How Secure Are Two-Way Ping-Pong and LM05 QKD Protocols under a Man-in-the-Middle Attack?

TL;DR

This paper analyzes the vulnerability of two-way QKD protocols, ping-pong and LM05, to man-in-the-middle attacks, revealing their undetectability in message mode and suggesting the need for protocol redesign.

Contribution

It identifies a specific undetectable attack on two-way QKD protocols and compares their security with one-way BB84-like protocols, highlighting the need for improved security measures.

Findings

Man-in-the-middle attack copies all message mode messages undetectably.

Mutual information remains constant and perfect in message mode under attack.

Two-way protocols require redesign for better security detection.

Abstract

We consider a man-in-the-middle attack on two-way quantum key distribution ping-pong and LM05 protocols in which an eavesdropper copies all messages in the message mode, while being undetectable in the mode. Under the attack there is therefore no disturbance in the message mode and the mutual information between the sender and the receiver is always constant and equal to one and messages copied by the eavesdropper are always genuine. An attack can only be detected in the control mode but the level of detection at which the protocol should be aborted is not defined. We examine steps of the protocol to evaluate its security and find that the protocol should be redesigned. We also compare it with the security of a one-way asymmetric BB84-like protocol in which one basis serves as the message mode and the other as the control mode but which does have the level of detection at which the protocol should be aborted defined.