Abstract
Quantum key distribution (QKD) based on the laws of quantum physics allows the secure distribution of secret keys over an insecure channel. Unfortunately, imperfect implementations of QKD compromise its information-theoretical security. Measurement-device-independent quantum key distribution (MDI QKD) is a promising approach to remove all side channels from the measurement unit, which is regarded as the “Achilles’ heel” of QKD. An essential assumption in MDI QKD is, however, that the sources are trusted. Here we experimentally demonstrate that a practical source based on a semiconductor laser diode is vulnerable to a laser-seeding attack, in which light injected from the communication line into the laser results in an increase of the intensities of the prepared states. The unnoticed increase of intensity may compromise the security of QKD, as we show theoretically for the prepare-and-measure decoy-state BB84 and MDI QKD protocols. Our theoretical security analysis is general and can be applied to any vulnerability that increases the intensity of the emitted pulses. Moreover, a laser-seeding attack might be launched as well against decoy-state-based quantum cryptographic protocols beyond QKD.
- Received 13 May 2019
- Revised 5 November 2019
- Corrected 25 February 2020
DOI:https://doi.org/10.1103/PhysRevApplied.12.064043
© 2019 American Physical Society
Physics Subject Headings (PhySH)
Corrections
25 February 2020
Correction: The order of the affiliation numbers for the sixth author has been reset, and minor fixes to wording in Secs. I and III have been made.