Quantum communication is often seen as the future of secure messaging because it uses the strange laws of quantum physics to protect information.
But a new study from engineers at the University of Toronto has revealed hidden flaws in some of the devices used in quantum communication systems—flaws that could be used by hackers to listen in without being detected.
The problem lies in what’s known as “side channels”—unintended ways that information can leak out of a system.
These side channels don’t appear in the main part of the message, but rather through small imperfections in the devices used to send or receive the signal.
Back in the early 2000s, researchers discovered side channels in the detectors that receive quantum signals.
To solve this, Professor Hoi-Kwong Lo and his team created a special method in 2012 called measurement-device-independent quantum key distribution (MDI-QKD), which made those detectors safe from such attacks.
Now, Amita Gnanapandithan, a PhD student supervised by Lo and Professor Li Qian, has turned her attention to the other end of the communication system: the source—the device that creates the quantum particles, usually photons, that carry the message.
In secure quantum communication, information is often encoded into the polarization of light, using a pair of quantum properties called “conjugate variables.”
The idea is that if someone tries to eavesdrop, they would disturb the signal, and the disturbance would be noticed. This is what gives quantum communication its special security.
However, Gnanapandithan explains that the security of the message depends on the assumption that the polarization (or the way light is being encoded) is not linked to any other property of the light. If it is, then someone could read that other property to steal the message without disturbing it.
This assumption is called the “dimensional assumption,” and it turns out that it doesn’t always hold true in real-world devices.
Sometimes, signals sent one after another can interfere with each other—this is known as the “pattern effect.” But in her new study, Gnanapandithan found a different kind of flaw.
She discovered that the encoding process in the light source can actually change within a single pulse of light.
This happens because the devices used to modulate (or control) the light don’t always work perfectly—they might be too slow or distorted due to low bandwidth. As a result, the encoded message leaks into other properties of the light, creating what she calls “hidden multi-dimensional modulation.”
This newly discovered flaw is especially serious for systems using low-bandwidth equipment. However, newer types of systems—called passive quantum key distribution (QKD) sources—avoid these issues because they don’t use modulators at all.
Professor Lo says the next step is to find ways to fix or avoid these new side channels. While any solution could bring new challenges, identifying the problem is a crucial first step.
As Lo puts it, “You never know how many layers there are going to be, but the key is to understand what you’re dealing with—and that’s what we’ve done here.”
