Thermal blinding of gated detectors in quantum cryptography
Lars Lydersen, Carlos Wiechers, Christoffer Wittmann, Dominique Elser, Johannes Skaar, Vadim Makarov
aa r X i v : . [ qu a n t - ph ] S e p Thermal blinding of gated detectors in quantum cryptography
Lars Lydersen,
1, 2, ∗ Carlos Wiechers,
3, 4, 5
Christoffer Wittmann,
3, 4
Dominique Elser,
3, 4
Johannes Skaar,
1, 2 and Vadim Makarov Department of Electronics and Telecommunications,Norwegian University of Science and Technology, NO-7491 Trondheim, Norway University Graduate Center, NO-2027 Kjeller, Norway Max Planck Institute for the Science of Light, G¨unther-Scharowsky-Str. 1/Bau 24, 91058 Erlangen, Germany Institut f¨ur Optik, Information und Photonik, University ofErlangen-Nuremberg, Staudtstraße 7/B2, 91058 Erlangen, Germany Departamento de F´ısica, Universidad de Guanajuato, Lomas del Bosque 103,Fraccionamiento Lomas del Campestre, 37150, Le´on, Guanajuato, M´exico (Dated: May 27, 2018)It has previously been shown that the gated detectors of two commercially available quantum keydistribution (QKD) systems are blindable and controllable by an eavesdropper using continuous-wave illumination and short bright trigger pulses, manipulating voltages in the circuit [L. Lydersen et al. , Nat. Photonics DOI:10.1038/nphoton.2010.214]. This allows for an attack eavesdropping thefull raw and secret key without increasing the quantum bit error rate (QBER). Here we show howthermal effects in detectors under bright illumination can lead to the same outcome. We demonstratethat the detectors in a commercial QKD system Clavis2 can be blinded by heating the avalanchephoto diodes (APDs) using bright illumination, so-called thermal blinding . Further, the detectorscan be triggered using short bright pulses once they are blind. For systems with pauses betweenpacket transmission such as the plug-and-play systems, thermal inertia enables Eve to apply thebright blinding illumination before eavesdropping, making her more difficult to catch.
PACS numbers: 03.67.Dd
I. INTRODUCTION
In theory quantum mechanics allows two parties, Al-ice and Bob, to grow a private, secret key, even if theeavesdropper Eve can do anything permitted by the lawsof nature [1–4]. The field of quantum key distribution(QKD) has evolved rapidly in the last two decades, withtransmission distance increasing from a table top demon-stration to over 250 km in the laboratory [5], and com-mercial QKD systems available from several vendors[6].However the components used for the experimental re-alizations of QKD have imperfections. Numerous imper-fections have been addressed in security proofs [7–12].For some loopholes it took several years from their dis-covery until they were covered by security proofs, for in-stance the Trojan-horse [13, 14] loophole and detectorefficiency mismatch [15, 16]. The latter was exploited inthe time-shift attack [17] on a commercial QKD system[18]. Other loopholes include a variety of side-channels[19–22].Common to the loopholes mentioned so far is thatthey are not implementable in practice, or only leavea marginal advantage for Eve. For instance, the im-plementation of the time-shift attack [18] gave Eve aninformation-theoretic advantage, allowing her to outper-form a straight brute-force search for the key in 4% ofher attempts. In the practical phase-remapping attack[22], Eve caused 19.7% QBER compromising merely the ∗ [email protected] hardly ever used two-way post-processing protocol whichproduces secure key at QBER up to 20% [23, 24].There is however one class of attacks which standsout in terms of implementability, Eve’s information andQBER: The blinding attacks [25–27] are fully imple-mentable with current technology, and give Eve the wholeraw key while causing zero additional QBER. In theseattacks, the APDs are tricked to exit the single-photonsensitive Geiger mode, and are so-called blind . Eve usesa copy of Bob’s apparatus to detect Alice’s signals, butresends bright trigger pulses instead of single photons,as in the after-gate attack [28]. When the detectors areblind, Bob will only detect the bright trigger pulses ifhe uses the same basis as Eve. Otherwise his detectorsremain silent. Hence Eve gets a full copy of the rawkey while causing no additional QBER. Both passivelyquenched detectors [25], actively quenched detectors [26]and the gated detectors of two commercially availableQKD systems [27] have been shown to be vulnerable toblinding. In the case of the passively-quenched detectors,this loophole has been exploited in the first full-scale im-plementation of an eavesdropper [29], which was insertedin the middle of the 290 m transmission line in an exper-imental entanglement-based QKD system [30, 31], andrecovered 100% of the raw key.Previously the gated detectors in the commerciallyavailable system Clavis2 from manufacturer ID Quan-tique were subject to continuous-wave (CW) blinding[27]. The blinding illumination caused the bias voltage atthe APDs to drop due to the presence of DC impedanceof the bias voltage supply, and therefore the APDs werenever in Geiger mode. In this paper we show how thesame detectors, regardless of the impedance of the biasvoltage supply, can be blinded by heating the APD, so-called thermal blinding . We show that thermal blindingis more sophisticated form of attack than previously re-ported CW-blinding [27] because the APD can be heatedwell in advance of the detection times, and is as suchharder to catch. Especially for Clavis2, all the detectorparameters such as temperature of the cold plate, biasvoltage and APD current indicate single photon sensitiv-ity while the detectors are in fact blind.In this paper we first briefly review how APDs in thelinear mode can be exploited to eavesdrop on QKD sys-tems (section II). Then the detector design in Clavis2 isdiscussed (section III) before we show how it is possibleto thermally blind and trigger the detectors (section IV).Finally we briefly discuss countermeasures in section Vand conclude in section VI. II. EAVESDROPPING EXPLOITING APDs INLINEAR MODE
In this section we briefly review how APDs in the linearmode can be exploited to eavesdrop on QKD systems[26, 27].In Geiger mode operation, an electron-hole pair pro-duced by an absorbed single photon is amplified to a largecurrent in the APD, which exceeds a current compara-tor threshold and reveals the photon’s presence. This isreferred to as a click [32].In the linear mode however, when an APD is reverse-biased at a constant voltage below the breakdown volt-age [33], the current through the APD is proportional tothe incident optical power. Usually the APD is placedin a resistive network, and also has an internal resis-tance. Hence, the current through the APD lowers thebias voltage, and the current through the APD is mono-tonically increasing with the incident optical power. Inthis regime, the comparator current threshold translatesto a classical optical power threshold [27].If APDs are used as detectors in a QKD system, andthey are optically accessible to Eve when biased underthe breakdown voltage, Eve may eavesdrop on the QKDsystem with an intercept-resend (faked-state [34]) attack.Eve uses a copy of Bob to detect the qubits from Alicein a random basis. Eve resends her detection results, butinstead of sending single photons she sends bright pulses,just above the classical optical power threshold. Bob willonly have a detection event if his basis choice coincideswith Eve’s basis choice (see Fig. 1), otherwise no detectorclicks.After the raw key exchange, Bob and Eve are identi-cal both in bit values and basis choices. Since Eve usesa copy of Bob’s detectors, Bob’s photon-number detec-tion statistics is equal with or without Eve. Thereforethe attack works equally well on the BB84 protocol [1],the Scarani-Acin-Ribordy-Gisin 2004 (SARG04) [35] anddecoy-state BB84 protocols [36–38]. In addition to at- a) b)BS BS ttI I th I I th ttI I th I I th “0” “0”“1” “1” Click!
FIG. 1. The last beam splitter (BS) as well as the detectors ina phase-encoded QKD system. I and I is the current run-ning through APD 0/1, and I th is the comparator thresholdcurrent above which the detector registers a click. Here weassume that the APDs are in the linear mode, and that Evesends a bright pulse slightly above the optical power thresh-olds. a) Eve and Bob have selected matching bases. Thereforethe full intensity in the pulse from Eve hits detector 0. Thecurrent caused by Eve’s pulse crosses the threshold currentand causes a click. b) Eve and Bob have selected oppositebases. Therefore half the intensity of Eve’s pulse hits eachdetector (corresponding to 50% detection probability in ei-ther detector for single photons). This causes no click as thecurrent is below the threshold for each detector. tacking the quantum channel, Eve listens on the classicalchannel between Alice and Bob. Afterwards Eve per-forms the same classical post-processing as Bob to obtainthe identical secret key.Note that the classical optical power threshold has tobe sufficiently well defined for successful perfect eaves-dropping. To be precise, let an optical power of P ,i or greater always cause a click when applied to detector i . Likewise, let an optical power of P ,i or less nevercause a click when applied to detector i . The sufficientcondition for Eve to be able to make any single detec-tor click while none of the other detectors click, can beexpressed asmax i (cid:8) P ,i (cid:9) < (cid:16) min i (cid:8) P ,i (cid:9)(cid:17) . (1) III. DETECTOR DESIGNA. Detector circuit
Figure 2 shows an equivalent detector bias and com-parator circuit diagram for the detectors in Clavis2,based on reverse engineering. The APD is biased justabove its breakdown voltage by the high voltage sup-ply V HV,0 = − .
89 V, V HV,1 = − .
08 V. On top ofthis bias the APD is gated with 2 . DA1MAX9601SY100H842DD1gate click(PECL)Output(PECL)Input shortTemporary
APD 1.1n100nR172 C1C2150 150R2 R41 ==T3 T4T2T1 1kR3 V th,0/1 V HV,0/1
FIG. 2. Equivalent detector bias and comparator circuit.Taps T1-T3 are analog taps of the APD gates ( V gate , / ), theAPD bias ( V bias , / ) and the comparator input ( V comp , / ).The digital tap T4 of the detector output ( V click , / ) hasbeen converted to logic levels in all oscillograms. For theexperiments presented in section IV, the resistor R3 has beenshorted. are applied as PECL signals from the mainboard, andthe buffer converts them to TTL levels, 0 V and approx-imately 3 V. The anode of the APD is AC-coupled to afast comparator DA1 with the thresholds V th,0 = 78 mVand V th,1 = 82 mV.The normal operation of the detector circuit can beseen in Fig. 3. A number of techniques have been de-veloped for compensating the capacitive pulse throughAPDs in the absence of an avalanche [39–42], but thisparticular detector simply sets the comparator thresh-olds above the amplitude of the capacitive pulse.As a side note, applying CW illumination to the APDallowed us to measure the timing of the quantum ef-ficiency curve within the gate quite precisely, see Ap-pendix B. B. Detector cooling
To reduce the probability of dark counts, APDs areusually cooled to a low temperature. The two APDs inthis QKD system are cooled together by one 4-stage ther-moelectric cooler (TEC) (Osterm PE4-115-14-15 [43]).The system software reports the temperature measuredby a thermistor mounted on the cold side of the top stage(cold plate), and close to where the APDs are mounted.Note that the cold plate temperature is not always thesame as the APD chip temperature, as there is actuallya quite substantial thermal resistance between the two.This will become an important point in section IV B. Thehot side of the TEC is mounted on a large heatsink witha fan, such that it stays at approximately room temper-ature.The temperature of the cold plate is maintained at apre-set value by a closed-loop controller that adjusts theTEC current. When the system is switched on, the coldplate (and thus the APDs) is first cooled to the targettemperature, − ◦ C. The system will not start opera-tion unless the cold plate settles at a temperature below − . ◦ C. After this initial check however, during system V ga t e , V −0.0800.080.16 V c o m p , V −40 0 40 80 120 160 200 240 280Logic 0Logic 1 Time, ns V c li ck , V FIG. 3. An example of electrical signals during two gates indetector 1 without any illumination. In the first gate thermalfluctuations or trapped carriers have caused an avalanche, anda click at the comparator output (dark count). A typical am-plitude of the avalanche peak is 200 mV for detector 0 and300 mV for detector 1. Normally the system removes 50 gatesafter a detection event, but for this oscillogram this featurehas been disabled. In the second gate there is no detectionevent. When no current runs through the APD, it is equiv-alent to a capacitor, and thus approximately the derivativeof the gate pulse shape propagates to the comparator input,with peak positive amplitude ≈
35 mV. operation, there seems to be no future checks of the coldplate temperature, even if the controller is unable to keepit at the target value.
IV. BLINDING AND CONTROL
Blinding is achieved when the system is insensitive tosingle photons. This can be achieved by ensuring thatthe APD bias voltage is below the breakdown voltage, orby lowering the voltage in front of the comparator suchthat the avalanche current does not cross the compara-tor threshold. The detectors are controllable if they areaccessible to Eve in the linear mode with a sufficientlywell defined classical optical power click threshold, as inEq. 1.We have previously reported that blinding Clavis2 canbe achieved by CW illumination due to the bias voltagesupply impedance R3 = 1 kΩ, which makes the bias volt-age drop to a level where the APD is never in Geigermode [27], even inside the gate.One fast and easy countermeasure could be to usea low-impedance bias voltage source in the detectors.Therefore, in this paper we consider a modified ver-sion of the detectors with R3 shorted (see Fig. 2). Wepresent three different blinding techniques which may beused against detectors with a low-impedance bias voltagesource, and show that the detectors can be controlled bytrigger pulses in the blind state. The technique in sec-tion IV A clearly works against high-impedance biaseddetectors as well as against low-impedance biased detec-tors since it has been demonstrated [27]. The differenceis that with a low-impedance bias voltage source, theblinding originates from thermal effects instead of biasvoltage drop. The technique in section IV B has beenused on low-impedance biased detectors, but we see noreason why it should not work similarly well against theunmodified high-impedance biased detectors. The tech-nique in section IV C has been used on both high- andlow-impedance biased detectors, but we only present theresults for the low-impedance biased detectors in this pa-per.
A. Thermal CW-blinding
It turns out that it is possible to blind also low-impedance biased detectors (R3 = 0) by CW illumina-tion. When an APD is illuminated, the power dissi-pated in the APD is transformed to heat, which mayincrease the APD temperature. The breakdown voltageis temperature dependent: increasing the temperatureincreases the breakdown voltage. Since the bias voltageis constant, this makes the APD leave the Geiger mode.Two effects contribute to the power dissipation: electri-cal heating ( V APD · I APD ) and the small contribution bythe absorption of the optical power. For the heat dissipa-tion calculations, we simply assume that all the opticalpower is absorbed and transformed to heat. Figure 4shows how the heat dissipation increases with the opticalillumination.When the sum of the heat dissipations of the two de-tectors is approximately 300 mW, the cooling system isrunning at its maximum capacity with a TEC current ofabout I TEC = 2 .
37 A (the air temperature at the heatsinkfan intake at this time was 23 . ◦ C). When the optical il-lumination is increased beyond this point, the cold plate(and thus APD) temperature starts to increase. Figure 5shows how the temperature of the cold plate increaseswith the total amount of heat dissipated in the APDs.When the optical illumination, and thus the load is in-creased beyond the maximum capacity of the TEC, thecold plate temperature increases approximately linearlywith the heat dissipated by the APD. While not in thespecifications of this specific TEC [43], other data sheetsof similar TECs [44] show that the temperature differ-ence between the hot and cold plate decreases linearlywith respect to the load, given a constant TEC current.When the temperature of the APDs increases, thebreakdown voltage also increases with the coefficient ofabout 0 . / K [45]. In this experiment we illuminatedboth detectors simultaneously, to get sufficient tempera-ture increase without risking a permanent damage to theAPDs. We used a fibre-optic coupler (see appendix Afor the experimental setup) to illuminate both detectors,with 46.75%/53.25% of the optical power going to detec-tor 0/1. This is approximately equal to the measuredsplitting ratio for the beam splitter in front of the detec- H ea t d i ss i pa t i on i n t he AP D , m W Detector 0Detector 1
FIG. 4. Calculated heat dissipation (based on measured APDcurrent and voltage) versus the optical illumination for eachof the two detectors. C o l d p l a t e t e m pe r a t u r e , ° C I T E C , A Cold plate temperatureTEC current
FIG. 5. The temperature of the cold plate and TEC currentreported by the software, versus the total amount of heatdissipated in the APDs. It takes several minutes for the coldplate temperature to stabilize at a new value (hotter than − ◦ C) after the power dissipation in the APDs is changed. tors in the system, when illuminated through the shortarm of the interferometer [46–48].Fig. 6 shows the click probability versus the CW il-lumination of the two detectors. The click probabilitydrops below the normal dark count probability (about10 − ), before it becomes exactly zero when the illumina-tion exceeds 8 . − ◦ C. Therefore, the detectorsstay blind for some time after the CW blinding illumina-tion is turned off. Detectors 0 and 1 regain dark countswhen the cold plate (and thus the APDs) becomes colderthan − . ◦ C and − . ◦ C, respectively.To verify that the detectors could be controlled, thedetectors were blinded with 9 . . C li ck p r obab ili t y −2 −4 −6 −8 Detector 0Detector 1
FIG. 6. Click probability versus power of CW illuminationapplied to both detectors simultaneously.TABLE I. Control pulse peak power at 0 % and 100 % clickprobability thresholds, in CW thermal blinding mode.Detector Click probabilities0 % 100 %0 1 .
12 mW 1 .
31 mW1 1 .
71 mW 2 .
02 mW a 3 ns long laser pulse slightly after the gate. The clickprobability thresholds are listed in table I. The thresh-olds satisfy Eq. 1, and thus the eavesdropping methoddescribed in section II should be possible when the de-tectors are thermally blinded by CW illumination.After observing thermal blinding in this experi-ment, we realized that this could be the reason whythe PerkinElmer SPCM-AQR actively-quenched detec-tor module remained blind at bright pulse frequenciesabove 400 kHz, despite no substantial bias voltage drop[26]. Therefore we did more precise measurements whichconfirm that PerkinElmer SPCM-AQR can be thermallyblinded [49].
B. Thermal blinding of frames
As this QKD system is of plug-and-play type, it sendsthe qubits in packets called frames to avoid Rayleighback-scattered photons to arrive during the gates andincrease the QBER [46, 50]. For our experiment we used1072 qubits per frame [51]. With a 200 ns bit period thismakes the frame length 214 . µ s. The break in betweenthe frames varies with the fibre length between Alice andBob, but is always longer than the frame itself. In ourexperiment we simply used a 250 µ s frame break, whichmakes a total frame + break period of 464 . µ s.It turns out that the APD chip and the inner partsimmediately touching it ( not the APD package and notthe cold plate) act as a thermal reservoir on the frameperiod time scale. Therefore bright illumination betweenthe frames heats the APD sufficiently that it stays blindthroughout the whole frame. Based on the optical power where the frames went blind, and the average currentthrough the APDs, the thermal resistance between eachAPD chip and the cold plate is estimated to be at least190 K / W.To heat the APDs we used 225 µ s long pulses timedin between the frames and fired at both APDs simulta-neously. The whole frame went blind at approximately1 . . µ s long pulses with3 . − . ◦ C, and theTEC was running well below its maximum capacity at I TEC = 2 .
006 A.To verify that the detectors could be controlled, wechecked the response to a 4 ns long control pulse timedslightly after the gate of one of the first bits of the frame,and the last bit of the frame. The detection probabilitythresholds for the second [52] and the last bit are givenin tables II and III. Figure 8 shows oscillograms fromdetector 1 when it is blinded and controlled in the secondbit of the frame.The click probability thresholds in tables II and IIIeach satisfy Eq. 1 individually. However, P , in thelast bit of the frame is less than 1 / P , in thesecond bit of the frame. This means that the controlpulse power would have to be decreased throughout theframe. Since the second and the last bit of the framecan be controlled, it is plausible that the eavesdroppingmethod described in section II could be applied to anybit of the frame.What is remarkable about this blinding method is thatdue to the low thermal conductivity between the APDchip and the cold plate, as well as the thermal inertiaof the nearby parts, the cold plate thermistor reports avalue very close to the normal value. Therefore moni-toring the cold plate temperature would not suffice toprevent thermal blinding. TABLE II. Control pulse peak power at 0 % and 100 % clickprobability thresholds for the second bit in the frame, whenthe frame is thermally blinded.Detector Click probabilities0 % 100 %0 401 µ W 533 µ W1 580 µ W 747 µ WTABLE III. Control pulse peak power at 0 % and 100 % clickprobability thresholds for the last bit in the frame, when theframe is thermally blinded.Detector Click probabilities0 % 100 %0 305 µ W 420 µ W1 340 µ W 532 µ W V ga t e , V P l a s e r , m W −0.0800.080.16 V c o m p , V µ s V c li ck , V V ga t e , V P l a s e r , m W −0.0800.080.16 V c o m p , V µ s in the upper set of oscillograms) V c li ck , V µ s 1072 gates = 214.4 µ s225 µ s FIG. 7. Thermal blinding of frames. The oscillograms showelectrical and optical signals when frames of 1072 gates in de-tector 1 are thermally blinded by a 225 µ s blinding pulse, with3 . C. Sinkhole blinding
It is natural to ask whether the framed blinding tech-nique can be applied at the single gate level, i.e. whathappens if bright illumination is applied between adja-cent gates? It turns out that this also leads to blinding,but not primarily due to thermal effects. Since the com-parator input is AC-coupled (see Fig. 2), the signal at theinput of the comparator has the same area over and un- V ga t e , V P l a s e r , m W −0.0800.080.16 V c o m p , V µ s V c li ck , V V ga t e , V P l a s e r , m W −0.0800.080.16 V c o m p , V µ s in the upper set of oscillograms) V c li ck , V µ s 1072 gates = 214.4 µ s225 µ s580 µ W 747 µ W FIG. 8. Detector control during thermal blinding of frames.The oscillograms show electrical and optical signals whenframes of 1072 gates in detector 1 are thermally blinded by a225 µ s blinding pulse, with 3 . µ W control pulse never causes any click.In the lower right set, the control pulse is applied after thesame gate in the frame, but now its increased 747 µ W peakpower always causes a click. der 0 V level when averaged over time much longer thanR4 · C1 = 165 ns. Thus by sending long bright pulses be-tween the gates and no illumination near the gate, it ispossible to superimpose a negative-voltage pulse at thecomparator input at the gate time. We call this negativepulse a sinkhole . An avalanche that occurs within it canhave a normal amplitude yet remain below the compara-tor threshold level. V ga t e , V P l a s e r , m W −0.0800.080.16 V c o m p , V −40 0 40 80 120 160 200 240 280Logic 0Logic 1 Time, ns V c li ck , V FIG. 9. Sinkhole blinding. The oscillograms show electricaland optical signals when detector 1 is blinded by a 500 µ W,140 ns long laser pulse in between the gates. The avalancheamplitude is about 130 mV and would cause a click if it werenot sitting in the negative-voltage pulse. It seems that the re-duction in avalanche amplitude (compare to Fig. 3) is causedby heating of the APD, which effectively rises the breakdownvoltage.TABLE IV. Control pulse peak power at 0 % and 100 % clickprobability thresholds, during sinkhole blinding.Detector Click probabilities0 % 100 %0 655 µ W 751 µ W1 773 µ W 908 µ W Using a 140 ns long pulse beginning about 25 ns af-ter the gate, detector 0 becomes completely blind when P laser > µ W, and detector 1 becomes blind when P laser > µ W. To keep both detectors blind, P laser =500 µ W is used subsequently. When a large pulse is ap-plied between the gates, the detector will always expe-rience a dark count in the gate due to trapped carri-ers. Figure 9 shows detector 1 blinded by a 140 ns long,500 µ W bright pulse, starting about 25 ns after the gate.Initially when the blinding pulses are turned on, thereis a transient with about 20-100 clicks, which would beeasily detectable in post-processing. Note again that theblinding only needs to be turned on once, and that theblinding can be turned on before the raw key exchangeto avoid the clicks being registered.Detector control is obtained by a 3 . V ga t e , V P l a s e r , m W −0.0800.080.16 V c o m p , V −40 −20 0 20 40 60Logic 0Logic 1 Time, ns V c li ck , V −40 −20 0 20 40 60 Time, ns
FIG. 10. Detector control during sinkhole blinding. The os-cillograms show electrical and optical signals when detector 1is blinded with a 500 µ W, 140 ns long laser pulse in betweenthe gates, and controlled with a 3 . µ W control pulsenever causes any click. To the right, the 908 µ W control pulsealways causes a click.
Eq. 1, and thus the eavesdropping method described insection II should be possible when the detectors are sink-hole blinded.
V. DISCUSSION AND COUNTERMEASURES
First of all, the numerous detectors proved blindableand controllable [25–27, 29, 49], and the large numberof independent blinding methods available show thatavoiding this loophole is non-trivial. Further the resultspresented in this paper clearly show that reducing theimpedance of the bias voltage supply is far from being asufficient countermeasure for this detector design.At this point it is not clear to us how to design hack-proof detectors. The most obvious countermeasure is tomonitor the optical power at Bob’s entrance with an ad-ditional detector. However it is not obvious that thisactually closes the loophole; as pointed out previouslythe click threshold close to the gate may be very low, al-lowing for practically non-detectable control pulses [27].Thus it is not clear how to set the threshold value forthe entrance monitor; in any case the threshold shouldbe derived from and incorporated into a security proof.It would also be crucial that this monitoring detector isnot blindable.For the passively quenched scheme it has been pro-posed previously to monitor APD parameters such asAPD bias voltage, current and temperature [25]. How-ever, the results in section IV B show that normal APDparameters do not necessarily guarantee single photonsensitivity: for thermal blinding of frames all the APDparameters report normal values during the frames whilethe detectors are in fact blind.It is worth emphasizing that the loophole opens whenEve drives the detectors into an abnormal operatingregime, namely the linear mode. However, there are alsoquantum detectors which are actually designed to oper-ate in linear mode. For example, homodyne detectorsused in continuous-variable QKD [53, 54] are probablynot susceptible to the described attack.
VI. CONCLUSION
The detectors in the Clavis2 QKD system have provedto be blindable by a variety of methods, even with a low-impedance bias voltage supply. Further, the detectorscan always be controlled in the blind state. This allowseavesdropping on the QKD system, using the method de-scribed in section II. Since Eve may use an exact copy ofBob’s system, no parameters currently available to Bobreveal Eve’s presence. In practice, this should allow forperfect eavesdropping where Eve has an exact copy ofBob’s raw key, and thus can extract the full secret key.The eavesdropping strategy described in section II hasbeen implemented and used to capture 99.8% of the rawkey in a 290 m experimental entanglement-based QKDsystem [29]. We see no practical difficulties implement-ing the same eavesdropper for this commercial QKD sys-tem, using off-the-shelf components. Actually we haveproposed a plug-and-play eavesdropper scheme [27] foreasy deployment.Many detectors have already been proved blindableand controllable by Eve [25–27], and the large varietyof blinding methods available for the system tested couldprobably be used on other detector designs as well. Whileit is relatively easy to design a countermeasure that pre-vents blinding attacks with the specific parameters cho-sen in the present work, it is unclear to us how to buildgeneric secure detectors.This work further emphasizes the importance of thor-oughly investigating the non-idealities of each componentin a QKD system, as well as battle-testing the system asa whole.ID Quantique has been notified about the loopholeprior to this publication, and has implemented counter-measures.
Appendix A: Measurement setup
Figure 11 shows the measurement setup used for thisexperiment. The trigger signal is tapped directly fromthe PECL gate signal (before DD1 in Fig. 2).When pump current is used to control the power ofthe laser, the pulse width will vary slightly with the peak (1536.22 nm)Alcatel 1905 LMIFiber−pigtailed laser
ABC C h a nn e l Trigger 3310033 22 APD 0/1detector 0Gates from Highland TechnologyP400 digital delay generator
FIG. 11. The setup used in the experiment. Both detectorswere illuminated simultaneously by inserting a 50/50 fibre-optic coupler (not shown in the diagram) before the APDs. power. In our experiment, the observed change in pulsewidth is less than 10 % after doubling the laser power.Also, the comparator threshold does not seem to be sig-nificantly dependent on the pulse width, thus we considerour results valid despite this small change in the laserpulse width.
Appendix B: Direct measurement of quantumefficiency
When CW illumination is applied to the APD, theapplied electrical gate “propagates” to the comparatorinput. This might be caused by a change in linear mul-tiplication coefficient caused by the electrical gate. Thisallowed us to measure the quantum efficiency mapped in-side the “propagated” gate with about 200 ps precision.The single photon sensitivity was measured using aid300 short-pulsed laser attenuated to a mean photonnumber of 1 per pulse. The quantum efficiency η was de-rived from the data assuming that the detector is linear(i.e. that an n-photon state is detected with probability1 − (1 − η ) n ). The timing of the photon arrival at theAPD relative to the applied gate was aligned by observ-ing a response to unattenuated laser pulse on top of the2 . −2 −1 0 1 2 3 4 500.511.522.53 Time, ns E l e c t r i c a l ga t e , V −2 −1 0 1 2 3 4 500.0150.030.0450.060.0750.09 Q uan t u m e ff i c i en cy Electrical gateQuantum efficiency
FIG. 12. Quantum efficiency measured directly within theelectrical gate for detector 1. The photon sensitivity dropsabout 1 ns before the falling edge of the gate, becauseavalanches that start late do not have time to develop a largeenough current to cross the comparator threshold.
ACKNOWLEDGMENTS
This work was supported by the Research Council ofNorway (grant no. 180439/V30) and DAADppp mobil- ity program financed by NFR (project no. 199854) andDAAD (project no. 50727598). [1] C. H. Bennett and G. Brassard, in
Proceedings of IEEEInternational Conference on Computers, Systems, andSignal Processing (IEEE Press, New York, Bangalore,India, 1984) pp. 175–179.[2] A. K. Ekert, Phys. Rev. Lett., , 661 (1991).[3] H.-K. Lo and H. F. Chau, Science, , 2050 (1999).[4] P. W. Shor and J. Preskill, Phys. Rev. Lett., , 441(2000).[5] D. Stucki, N. Walenta, F. Vannel, R. T. Thew, N. Gisin,H. Zbinden, S. Gray, C. R. Towery, and S. Ten, New J.Phys., , 075003 (2009).[6] Commercial QKD systems are available from at least twocompanies: ID Quantique (Switzerland), ; MagiQ Technologies (USA), .[7] D. Mayers, in Proceedings of Crypto’96 , Vol. 1109, editedby N. Koblitz (Springer, New York, 1996) pp. 343–357.[8] D. Gottesman, H.-K. Lo, N. L¨utkenhaus, and J. Preskill,Quant. Inf. Comp., , 325 (2004).[9] H. Inamori, N. L¨utkenhaus, and D. Mayers, Eur. Phys.J. D, , 599 (2007).[10] C.-H. F. Fung, K. Tamaki, B. Qi, H.-K. Lo, and X. Ma,Quant. Inf. Comp., , 131 (2009).[11] L. Lydersen and J. Skaar, Quant. Inf. Comp., , 0060(2010).[12] Ø. Marøy, L. Lydersen, and J. Skaar, e-printarXiv:0903.3525, accepted for publication in Phys. Rev.A.[13] A. Vakhitov, V. Makarov, and D. R. Hjelme, J. Mod.Opt., , 2023 (2001).[14] N. Gisin, S. Fasel, B. Kraus, H. Zbinden, and G. Ri-bordy, Phys. Rev. A, , 022320 (2006).[15] V. Makarov, A. Anisimov, and J. Skaar, Phys. Rev. A, , 022313 (2006), erratum ibid. , 019905 (2008).[16] V. Makarov and J. Skaar, Quant. Inf. Comp., , 0622(2008).[17] B. Qi, C.-H. F. Fung, H.-K. Lo, and X. Ma, Quant. Inf.Comp., , 73 (2007).[18] Y. Zhao, C.-H. F. Fung, B. Qi, C. Chen, and H.-K. Lo,Phys. Rev. A, , 042333 (2008).[19] A. Lamas-Linares and C. Kurtsiefer, Opt. Express, ,9388 (2007).[20] S. Nauerth, M. F¨urst, T. Schmitt-Manderbach, H. Weier,and H. Weinfurter, New J. Phys., , 065001 (2009).[21] C.-H. F. Fung, B. Qi, K. Tamaki, and H.-K. Lo, Phys.Rev. A, , 032314 (2007).[22] F. Xu, B. Qi, and H.-K. Lo, e-print arXiv:1005.2376v1[quant-ph].[23] H. F. Chau, Phys. Rev. A, , 060302 (2002).[24] D. Gottesman and H.-K. Lo, IEEE Trans. Inf. Theory, , 457 (2003).[25] V. Makarov, New J. Phys., , 065003 (2009).[26] V. Makarov, A. Anisimov, and S. Sauge, e-printarXiv:0809.3408v2 [quant-ph].[27] L. Lydersen, C. Wiechers, C. Wittmann, D. Elser, J. Skaar, and V. Makarov, Nat. Photonics (2010), doi:10.1038/nphoton.2010.214.[28] C. Wiechers, L. Lydersen, C. Wittmann, D. Elser,J. Skaar, C. Marquardt, V. Makarov, and G. Leuchs,“After-gate attack on a quantum cryptosystem,” Inpreparation.[29] I. Gerhardt, Q. Liu, J. Skaar, A. Lamas-Linares, C. Kurt-siefer, and V. Makarov, in preparation.[30] I. Marcikic, A. Lamas-Linares, and C. Kurtsiefer, Appl.Phys. Lett., , 101122 (2006).[31] M. P. Peloso, I. Gerhardt, C. Ho, A. Lamas-Linares, andC. Kurtsiefer, New J. Phys., , 045007 (2009).[32] S. Cova, M. Ghioni, A. Lotito, I. Rech, and F. Zappa,J. Mod. Opt., , 1267 (2004).[33] All references to the APD bias voltage are absolute val-ued, thus an APD biased “above” the breakdown voltageis in the Geiger mode. In practice the APDs are alwaysreverse-biased.[34] V. Makarov and D. R. Hjelme, J. Mod. Opt., , 691(2005).[35] V. Scarani, A. Ac´ın, G. Ribordy, and N. Gisin, Phys.Rev. Lett., , 057901 (2004).[36] W.-Y. Hwang, Phys. Rev. Lett., , 057901 (2003).[37] X.-B. Wang, Phys. Rev. A, , 012322 (2005).[38] H.-K. Lo, X. Ma, and K. Chen, Phys. Rev. Lett., ,230504 (2005).[39] S. Cova, A. Longoni, and A. Andreoni, Rev. Sci. In-strum., , 408 (1981).[40] D. S. Bethune and W. P. Risk, IEEE J. Quantum Elec-tron., , 340 (2000).[41] A. Tomita and K. Nakamura, Opt. Lett., , 1827 (2002).[42] Z. L. Yuan, B. E. Kardynal, A. W. Sharpe, and A. J.Shields, Appl. Phys. Lett., , 041114 (2007).[43] Osterm, PE4-115-14-15, http://osterm.ru/PAGE/MULTISTAGE.HTM , visited 3. August 2010.[44] Marlow, NL4012, ,visited 3. August 2010.[45] The detectors do not have any dark counts and are as-sumed blind at a temperature of about − ◦ C at the coldplate, or when the bias voltage is decreased by 0 .
97 V. Ifone assumes that the APD temperature is equal to thecold plate temperature, this means that heating the de-tectors by 10 K is equivalent to decreasing the bias volt-age by about 1 V.[46] G. Ribordy, J.-D. Gautier, N. Gisin, O. Guinnard, andH. Zbinden, Electron. Lett., , 2116 (1998).[47] D. Stucki, N. Gisin, O. Guinnard, G. Ribordy, andH. Zbinden, New J. Phys., , 41 (2002).[48] N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, Rev.Mod. Phys., , 145 (2002).[49] S. Sauge, L. Lydersen, A. Anisimov, J. Skaar, andV. Makarov, in preparation.[50] G. Ribordy, J.-D. Gautier, N. Gisin, O. Guinnard, andH. Zbinden, J. Mod. Opt., , 517 (2000). [51] The system actually sends the qubits in frames of 1075qubits each. We initially made a mistake when countingthem and used 1072 qubits, which is very close and doesnot affect the results.[52] We picked the second bit to simplify synchronizationin our measurement setup. The results for the first bit should be very similar to the results for the second bit.[53] S. L. Braunstein and P. van Loock, Rev. Mod. Phys., ,513 (2005).[54] U. L. Andersen, G. Leuchs, and C. Silberhorn, LaserPhoton. Rev.,4