Countermeasures
Countermeasures represent security concepts and classes of technologies that can be used to prevent a technique from being successfully executed or limiting its impact.
Countermeasures: 57
QID | Title | Description | Type | |
---|---|---|---|---|
CM-0001 | Privacy amplification |
Privacy Amplification is a countermeasure employed in Quantum Key Distribution (QKD) systems to transform a potentially partially compromised key into a highly secure one, using hash functions to remove any patterns exploitable by eavesdroppers. |
Quantum | |
CM-0002 | True Single Photon Source |
The deployment of the true single-photon source that emits one photon at a time will eliminate vulnerabilities associated with multiphoton emissions, e.g. in weak coherent sources. |
Quantum | |
CM-0003 | Decoy States Employment |
The Decoy state method enhances security against eavesdropping by interspersing the signal pulses with decoy pulses of varying intensities, thereby confusing potential interceptors. |
Quantum | |
CM-0006 | Employing Another Quantum Protocol |
Employing another quantum protocol is a strategy, where switching to alternative QKD protocols can mitigate specific vulnerabilities and enhance security against certain types of quantum attacks. |
Quantum | |
CM-0007 | Proper Implementation of Quantum Communication Protocol and QBER Estimation |
Proper implementation of quantum communication protocol and Quantum Bit Error Rate (QBER) estimation is crucial for ensuring the resilience of quantum communication systems against intercept-and-resend attacks, serving as the foundation for securing all forms of quantum communication. |
Quantum | |
CM-0008 | Employment of Optical Isolation |
An optical isolator allows light to pass in one direction while attenuating light in the reverse direction. It's usually placed on the transmitter's (Alice's) side to protect from back reflections. Using it on the receiver's side (Bob's side) is less common, as it would cause significant signal loss.
|
Quantum | |
CM-0011 | Watchdog Detector |
A watchdog detector monitors incoming light in quantum communication systems, serving as a multifunctional tool for security and signal integrity. |
Quantum | |
CM-0012 | Continuous Device Functionality Monitoring |
Continuous functionality monitoring is a critical countermeasure in quantum communication systems, aimed at preserving the integrity and effectiveness of security components like optical isolators, monitors, and watchdog detectors. |
Quantum | |
CM-0013 | Employment of Optical Filters |
Optical filters in quantum communication systems selectively permit only desired wavelengths or arriving-direction signals to pass. |
Quantum | |
CM-0014 | Full Device Imperfections Incorporation in Scientific Security Proof |
Incorporating all device imperfections into the scientific security proof of quantum communication systems ensures robustness by accounting for all potential vulnerabilities after implementing countermeasures. |
Quantum | |
CM-0015 | Active Phase Randomisation |
Active phase randomisation involves continuously varying the phase of emitted quantum signals to enhance security, with optimal implementation including monitoring of the randomisation process. |
Quantum | |
CM-0016 | State Preparation Monitoring |
State preparation monitoring ensures that key parameters of quantum signals—such as time, wavelength, and polarization—adhere to expected standards in a QKD system. |
Quantum | |
CM-0017 | Detector Monitoring |
Detector monitoring employs various testing and monitoring functions to ensure correct operation and detect potential malicious activities within quantum detection systems. |
Quantum | |
CM-0021 | Random Detection Efficiency Changing of APD |
Randomly altering the detection efficiency of APDs and analyzing expected efficiencies and QBERs can detect and counteract attacks on quantum detectors. |
Quantum | |
CM-0024 | Signal Upconversion |
Signal upconversion in QKD receivers, involving a nonlinear process to change signal wavelengths, offers a robust defence against various quantum hacking techniques. |
Quantum | |
CM-0026 | Time Gating |
Time gating is used in quantum communication to limit detector or modulator exposure to brief, specific intervals, reducing vulnerability to external threats. |
Quantum | |
CM-0027 | Arrival Time Monitoring |
Arrival time monitoring in QKD systems is crucial for detecting timing manipulations in protocols like plug-and-play and MDI-QKD. |
Quantum | |
CM-0030 | Quantum Device Optimal Design and TEMPEST |
The optimal design of quantum communication devices, including QKD nodes, optical ground stations, and communication satellites, is crucial to minimize vulnerabilities to adversarial actions. |
Quantum | |
CM-0034 | Passive Quantum Communication Transmitters |
Passive transmitters using a linear optics network and post-selection offer intrinsic immunity against specific attacks like Trojan Horse Attacks (THA). |
Quantum | |
CM-0036 | External Magnetic Field Monitoring |
Monitoring for abnormal external magnetic fields to detect and mitigate potential security threats. |
Quantum | |
CM-0037 | Passive Phase Randomisation |
Implementing passive phase randomisation in QKD, e.g., by operating lasers in gain-switched mode. |
Quantum | |
CM-0038 | Phase Modulator Triggering |
Triggering phase modulators with incoming bright light pulses to enhance QKD system security. |
Quantum | |
CM-0039 | Bit-Mapped Gating |
Bit-mapped gating is a countermeasure in QKD systems that randomizes detection mappings to prevent detector-control attacks. |
Quantum | |
CM-0040 | Temperature Monitoring |
Temperature monitoring detects undesired variations in critical components like lasers and detectors. |
Classical | |
CM-0041 | Quantum Source Monitoring |
Quantum source monitoring controls crucial parameters like the pulse repetition period of the laser to prevent synchronization issues. |
Quantum | |
CM-0043 | Detector with Random Jitter |
Introducing random jitter in detector synchronization to safeguard against specific quantum attacks. |
Quantum | |
CM-0046 | Active Polarisation State Scrambling |
Active polarization state scrambling enhances QKD receiver security by dynamically altering the polarization states. |
Quantum | |
CM-0047 | Gain Modulation of the Photocurrent |
Gain modulation of the photocurrent in APDs thwarts thermal attacks by adjusting response to continuous-wave power levels. |
Quantum | |
CM-0048 | Dead Time Enforcement and Gating Window Discrimination |
Enforcing dead time and discriminating gating windows to secure detection timing in QKD systems. |
Quantum | |
CM-0053 | Active Reset Mechanism |
Implementing an active reset mechanism to prevent permanent latching of detectors in quantum communication systems. |
Quantum | |
CM-0055 | Single-Mode Fiber Coupling |
This countermeasure involves coupling all quantum states into a single-mode optical fibre before their release into the free-space channel. |
Quantum | |
CM-0056 | Single Laser Diode Utilization |
Single Laser Diode Utilization aims to completely eliminate information leakage related to laser characteristics (including spatial, spectral, and temporal aspects), employing a single laser diode for state generation in quantum key distribution systems. |
Quantum | |
CM-0057 | Wavelength Randomization |
A controlled random variation in the wavelength of the laser diodes used by the transmitter (Alice). |
Quantum | |
CM-0061 | Detector's Dead Time Management |
Many techniques exploit a Single-Photon Detector's (SPD's) dead time. Therefore it is appropriate to manage this detector's period, e.g. by simultaneous hold-off or by self-disabling. |
Quantum | |
CM-0062 | Management of Published Information In Classical Channel Communication |
This countermeasure focuses on the meticulous handling of timing data and other potentially revealing information that is shared over public channels during the QKD process. |
Quantum | |
CM-0063 | Employment of External Intensity Modulator |
External intensity modulators in QKD systems ensure no timing mismatch between signal and decoy states. |
Quantum | |
CM-0064 | Triple Intensity Modulation for Side Channel Elimination |
Triple Intensity Modulation technique in TF-QKD systems addresses frequency side channels by modulating signal and reference pulses. |
Quantum | |
CM-0066 | Use of Verifiable Secret Sharing and Privacy Amplification Techniques |
Employing verifiable secret sharing and privacy amplification techniques to bolster security in QKD systems. |
Quantum | |
CM-0070 | Power Analysis Masquerading and Obscuring |
This countermeasure incorporates several tactics to obscure the power consumption patterns that could otherwise be exploited to infer sensitive key information. These methods focus on altering the detectable computational behaviour without affecting the integrity or outcome of the reconciliation process. These methods, for example, include: Randomizing Power Consumption, Dynamic Voltage and Frequency Scaling, Randomization of Syndrome Computation Order, Insertion of Dummy Operations. |
Classical | |
CM-0074 | Quantum Threat Intelligence Program |
A Quantum Threat Intelligence Program equips organizations with the capability to generate and analyze threat intelligence specific to quantum systems. This program tracks trends and developments in quantum computing, communication, sensing and cybersecurity, helping to inform defensive strategies and mitigate risks associated with quantum technologies. An example of such a solution is SQOUT by QuDef. |
Classical | |
CM-0076 | Tamper Protection |
Tamper Protection involves implementing security measures to prevent "classical" unauthorized access and alterations to the physical hardware and related components. |
Classical | |
CM-0077 | End-to-End Encryption for Classical Channels in Quantum Communication Systems |
End-to-End Encryption (E2EE) is a countermeasure for securing the classical communication channels within quantum communication systems, ensuring that all data transmitted between devices is encrypted and only accessible to the intended recipients. |
Classical | |
CM-0085 | Quantum Network Traffic Rerouting |
Quantum Network Traffic Rerouting is a countermeasure in quantum communication systems that involves switching to backup Quantum Key Distribution (QKD) links or altering the routing paths of quantum connections to mitigate the impact of attacks or failures. |
Quantum | |
CM-0086 | Prior Hardware Component Study |
Conducting studies on individual hardware component behaviour to identify and mitigate potential vulnerabilities under various conditions. |
Quantum | |
CM-0087 | Real-time Quadrature Measurements with Random Optical Attenuations |
Acquire and process quadrature measurements in real-time at randomly chosen optical attenuations to detect attacks by revealing deviations in the expected linear relationship between signal and noise variances. |
Quantum | |
CM-0088 | Pattern Recognition Using Machine Learning |
Utilize machine learning with neural networks trained on simulations to recognize patterns of specific attacks. |
Hybrid | |
CM-0089 | Discarding Non-linear Data Blocks |
Discard data blocks with measurement outcomes outside the linearity region while ensuring the Gaussianity of the remaining data. Applicable for CV-QKD. |
Quantum | |
CM-0095 | Proper Quantum Channel Calibration |
Regular and randomized calibration of the quantum channel helps prevent intercept-and-resend attacks by ensuring accurate estimation of channel transmittance, thereby protecting the integrity of the secret key. |
Quantum | |
CM-0096 | Upgraded Trusted Phase Noise Model |
Enhancing the trusted phase noise model by assuming a lossless channel for reference signal transmission can mitigate attacks exploiting phase-reference alignment vulnerabilities. |
Quantum | |
CM-0098 | True Discrete Modulation |
The goal is to adopt true discrete modulation instead of approximate Gaussian modulation. The discrete modulation can offer better security assurances by eliminating the vulnerabilities associated with the finite resolution and range of the modulation devices. |
Quantum | |
CM-0099 | Variable Optical Attenuator |
Variable optical attenuators (VOAs) can adjust the optical power reaching each photodiode, compensating for the differences in quantum efficiencies and restoring balance in the homodyne detection process [Kong2022]. |
Quantum | |
CM-0101 | Effective Photon Lifetime Management |
Ensuring that the effective photon lifetime is shorter than the turn-off duration of the laser diode can also help in mitigating phase correlations [Kobayashi2014]. |
Quantum | |
CM-0103 | Advanced Laser Diodes |
Employment of advanced laser diodes in the transmitter can help reduce surface attack for the side-channel attack. This include, e.g. spectral filtering and temperature-stabilized diodes, shorter gates, produced repetition rate, etc. |
Quantum | |
CM-0104 | Initializing Modulation Devices After Each Pulse |
Resetting the modulation device after each pulse emission by Alice can minimize pulse correlations and protect the security of QKD systems. |
Quantum | |
CM-0107 | Replacing Intensity Modulators with IQ Modulators |
Replacing traditional intensity modulators with IQ modulators can reduce pattern effects due to intensity correlations, particularly in decoy-state QKD setups. |
Quantum | |
CM-0108 | Optimizing DC Bias Conditions |
Finding suitable DC bias levels for laser diodes under specific clock speeds can reduce temporal disparities and intensity fluctuations, thereby mitigating laser side channels in QKD systems. |
Quantum | |
CM-0110 | Temporal Filtering Techniques |
Applying temporal filtering techniques can help remove unwanted photon detections, thereby reducing the quantum bit error rate (QBER) and improving the security of QKD systems. |
Quantum |