Hacking at Random
Hacking happens

Ilja Gerhardt
Vadim Makarov
Day Friday - 2009-08-14
Room Monty Hall
Start time 20:00
Duration 01:00
ID 168
Event type Lecture
Track Dealing with data (DD)
Language used for presentation English

How we eavesdropped 100% of a quantum cryptographic key

Quantum cryptography, as being based on the laws of physics, was claimed to be much more secure than all classical cryptography schemes. (Un)fortunately physical hardware is not beyond of an evil control: We present a successful attack of an existing quantum key distribution system exploiting a photon detector vulnerability which is probably present in all existing devices. Without Alice and Bob losing their faith in their secure communication, we recorded 100% of the supposedly secret key.

The actual eavesdropping hardware we have built will be shown during the conference.

A brief intro into quantum cryptography will be given at the beginning of the talk. Then, Vadim Makarov will explain the above attack. At the end of the talk, Ilja Gerhardt will (hopefully) present another application of the discovered detector vulnerability, which shall remain a surprise :)

Single photon detectors based on passively quenched avalanche photodiodes are used in a number of quantum key distribution experiments. A vulnerability has been found in which these detectors can be temporarily blinded and then forced to produce a click [1]. An attack exploiting this vulnerability against a free-space polarization based quantum cryptosystem [2,3] is feasible. By controlling the polarization of a bright beam the eavesdropper Eve can force any detector of her choice to fire in the legitimate receiver Bob, such that she gets a full control of it without introducing additional errors. This allows Eve to run an intercept-resend attack without getting caught, and obtain a full copy of the transmitted secret key. We have fully demonstrated this attack under realistic conditions on an installed fiber optic quantum key distribution system. The system uses polarization encoding over 290 m of optical fiber spanning four buildings. A complete eavesdropper has been built, inserted at a mid-way point in the fiber line, and 100% of the secret key information has been recorded. Under attack, no significant changes in the system operating parameters have been observed by the legitimate users, which have happily continued to generate their 'secret' key.

[1] V. Makarov, New J. Phys. 11, 065003 (2009). [2] I. Marcikic, A. Lamas-Linares, C. Kurtsiefer, Appl. Phys. Lett. 89, 101122 (2006). [3] M. P. Peloso et al., New J. Phys. 11, 045007 (2009).