Cybersecurity / quantum cryptographyDefeating detector blinding attacks on quantum cryptography

Published 2 December 2010

Quantum cryptography is a method to distribute digital encryption keys across an optical fiber; the protocol has been proven to be perfectly secure from eavesdropping; any differences between the theoretical protocol and its real-world implementation, however, can be exploited to compromise the security of specific systems; one form of attack on quantum cryptography is called a detector blinding attack — but Toshiba researchers show how such attacks can be rendered ineffective

The Cambridge Research Laboratory of Toshiba Research Europe announced yesterday that it has discovered a simple method to prevent detector blinding attacks on quantum cryptography.

Quantum cryptography is a method to distribute digital encryption keys across an optical fiber. The protocol has been proven to be perfectly secure from eavesdropping. Any differences between the theoretical protocol and its real-world implementation, however, can be exploited to compromise the security of specific systems.

A recent paper published in the September edition of Nature Photonics suggests a method to blind the Indium Gallium Arsenide (InGaAs) avalanche photo-detectors that are commonly used in quantum cryptography. If successful, this attack could allow an eavesdropper to gain information about the secret key.

Now an investigation by the Cambridge team, to be published in the December edition of Nature Photonics, demonstrates that the detector blinding attack is completely ineffective, provided that the single photon detectors are operated correctly.

The new study shows that the attack is only successful if a redundant resistor is included in series with the single photon detector, or if the discrimination levels are set inappropriately. Furthermore, by monitoring the photocurrent generated by the detector it is possible to prevent all bright light attacks on avalanche photodiodes.

Dr. Andrew Shields, assistant managing director, Toshiba Research Europe, commented that “Quantum cryptography is now entering a new phase in which the security of particular implementations is carefully analyzed and tested. This is important to uncover any security loopholes and to devise appropriate countermeasures. It will allow real-world devices to approach the perfect security that can be proven for the protocol.”

Toshiba recently implemented its quantum key distribution (QKD) technology in the quantum cryptography network set up in the Tokyo metropolitan area in October 2010. In a series of trials Toshiba demonstrated record average secure bit rates on installed fiber in the network. A secure bit rate of 304 kb/s was demonstrated, averaged over a 24-hour period, on a 45 km fiber despite a relatively high loss on the link of 14.5dB. In April 2010 the same team announced an average secure bit rate of 1 Mb/s for a laboratory based demonstration on a 50 km fiber spool.

— Read more in Z. L. Yuan et al., “Avoiding the blinding attack in QKD,” Nature Photonics 4, (December 2010): 800-1 (2010) (doi:10.1038/nphoton.2010.269) (sub. req.)