Quantum key distribution involves establishing a key between a sender (“Alice”) and a receiver (“Bob”) by using weak (e.g., 0.1 photon on average) optical signals or “qubits” transmitted over a “quantum channel.” The security of the key distribution is based on the quantum mechanical principle that any measurement of a quantum system in unknown state will modify its state. As a consequence, an eavesdropper (“Eve”) that attempts to intercept or otherwise measure the qubits will introduce errors and reveal her presence.
The general principles of quantum cryptography were first set forth by Bennett and Brassard in their article “Quantum Cryptography: Public key distribution and coin tossing,” Proceedings of the International Conference on Computers, Systems and Signal Processing, Bangalore, India, 1984, pp. 175-179 (IEEE, New York, 1984). Specific QKD systems are described in U.S. Pat. No. 5,307,410 to Bennett, and in the article by C. H. Bennett entitled “Quantum Cryptography Using Any Two Non-Orthogonal States”, Phys. Rev. Lett. 68 3121 (1992). The general process for performing QKD is described in the book by Bouwmeester et al., “The Physics of Quantum Information,” Springer-Verlag 2001, in Section 2.3, pages 27-33.
The above-mentioned references by Bennett each describe a QKD system wherein Alice randomly encodes the polarization or phase of single photons at one end of the system, and Bob randomly measures the polarization or phase of the photons at the other end of the system. The system described in the Bennett 1992 paper is based on two optical fiber Mach-Zehnder interferometers. Respective parts of the interferometric system are accessible by Alice and Bob so that each can control the phase of the interferometer.
In a QKD system, the operation of the key elements—namely, the laser, the modulators and the single-photon detectors (SPDs)—need to be synchronized. This is accomplished by sending synchronization (“sync”) signals between the two stations of the QKD system—either both ways or one way—over a sync channel. The modulators and the detectors are gated via the sync signals to the expected arrival times of photons emitted by the laser. This gating maximizes the security of the system by minimizing an eavesdropper's ability to deduce the state of the modulators. If an eavesdropper were to know the state of Alice's modulator, she would be able to deduce the value of the exchanged pulses (qubits) and thus deduce information about the exchanged key. Gating of the SPDs also reduces false counts, e.g., due to dark count noise.
In a commercial QKD system, there is a strong desire to use the existing single optical fiber link to carry all three QKD channels, namely: the public discussion channel, the sync channel, and the single photon (“quantum”) channel. In such systems, an attack on the system can occur in which the eavesdropper/attacker injects light into the optical fiber link with the same wavelength as the sync signal. In one form of attack, the injected light is inserted into the sync channel with the intent of destabilizing the QKD system, e.g., by altering the system timing. Another possibility is for the eavesdropper/attacker to inject light into the sync channel with the hope of having the modulator at Alice in a two-way QKD system modulate the injected signal before it is reflected out of Alice and back to Bob. The modulated injected signal could then be examined, and thereby reveal information about the modulator state at Alice, which ultimately could yield information about the exchanged key.