Quantum encryption: Keeping the keys under cover

According to quantum theory, communication systems based on single-photon signals, where two parties share random secret keys known only to them, could provide unbreakable encryption. However, external real-world effects will bring uncertainty into signals, allowing stealthy eavesdroppers to intercept information.

Sergei Molotkov at the Russian Academy of Sciences in Moscow has revealed a previously unknown cryptographic chink in the quantum armour that needs to be addressed in device design.

Cryptographers talk about three characters: the transmitter Alice, who sends a signal to the receiver Bob, while evil Eve tries to eavesdrop on their conversation. In classical electrical or optical communications, Eve can always tap the line without Alice or Bob becoming aware. However, when the signal is reduced to the level of a single photon, quantum effects make Eve’s job far more difficult.

“Unlike a classical optical signal, attempts to eavesdrop disturb the quantum state, leading to errors on the receiving side,” explains Molotkov. “So, any intrusion into the communication channel is detected, as guaranteed by the fundamental laws of the quantum world.”

However, theory doesn’t always translate easily into practice, especially at the quantum level. Even proper quantum state generation is a challenge, so in practical systems each state may comprise more than one single photon. Therefore, a clever Eve could detect two or more photons, keep one in her own quantum memory, and send the rest to Bob, who would not notice any disturbance.

Quantum cryptographers tackle this weakness by sending many mixed-intensity signals called decoy states alongside the information states. Then, any attack by Eve will change the distribution of signal intensities seen by Bob, so he can detect the attack.

Molotkov realized that the decoy state method is vulnerable to ‘active probing’ attacks on the intensity modulator – a device that controls the number of photons in each coherent state. Theoretically, Eve could fire probing states at the intensity modulator and measure their reflections to infer the state of the device, learning parts of the secret keys. Similarly, any other device preparing the information states or measuring them can also be attacked. Furthermore, like any physical experiment, a quantum cryptography system cannot be totally isolated from the outside world, so it will inevitably leak some information in ‘side channels’.

Thankfully, Molotkov suggests it will be straightforward for designers to avoid these types of attack, by employing shielding equipment and optical insulators to ensure that the information leak is below a certain threshold, accounted for at the protocol level.

“The lower the intensity of the reflected probing state, the less accurately the eavesdropper can determine the state of the intensity modulator,” he says. “We can set an upper limit of information leakage to the eavesdropper, thereby protecting the system and ensuring the secrecy of the distributed keys.”