hello i would like to talk about a later publication
on hacking a quantum crypto system using the to get attacked
we find attacking particularly interesting because one improve the systems problem is a new level
of security in communication
the data to party elephant ball once you communicate then in contrast to classical cryptography
one cryptography of as in the method
with unconditional security in principle
anniversary you cannot eavesdrop on the communication of elephant ball because you will introduce errors
and therefore
detected
as secure to prove for such a scenario requires that model assumptions what the device
of elephant ball
this works fine in theory but
what about in practice
in the next meaning will ask the question can real alice and bob communicate securely
and we'll show you that real device properties should be taken into account in that
it should prove otherwise we consider the problems
these are the physical clip the devices that upright and bother for task one packers
but obviously not possible to be shown in the publications
the group the system we hacked is called clarice two main console by the acoustic
on the left side you see the other's module on the right side you see
the bob model in their exchanging secret keys
this is how the l s module looks from the inside the bit sequence and
you could you need to be random so here you see to quantum random number
generator modules that perform this task
next to various optical the tectonic components you see the phase modulator that encodes the
bit information on optical signals
these optical signals are sent by alice
the optical fibre act as a transmission channel
in a practical application this is of course much longer and can be on the
order of fifty kilometres
here the optical fibre enters ball
well also has a face modulator to perform the basis choice
the two detectors in ball avalanche prototype working in gated mode
here we see also some additions made by us
so as to get some information about various electronic signals in the module
in the real attack the inverse three of course cannot access such information however it
enables us to verify that our tech really works
the outputs from the use electronic task and now the on the oscilloscope
what you see are the gate pulses applied to the two detectors
this tells us when detectors involve all active
what we also see is that alice and bob communicating frames of about thousand pulses
we now zoom into a single frame and see individual case
the system normally expect the quantum signals to arrive within these detection gates
our tech which is an intercept in wrist and kind of an attack times the
pulses however to the right after the game
we have checked various time delays and the intensity of the pulses to optimize the
attack
explain the principle of the attack we need some theory
here you can see an ivy diagram of the a p d you which we
can explain the guy commode of an a p d based single photon detector
for the gate you see that there is a bias voltage applied to the a
p d
see the look point
during the gate the voltage is increased about the so-called breakdown voltage see the green
point
if you foreign
impinge as on the a p d then an avalanche affect generates a large current
this generates the detection event
but what happens
if we illuminating it after the gate
with the bias voltage below the breakdown voltage
the a p d is in a linear mode
this means that current really a p d is proportional to the optical power
p d merely registers whenever the powers relatively strong
the detector therefore has properties
which are very much unlike the ones
during the gate
and also unlike the ones assumed in the security proof
you know application
we show how to exploit this deviation
we simulate an attack of you in which she measures all ones signal
and we stands bright pulses time off the box gates
we found that the attack when to stick one clip the system insecure for large
parameter range
so we're in contact with the manufacturer in accounting and believe that all work is
vital for the practical security of q k d our team currently works on the
other attack on that obvious to device
so we'll be back