Hacking the quantum key distribution system by exploiting the avalanche transition region of single photon detectors

TL;DR

This paper reveals a new vulnerability in single photon detectors used in quantum key distribution systems by exploiting the avalanche transition region, demonstrating an attack that minimally affects system error rates.

Contribution

The study experimentally characterizes the avalanche transition region in SPDs and introduces an ATR attack method to control detectors with minimal detectable traces.

Findings

Successful ATR attack with less than 0.5% QBER

Minimal traces left in photocurrent and afterpulse

Proposed countermeasures against the attack

Abstract

Avalanche photodiode based single photon detectors, as crucial and practical components, are widely used in quantum key distribution (QKD) systems. For effective detection, most of these SPDs are operated in the gated mode, in which the gate is added to obtain high avalanche gain, and is removed to quench the avalanche. The avalanche transition region (ATR) is a certain existence in the process of adding and removing the gate. We first experimentally investigate the characteristic of the ATR, including in the commercial SPD and high-speed SPD, and then propose an ATR attack to control the detector. In the experiment of hacking the plug-and-play QKD system, Eve only introduces less than 0.5 % quantum bit error rate, and almost leaves no traces of her presence including the photocurrent and afterpulse probability. We finally give possible countermeasures against this attack.