Experimental vulnerability analysis of QKD based on attack ratings

Inspired by the methodology used for classical cryptographic hardware, we consider the use of attack ratings in the context of QKD security evaluation. To illustrate the relevance of this approach, we conduct an experimental vulnerability assessment of CV-QKD against saturation attacks, for two different attack strategies. The first strategy relies on inducing detector saturation by performing a large coherent displacement. This strategy is experimentally challenging and therefore translates into a high attack rating. We also propose and experimentally demonstrate a second attack strategy that simply consists in saturating the detector with an external laser. The low rating we obtain indicates that this attack constitutes a primary threat for practical CV-QKD systems. These results highlight the benefits of combining theoretical security considerations with vulnerability analysis based on attack ratings, in order to guide the design and engineering of practical QKD systems towards the highest possible security standards.

In this supplementary material, we consider a relaxed security setting, where channel loss is not precalibrated and actively monitored, by Alice and Bob as it was the case for the security setting considered in the main text. We complement the experimental study of the saturation attacks (coherent 1 and incoherent 2 ) in this more relaxed security setting. This allows us to discuss the interplay between security setting and attack ratings.
Moreover, we provide for completeness the formulas that have been used throughout the main text and supplementary material in order to estimate CV-QKD secure key rates, that are computed in the asymptotic limit (infinite number of channel use) and against collective attacks.

Attack success conditions and channel transmittance monitoring
In the main text, we have considered saturation attack under the following success conditions: (a) Alice and Bob obtain a positive key rate from their estimated parameters T sat and ξ sat (b) The estimated channel transmittance T sat must be (approximately) equal to the calibrated channel transmittance T .
The second condition implies that Alice and Bob must securely calibrate (independently of the QKD runs and in particular independently of Eve) the channel transmittance. They must then actively monitor the estimated channel transmittance T sat , throughout the QKD runs, to verify that condition (b) applies. We can denote this security setting as channel transmittance trusted calibration and active monitoring.
As illustrated in the main text, condition (b) imposes constraints on Eve attack. In particular, we found out that below a certain transmission distances, Eve cannot successfully mount the saturation attack and verify (a) and (b).

Relaxed setting: unmonitored channel transmittance
It is interesting to study the impact of relaxing condition (b) on the possibility to launch the incoherent or coherent saturation attacks. Eve can then mount saturation attacks as long as the excess noise, ξ sat remains below the null key threshold, i.e. enforce condition (a) only, without being limited by condition (b). Figure1 shows the excess noise and key rate in this relaxed security setting, both for coherent and incoherent attack strategy. Since the relaxed suc-cess condition imposes no contraints on the estimated transmittance, Eve can mount the attacks in all the transmission distances, provided the excess noise can be biased sufficiently by the saturation attacks. This is not the case for the coherent attack, as can be seed on Figure1(a), that hence results in zero key. Error bars are one standard deviation of fluctuations among ten smaller data block of size 10 7 . Coherent attack returns zero key rate as the excess noise is above the null key threshold.
For the saturation attack based on coherent displacement 1 and incoherent saturation with an external laser, 2 we have estimated, for each transmission distance, the optimal ∆ and G such that excess noise falls below the null key threshold, irrespective of the channel transmittance. This is shows in Figure2 (a) for ∆ and (b) for G.

Analysis and Attack rating
The unmonitored channel losses relaxed security condition clearly results in lower ratings of the possible attacks, i.e. attacks easier to implement. One comparison of the impact of the security setting is visible on Figure 3, for coherent and incoherent saturation attacks. The relaxed security setting corresponds to Figure 3 (a). In this security setting, Eve is allowed to operate the attack on a wide range of distances, without restrictions on the value taken by T sat . On the other hand, Figure 3 (b) corresponds to the security setting where channel loss is monitored. The condition T sat = T can only then only be enforced for distances larger than 35 km, limiting the exposition to the attack. Figure 3 shows the direct comparison of both success conditions. Red solid line shows the channel transmittance with transmission distances, assuming 0.2dB loss per km fibre channel. The simulated (black square)and experimental data (blue solid square) under saturation attack shows: in Figure3 (a) channel transmittance is not maintained as per the relaxed success criteria; in Figure3 (b) channel transmittance can only be maintained after 35km of transmission distance.
If we consider the incoherent saturation attack, its was rated as Moderate with an Attack Potential of 14 in the main text. This rating was performed in a security setting where channel loss is actively monitored. As can be seen on Figure 3, we can we can claim that the tuning of the setup, necessary to successfully perform an attack, will be in general less complex in the relaxed security setting, since the choice of the parameters ∆ and G will not be limited by strict constraints any more. This inevitably brings a lower rating, mostly driven by a change in the Window of Opportunity factor (from Moderate) to Easy). Therefore, the Attack Potential changes to 11, but the qualitative rating remains Moderate. This lower complexity is reflected in the absence of a distance limitation for the success of the attack, which allows Eve to operate her attack with less control either of her own hardware, or with respect to Alice and Bob monitoring.
The analysis also illustrates that a QKD protocol and an attack is not only defined by what the players can do during the QKD runs, but are also constrained (and protected) by important additional measures such as calibration and monitoring, that play a direct role in the overall resistance against malicious tampering, and more generally, in the security level that can be provided by the QKD system.

Estimation of secure key rate
In order to evaluate the secure key generation rate, we have considered the security in asymptotic limit, against collective attack. The final secure key rate, in reverse reconciliation, can be written as: Here, β is the reconciliation efficiency. I AB is the mutual information between Alice and Bob and χ EB is Eve's the accessible information-Holevo bound, 3 in reverse reconciliation-in which Alice corrects initial quadrature information as per Bob's noisy measurement outcomes. The mutual information between Alice and Bob is: Where, χ tot is the total noise, which includes the channel noise χ line = (1 − T )/T + ξ and the detection noise χ hom = (1 − η + v ele )/η. Here, η is Bob's detection efficiency and v ele is the electronic noise variance of the homodyne detector.
The Holevo bound for Eve's accessible information can be estimated as: where, S(ρ E ) is the Von Neumann entropy of the state that Eve poses, p(X B ) is the probability distribution of Bob's measurements and ρ E|B is Eve's states conditioned on Bob's measurement. The above equation can further simplified into: Where G(x) = (x+1) log 2 (x+1)−x log 2 x, λ 1,2 are the symplectic eigenvalues of the covariance matrix that characterize a joint state ρ AB and λ 3,4,5 are that of the state left after Bob's measurement. One can find the eigenvalues as: in which, A = V 2 (1 − 2T ) + 2T + T 2 (V + χ line ) 2 and B = T 2 (V χ line + 1) 2 with V = V A + 1. Similarly, where, C = (V √ B+T (V +χ line )+Aχ hom )/(T (V + χ tot )) and D = √ B((V + √ Bχ hom )/(T (V + χ tot ))) and the last symplectic eigenvalue λ 5 is 1. Plugging Eq.5 and Eq.6 in Eq.4 we can estimate upper bound of Eve's accessible information and then the final secure key rate from Eq.1.