Side-channel free quantum key distribution by Samuel L. Braunstein and Stefano Pirandola IN DEFENSE OF PRIVATE SPACES

In quantum cryptography unconditional security proofs are derived under the assumption that Alice's and Bob's apparata (private spaces) are completely inaccessible by an eavesdropper who, therefore, can only attack the signal systems which are transmitted through the quantum communication channel connecting the two parties. Under this assumption, secret-key rates and security thresholds are derived in both discrete and continuous variable quantum key distribution. One potential loophole in the security proofs is related to how a theoretical protocol is actually implemented experimentally. Any redundant information encoded in extra degree of freedom or extra Hilbert space dimensions outside the theoretical prescription can allow for so-called side-channel attacks. By their nature, such attacks may be of classical or quantum degrees of freedom and are insidious because even quantifying their threat appears to involve understanding what have been called unknown unknowns about the vulnerability of the experimental setup. Progress has been made on eliminating side channel attacks in the quantum communication channels between private spaces, but this leaves open potential attacks on the private spaces through their quantum communication ports. Let us therefore take a step back and consider private spaces in more details: What goes on in Alice's and Bob's private spaces involves a significant amount of classical information processing; at the very least the key itself will be generated and stored as classical information. Now with virtually any technology we have today classical information is stored, processed and transmitted in a highly redundant fashion (many electrons are used to charge a capacitor to represent a bit value, or many electrons must pass through the base junction of a transistor to effect a logical switching operation, tapping on a keyboard produces sound waves and electromagnetic signals in addition to the 'legitimate' electrical signals in the wires, etc). In principle any of this redundant information may leak out of the private space through a " parasite " channel. An eavesdropper might therefore ignore the quantum communication channel and directly attack Alice's and Bob's apparata by exploiting the presence of parasite channels: this is also a " side-channel attack ". The implicit assumption in quantum cryptography is that we could always improve technology in such a way that Alice's and Bob's private spaces are not affected by the presence of parasite channels, so that the legitimate participants do indeed have access to absolutely private spaces. (For instance, Alice and Bob could simulate the classical information …