Quantum key distribution: a survey on current vulnerability trends and potential implementation risks

Abstract

Quantum key distribution (QKD) is a cryptographic technique that enables secure private key exchange between geographically distant parties over an insecure channel, protecting confidentiality against potential eavesdroppers. QKD has evolved significantly since its inception with the BB84 protocol proposed by Bennett and Brassard in 1984. Its theoretical foundation relies on quantum physics, particularly the uncertainty principle, the no-cloning theorem, and particle entanglement, which ensures its information-theoretic security when combined with the one-time-pad cryptographic algorithm. However, certain security loopholes persist in terms of practical implementation in commercial devices. Some vulnerabilities are associated with side-channel vectors linked to commonly used optical subcomponents, while others are more related to how existing protocols handle encoding and communication pipelines. In this work, we aim to comprehensively study the current state of security loopholes affecting QKD technology in commercial devices. We also provide a concise overview of the existing types of QKD implementations. Additionally, we offer insights into current trends and vulnerability countermeasures, paving the way for future research and novel mechanisms to enhance the implementation security of commercial QKD devices.