Improved Finite-Key Security Analysis of Quantum Key Distribution Against Trojan-Horse Attacks

TL;DR

This paper develops improved finite-key security bounds for quantum key distribution that account for Trojan-horse attacks, enhancing practical security by bridging the gap between theoretical models and real-world vulnerabilities.

Contribution

It introduces a novel security analysis for decoy-state QKD schemes under Trojan-horse attack conditions, significantly outperforming previous bounds.

Findings

Enhanced security bounds against Trojan-horse attacks

Demonstrated improved finite-key analysis performance

Bridged the gap between theoretical security and practical vulnerabilities

Abstract

Most security proofs of quantum key distribution (QKD) disregard the effect of information leakage from the users' devices, and, thus, do not protect against Trojan-horse attacks (THAs). In a THA, the eavesdropper injects strong light into the QKD apparatuses, and then analyzes the back-reflected light to learn information about their internal setting choices. Only a few recent works consider this security threat, but predict a rather poor performance of QKD unless the devices are strongly isolated from the channel. Here, we derive finite-key security bounds for decoy-state-based QKD schemes in the presence of THAs, which significantly outperform previous analyses. Our results constitute an important step forward to closing the existing gap between theory and practice in QKD.