Quantum cryptography and quantum hacking. Dr. Lars Lydersen

Similar documents
Quantum Hacking. Feihu Xu Dept. of Electrical and Computer Engineering, University of Toronto

Quantum Information Transfer and Processing Miloslav Dušek

Talk at 4th ETSI/IQC workshop on quantum-safe cryptography, September 19-21, 2016

Applications of Quantum Key Distribution (QKD)

Chapter 13: Photons for quantum information. Quantum only tasks. Teleportation. Superdense coding. Quantum key distribution

Communications Quantiques

Practical aspects of QKD security

arxiv: v1 [quant-ph] 10 Mar 2018

arxiv: v3 [quant-ph] 12 Jul 2017

Quantum Cryptography. Marshall Roth March 9, 2007

Security and implementation of differential phase shift quantum key distribution systems

Quantum Cryptography Bertrand Bonnefoy-Claudet Zachary Estrada

LECTURE NOTES ON Quantum Cryptography

+ = OTP + QKD = QC. ψ = a. OTP One-Time Pad QKD Quantum Key Distribution QC Quantum Cryptography. θ = 135 o state 1

Quantum threat...and quantum solutions

APPLICATIONS OF THE QUANTUM KEY DISTRIBUTION (QKD) METHOD

State Decoding in Multi-Stage Cryptography Protocols

Chapter 5. Quantum Cryptography

Research, Development and Simulation of Quantum Cryptographic Protocols

Ping Pong Protocol & Auto-compensation

Silicon avalanche photodiodes for satellite based quantum communication

Trustworthiness of detectors in quantum key distribution with untrusted detectors

Practical Issues in Quantum Cryptography

Experimental realization of quantum cryptography communication in free space

National Institute of Standards and Technology Gaithersburg, MD, USA

Cyber Security in the Quantum Era

An Introduction. Dr Nick Papanikolaou. Seminar on The Future of Cryptography The British Computer Society 17 September 2009

Quantum Cryptography and Security of Information Systems

Cryptography in a quantum world

5th March Unconditional Security of Quantum Key Distribution With Practical Devices. Hermen Jan Hupkes

C. QUANTUM INFORMATION 111

Quantum Cryptography in Full Daylight Ilja Gerhardt, Matthew P. Peloso, Caleb Ho, Antía Ilja Gerhardt Lamas-Linares and Christian Kurtsiefer

Enigma Marian Rejewski, Jerzy Róz ycki, Henryk Zygalski

Massachusetts Institute of Technology Department of Electrical Engineering and Computer Science Quantum Optical Communication

Detection of Eavesdropping in Quantum Key Distribution using Bell s Theorem and Error Rate Calculations

Practical quantum-key. key- distribution post-processing

Realization of B92 QKD protocol using id3100 Clavis 2 system

C. QUANTUM INFORMATION 99

Quantum Key Distribution. The Starting Point

Realization of Finite-Size Continuous-Variable Quantum Key Distribution based on Einstein-Podolsky-Rosen Entangled Light

FAKES STATES ATTACK USING DETECTOR EFFICIENCY MISMATCH ON SARG04, PHASE-TIME, DPSK, AND EKERT PROTOCOLS

TWO-LAYER QUANTUM KEY DISTRIBUTION

Practical Quantum Key Distribution

High Fidelity to Low Weight. Daniel Gottesman Perimeter Institute

APPLICATIONS. Quantum Communications

arxiv:quant-ph/ v1 25 Dec 2006

A Simulative Comparison of BB84 Protocol with its Improved Version

Cryptography CS 555. Topic 25: Quantum Crpytography. CS555 Topic 25 1

Simulation and Implementation of Decoy State Quantum Key Distribution over 60km Telecom Fiber

Quantum Communication

Beating Quantum Hackers

A Genetic Algorithm to Analyze the Security of Quantum Cryptographic Protocols

Investigation of System Performance of Quantum Cryptography Key Distribution in Network Security

arxiv: v3 [quant-ph] 25 Feb 2015

arxiv: v1 [quant-ph] 18 May 2018

Quantum key distribution

Quantum Cryptography

Practical quantum key distribution with polarization entangled photons

arxiv:quant-ph/ v1 26 Mar 2001

Simulation of BB84 Quantum Key Distribution in depolarizing channel

10 - February, 2010 Jordan Myronuk

Hacking Quantum Cryptography. Marina von Steinkirch ~ Yelp Security

Security of Quantum Key Distribution with Imperfect Devices

Counterfactual Quantum Deterministic Key Distribution

arxiv:quant-ph/ v1 22 Mar 2002

PROGRESS IN OPTICS VOLUME 4 9. E. Wolf

Toward Polarization Encoding Measurement- Device-Independent Quantum Key Distribution in Free-Space

Device-independent Quantum Key Distribution and Randomness Generation. Stefano Pironio Université Libre de Bruxelles

Attacks against a Simplified Experimentally Feasible Semiquantum Key Distribution Protocol

arxiv:quant-ph/ v6 6 Mar 2007

Quantum Cryptography

Quantum Cryptography

Mobile Free Space Quantum Key Distribution for short distance secure communication

Quantum cryptography: from theory to practice

Simulation and Implementation of Decoy State Quantum Key Distribution over 60km Telecom Fiber

Bell tests with Entangled Photons what is left?

QUANTUM key distribution (QKD) [1] is a provably secure

Introduction to Quantum Key Distribution

Security Implications of Quantum Technologies

Fundamental Security Issues in Continuous Variable Quantum Key Distribution

Information Networks Secured by the Laws of Physics

An Efficient Testing Process for a Quantum Key Distribution System Modeling Framework

An ultrafast quantum random number generator based on quantum phase fluctuations

Side-Channel Analysis of Privacy Amplification in Postprocessing Software for a Quantum Key Distribution System

SQL injection principle against BB84 protocol

BB84 Quantum Key Distribution System based on Silica-Based Planar Lightwave Circuits

FUNDAMENTAL AND PRACTICAL PROBLEMS. OF QKD SECURITY-THE ACTUAL AND THE arxiv: v4 [quant-ph] 4 Jun 2012 PERCEIVED SITUATION

arxiv: v3 [quant-ph] 1 Apr 2011

arxiv:quant-ph/ v2 7 Nov 2001

Siletz APD Products. Model VFP1-xCAA, VFP1-xKAB Packaged APDs

Ground-Satellite QKD Through Free Space. Steven Taylor

Information theoretic security by the laws of classical physics

arxiv:quant-ph/ v2 17 Sep 2002

Unconditional Security of the Bennett 1992 quantum key-distribution protocol over a lossy and noisy channel

arxiv:quant-ph/ v3 13 Mar 2007

EXPERIMENTAL DEMONSTRATION OF QUANTUM KEY

Schemes to generate entangled photon pairs via spontaneous parametric down conversion

arxiv:quant-ph/ v1 6 Dec 2005

Security of high speed quantum key distribution with finite detector dead time

Introduction to Quantum Cryptography

Transcription:

Quantum cryptography and quantum hacking Dr. Lars Lydersen GOVCERT.NL, Rotterdam 5. November 2

Quantum Hacking group NTNU, Trondheim & UNIK, Kjeller www.iet.ntnu.no/groups/optics/qcr/ Prof. Johannes Skaar Postdoc Vadim Makarov PhD students Qin Liu, Lars Lydersen, Øystein Marøy Collaborations: CQT Singapore, KTH Stockholm, Max Planck inst. Erlangen...

Quantum Hacking group. Discovering vulnerabilities Security proofs Demonstrating attacks Hardware countermeasures

What is quantum cryptography? Quantum = quantum physics = small particles Cryptography = coding of secrets Often called Quantum Key Distribution (QKD) Secret key used to code the message Provably secure Eavesdropping attempts detected 4

Quantum key distribution Alice Bob Optical fiber Internet (authenticated) 5

Photons as quantum bits Propagation direction H/V-basis ±45 -basis 6

BB84 7

What about Eve? Eve causes 25% QBER (Quantum bit error rate) 8

Post-processing All errors are assumed due to Eve Alice and Bob use error correction Eve's information is removed through privacy amplification key random matrix = raw key QKD offers perfect security with perfect devices (QBER < %) 9

How secure is practical QKD?

How avalanche photo diodes (APDs) work Geiger mode IAPD IAPD Ith Pth Popt Ith ng i h enc u Q Single photon VAPD Breakdown voltage Vbr L. Lydersen et al. Nat. Photonics 4, 686-689 (2)

Faked-state attack in APD linear mode Identical bases & bit values Eve Alice.Bob.Alice Bright state Bob Listen, do same, get same final key Eve using right basis: Eve using wrong basis: Bits get lost! 2 L. Lydersen et al. Nat. Photonics 4, 686-689 (2)

Launching bright pulse after the gate... VAPD Vbr Vbias afterpulses, increased QBER t bright C. Wiechers et al., New J. Phys. 3, 343 (2) < 2 photons L. Lydersen et al. Phys. Rev. A 83, 3232 (2) Add CW light... Bias to APD (Vbias) Rbias VHV 4 V VAPD Vbr Detector blind! Zero dark count rate Vbias t 3 L. Lydersen et al. Nat. Photonics 4, 686-689 (2)

Detector blinding ID Quantique Clavis2: MagiQ Technologies QPN 555: 4 L. Lydersen et al. Nat. Photonics 4, 686-689 (2)

Full detector control ID Quantique Clavis2: 5 L. Lydersen et al. Nat. Photonics 4, 686-689 (2)

Photo 2 Vadim Makarov Testing MagiQ Technologies QPN 555

Countermeasures suggested by Yuan et al. Vgate Input gate (PECL) DD SYH842 Vcomp R 72 DA MAX96 C.n APD Vclick == R2 5 C2 n R4 5 Output click (PECL) Vbias Resistor shorted R3 k Vth 8 mv VHV 43 V Changes proposed by Yuan et al.: - Rbias = or - Reduce Vth Z. L. Yuan et al. Nat. Photonics 4, 8 (2) Rbias = and reducing Vth is insufficient! L. Lydersen et al. Nat. Photonics 4, 8 (2) 7

Sinkhole blinding L. Lydersen et al. Opt. Express 8, 27938 (2)

Sinkhole blinding Vgate Input gate (PECL) DD SYH842 Vcomp AC-coupling R 72 DA MAX96 C.n APD Vclick == R2 5 C2 n R4 5 Output click (PECL) Vbias R3 k Vth 8 mv VHV 43 V Shorter sinkholes lower amplitude 9 L. Lydersen et al. Opt. Express 8, 27938 (2)

How avalanche photo diodes (APDs) work Geiger mode IAPD IAPD Ith Pth Popt Ith ng i h enc u Q Single photon VAPD Breakdown voltage Vbr 2 L. Lydersen et al. Nat. Photonics 4, 686-689 (2)

5 45 4 35 3 25 2 5 D e te cto r D e te cto r 5 2 4 6 8 2 ptical illumination, mw mw CW Ooptical illumination, Blind! 2.4 rre nt 3 4 cu 3 5 TE C Cold plate temperature, C 2 5 l o C 4 5 5 2 3 d a pl te te m p a er t e ur 2.2 2.8 ITEC, A Heat dissipation in the APD, mw Thermal blinding.6 C old pla te te m p e ra tu re TEC cu rre n t 4 5 6 7.4 8 Total heat dissipation in the APDs, mw L. Lydersen et al. Opt. Express 8, 27938 (2) 2

Thermal blinding of frames 22 L. Lydersen et al. Opt. Express 8, 27938 (2)

Eavesdropping on installed QKD line on campus of the National University of Singapore 29 m of fiber S4 S3 Bob S2 Alice S5 Satellite image Google Eve

Eve does not affect QKD performance Before attack: 3 Raw key rate (cps) During attack: 2 QBER (%) 9 8 7 6 5 4 3 2 5 5 2 Time (s) 25 3 5 5 2 Time (s) 25 3 35 24

Stages of secure technology Quantum cryptography. Idea / proof-of-the-principle 97 993 2. Initial implementations 994 25 3. Weeding out implementation loopholes (spectacular failures patching) Now! 4. Good for wide use 25

Can we eavesdrop on commercial systems? ID Quantique s Cerberis: Dual key agreement PKI RSA-248 Key Symmetric cipher QKD PKI Key AES-256 Symmetric cipher Photo 2 Vadim Makarov QKD BB84

Summary Imperfect implementations may be disastrous QKD-systems were vulnerable to detector control (responsibly disclosed). Full intercept-resend attack has been implemented on an experimental QKD-setup, catching the full key. QKD is forward secure. Email: charlotte.rugers@atos.net 27

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback