Quantum eavesdropping without interception: an attack exploiting the dead time of single-photon detectors

The security of quantum key distribution (QKD) can easily be obscured if the eavesdropper can utilize technical imperfections in the actual implementation. Here, we describe and experimentally demonstrate a very simple but highly effective attack that does not need to intercept the quantum channel at all. Only by exploiting the dead time effect of single-photon detectors is the eavesdropper able to gain (asymptotically) full information about the generated keys without being detected by state-of-the-art QKD protocols. In our experiment, the eavesdropper inferred up to 98.8% of the key correctly, without increasing the bit error rate between Alice and Bob significantly. However, we find an even simpler and more effective countermeasure to inhibit this and similar attacks.