arXiv:1510.03148
submitted to PRL
Practical quantum communication (QC) protocols are assumed to be secure provided implemented devices are properly characterized and all known side channels are closed. We show that this is not always true. We demonstrate a laser-damage attack capable of modifying device behaviour on-demand. We test it on two practical QC systems for key distribution and coin-tossing, and show that newly created deviations lead to side channels. This reveals that laser damage can be a potential security risk to existing QC systems, and necessitates extensive countermeasure testing to guarantee security.
arXiv:1510.03148
submitted to PRL
Practical quantum communication (QC) protocols are assumed to be secure provided implemented devices are properly characterized and all known side channels are closed. We show that this is not always true. We demonstrate a laser-damage attack capable of modifying device behaviour on-demand. We test it on two practical QC systems for key distribution and coin-tossing, and show that newly created deviations lead to side channels. This reveals that laser damage can be a potential security risk to existing QC systems, and necessitates extensive countermeasure testing to guarantee security.
arXiv:1601.00993
submitted to IEEE Journal of selected topics in quantum electronics
In the last decade, efforts have been made to reconcile theoretical security with realistic imperfect implementations of quantum key distribution (QKD). However, in the process gaps have recently emerged between academic and industrial approaches to closing loopholes created by implementation imperfections. In academic research labs, many practical security problems appear to be reliably solved, in principle, by advanced schemes and protocols. Meanwhile the industry prefers practical and easier solutions, even without security verification in some cases.
Phys. Rev. A 91, 032326 (2015)