Ordinary light can break the security of a standard quantum method for sharing private information.

Quantum key distribution allows two people in separate locations to use the rules of the quantum world to create a secret key, which they can use to exchange encrypted messages. But Jan-Åke Larsson at the University of Linköping in Sweden and his colleagues show how to trick one standard method for making such keys. By hijacking the light source that the two parties use to create their shared key, an attacker can control sensitive detectors at either person's location, fooling a security check into believing that no one has meddled with the protocol. The attacker can then intercept messages undetected.

The authors also show how security can be recovered by performing a different test.

Sci. Adv. 1, e1500793 (2015)