Reference Pulse Attack on Continuous-Variable Quantum Key Distribution with Local Local Oscillator under trusted phase noise

TL;DR

This paper reveals a security vulnerability in LLO CVQKD systems when trusting phase noise, demonstrating how an attacker can exploit this to compromise security, but also proposes countermeasures to mitigate this risk.

Contribution

It introduces the reference pulse attack exploiting trusted phase noise in LLO CVQKD and proposes countermeasures to enhance security and performance.

Findings

Attack achieves unity efficiency at 23.8km and 32.0km distances.

Partially trusted phase noise improves key rate by 9.5 times at 20km.

Transmission distance extends by 45% with countermeasures.

Abstract

We show that partially trusting the phase noise associated with estimation uncertainty in a LLO CVQKD system allows one to exchange higher secure key rates than in the case of untrusted phase noise. However, this opens a security loophole through the manipulation of the reference pulse amplitude. We label this as "reference pulse attack" which is applicable to all LLO-CVQKD systems if the phase noise is trusted. We show that, at the optimal reference pulse intensity level, Eve achieves unity attack efficiency at 23.8km and 32.0km while using lossless and 0.14dB/km loss channels, respectively, for her attack. However, in order to maintain the performance enhancement from partially trusting the phase noise, countermeasures have been proposed. As a result, the LLO-CVQKD system with partially trusted phase noise owns a superior key rate at 20km by an order 9.5, and extended transmission distance by 45%, than that of the phase noise untrusted system.