attack exploiting implementation imperfections, showing how it can break the security assumptions of CV-QKD systems.

Findings

The attack can control the intensity transmission of Bob's beam splitter.

The attack renders the final key insecure even with local oscillator monitoring.

Adding a wavelength filter can prevent the attack.

Abstract

The security proofs of continuous-variable quantum key distribution are based on the assumptions that the eavesdropper can neither act on the local oscillator nor control Bob's beam splitter. These assumptions may be invalid in practice due to potential imperfections in the implementations of such protocols. In this paper, we consider the problem of transmitting the local oscillator in a public channel and propose a wavelength attack which can allow the eavesdropper to control the intensity transmission of Bob's beam splitter by switching the wavelength of the input light. Specifically we target continuous-variable quantum key distribution systems that use the heterodyne detection protocol using either direct or reverse reconciliation. Our attack is proved to be feasible and renders all of the final key shared between the legitimate parties insecure, even if they have monitored the intensity of the local oscillator. To prevent our attack on commercial systems, a simple wavelength filter should be added before performing the monitoring detection.