Implementation vulnerabilities in general quantum cryptography

TL;DR

This paper reviews how practical implementation flaws can compromise the security of various quantum cryptographic protocols, emphasizing the importance of addressing these vulnerabilities early in development.

Contribution

It extends the analysis of implementation security issues from quantum key distribution to other quantum cryptographic primitives, proposing potential exploits and countermeasures.

Findings

Implementation flaws can break security assumptions in quantum protocols.

Exploits similar to those in QKD can threaten other quantum cryptographic schemes.

Countermeasures are discussed to mitigate these vulnerabilities.

Abstract

Quantum cryptography is information-theoretically secure owing to its solid basis in quantum mechanics. However, generally, initial implementations with practical imperfections might open loopholes, allowing an eavesdropper to compromise the security of a quantum cryptographic system. This has been shown to happen for quantum key distribution (QKD). Here we apply experience from implementation security of QKD to several other quantum cryptographic primitives. We survey quantum digital signatures, quantum secret sharing, source-independent quantum random number generation, quantum secure direct communication, and blind quantum computing. We propose how the eavesdropper could in principle exploit the loopholes to violate assumptions in these protocols, breaking their security properties. Applicable countermeasures are also discussed. It is important to consider potential implementation security issues early in protocol design, to shorten the path to future applications.