Foiling covert channels and malicious classical post-processing units in quantum key distribution

TL;DR

This paper addresses two critical security weaknesses in quantum key distribution by proposing methods to prevent memory-based covert channel attacks and untrusted classical post-processing, thereby enhancing overall QKD security.

Contribution

The authors introduce a general approach using verifiable secret sharing and multiple devices to secure QKD against memory attacks and untrusted classical units, applicable to both DI-QKD and non-DI-QKD.

Findings

Proposed a verifiable secret sharing scheme for QKD security.

Demonstrated security improvements against memory attacks.

Applicable to both device-independent and non-device-independent QKD.

Abstract

Existing security proofs of quantum key distribution (QKD) suffer from two fundamental weaknesses. First, memory attacks have emerged as an important threat to the security of even device-independent quantum key distribution (DI-QKD), whenever QKD devices are re-used. This type of attacks constitutes an example of covert channels, which have attracted a lot of attention in security research in conventional cryptographic and communication systems. Second, it is often implicitly assumed that the classical post-processing units of a QKD system are trusted. This is a rather strong assumption and is very hard to justify in practice. Here, we propose a simple solution to these two fundamental problems. Specifically, we show that by using verifiable secret sharing and multiple optical devices and classical post-processing units, one could re-establish the security of QKD. Our techniques are rather general and they apply to both DI-QKD and non-DI-QKD.