An approach for security evaluation and certification of a complete quantum communication system

TL;DR

This paper proposes a comprehensive security evaluation protocol for quantum communication systems, addressing implementation imperfections and providing a pathway toward standardized security certification.

Contribution

It introduces a hierarchical, multi-layered protocol for security assessment and improvement of quantum communication systems, including practical testing and patching procedures.

Findings

Applied protocol to commercial QKD systems

Identified and patched security loopholes

Enhanced security of quantum communication systems

Abstract

Although quantum communication systems are being deployed on a global scale, their realistic security certification is not yet available. Here we present a security evaluation and improvement protocol for complete quantum communication systems. The protocol subdivides a system by defining seven system implementation sub-layers based on a hierarchical order of information flow; then it categorises the known system implementation imperfections by hardness of protection and practical risk. Next, an initial analysis report lists all potential loopholes in its quantum-optical part. It is followed by interactions with the system manufacturer, testing and patching most loopholes, and re-assessing their status. Our protocol has been applied on multiple commercial quantum key distribution systems to improve their security. A detailed description of our methodology is presented with the example of a subcarrier-wave system. Our protocol is a step towards future security evaluation and security certification standards.