Trustworthiness of detectors in quantum key distribution with untrusted detectors

TL;DR

This paper analyzes the security of a quantum key distribution protocol with untrusted detectors, revealing vulnerabilities where untrusted measurement devices can leak information, and emphasizes the need for countermeasures or trust assumptions.

Contribution

It demonstrates that untrusted Bell state measurement devices can leak information, highlighting security vulnerabilities in recent QKD protocols.

Findings

Untrusted BSM can send information outside the secure environment.

Trojan horse attacks can exploit untrusted detectors to gain key information.

Countermeasures or trust assumptions are necessary to ensure security.

Abstract

Measurement-device-independent quantum key distribution (MDI-QKD) protocol has been demonstrated as a viable solution to detector side-channel attacks. One of the main advantages of MDI-QKD is that the security can be proved without making any assumptions about how the measurement device works. The price to pay is the relatively low secure key rate comparing with conventional quantum key distribution (QKD), such as the decoy-state BB84 protocol. Recently a new QKD protocol, aiming at bridging the strong security of MDI-QKD with the high efficiency of conventional QKD, has been proposed. In this protocol, the legitimate receiver employs a trusted linear optics network to encode information on photons received from an insecure quantum channel, and then performs a Bell state measurement (BSM) using untrusted detectors. One crucial assumption made in most of these studies is that the untrusted BSM located inside the receiver's laboratory cannot send any unwanted information to the outside. Here, we show that if the BSM is completely untrusted, a simple scheme would allow the BSM to send information to the outside. Combined with Trojan horse attacks, this scheme could allow Eve to gain information of the quantum key without being detected. To prevent the above attack, either countermeasures to Trojan horse attacks or some trustworthiness to the "untrusted" BSM device is required.