Insecurity of detector-device-independent quantum key distribution
Shihan Sajeed, Anqi Huang, Shihai Sun, Feihu Xu, Vadim, Makarov, Marcos Curty
TL;DR
This paper reveals that detector-device-independent quantum key distribution (ddiQKD), previously thought secure against detector side-channel attacks, is actually vulnerable due to exploitable device imperfections, challenging its assumed robustness.
Contribution
The paper demonstrates that ddiQKD's security is not based on post-selected entanglement and introduces practical eavesdropping strategies that compromise its security.
Findings
ddiQKD is insecure against detector side-channel attacks
Eavesdropping strategies work even with legitimate, non-malicious devices
Security claims of ddiQKD are invalidated by new attack methods
Abstract
Detector-device-independent quantum key distribution (ddiQKD) held the promise of being robust to detector side-channels, a major security loophole in QKD implementations. In contrast to what has been claimed, however, we demonstrate that the security of ddiQKD is not based on post-selected entanglement, and we introduce various eavesdropping strategies that show that ddiQKD is in fact insecure against detector side-channel attacks as well as against other attacks that exploit device's imperfections of the receiver. Our attacks are valid even when the QKD apparatuses are built by the legitimate users of the system themselves, and thus free of malicious modifications, which is a key assumption in ddiQKD.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.