Hidden pulse attack model in plug-and-play quantum key distribution system

Abstract

Quantum key distribution (QKD) is a field of secure communication, whose security is unconditionally guaranteed by the law of quantum physics. With the proposal of BB84 protocol, security proofs and theoretical principles regarding QKD have been structured with extensive studies. Recently, several successful demonstrations of QKD and advents of commercial systems give expectations of useful QKD applications for the general public in near future. However, lots of concerns regarding unconditional security still exist because security proofs of QKD are based on an ideal QKD system model, which does not reflect imperfection of practical implementations. In fact, it makes fatal loopholes which allow potential eavesdroppers to obtain information shared between authenticated users. Since device imperfection is inevitable with current technologies, studies on possible attacks exploiting the imperfection have been largely spotlighted. Fortunately, most of revealed loopholes turned out to be closed in simple ways. In this paper, we propose a special trojan-horse attack model called a hidden pulse attack exploiting spectral characteristics of optical components used in a plug-and-play QKD system. In a plug-and-play QKD system, the sender monitors power of incoming pulses using a photodiode to find out potential eavesdropping attack from unauthenticated third parties. However, a photodiode may not be able to detect some wavelength components because spectral quantum efficiency of a photodiode extremely decreases in some spectral region. Thus, an eavesdropper can get information regarding modulation condition of the sender by transmitting extra pulses at undetectable spectral region. We modeled eavesdropping attack exploiting aforementioned fact for two different cases. One is the case where Eve can utilize a wavelength where quantum efficiency of the photodiode is zero. The other is the case where Eve only can utilize a wavelength with non-zero quantum efficiency due to filtering components. Security performance of the QKD system in terms of secret key rate and transmission distance is informatically analyzed for both cases. Theoretical results showed that the performance of decoy-state BB84 protocol is enormously diminished for both cases under this attack.