pith. sign in

arxiv: 2510.16868 · v1 · pith:IBSRH7N6new · submitted 2025-10-19 · 🪐 quant-ph · physics.optics

Countermeasures for Trojan-Horse Attacks on self-compensating all-fiber polarization modulator

Alberto De Toni , Aynur Cemre Aka , Costantino Agnesi , Davide Giacomo Marangon , Giuseppe Vallone , Paolo Villoresi This is my paper

Pith reviewed 2026-05-18 06:03 UTC · model grok-4.3

classification 🪐 quant-ph physics.optics
keywords Trojan-Horse attacksQuantum Key DistributionPolarization modulatorCountermeasuresiPOGNAC encoderAll-fiber opticsImplementation security
0
0 comments X

The pith

Adapted countermeasures can mitigate Trojan-Horse attacks on the iPOGNAC encoder in quantum key distribution systems.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper investigates how an eavesdropper can exploit Trojan-Horse attacks by injecting light into the iPOGNAC all-fiber polarization modulator and analyzing the returning signals to compromise the device. It identifies specific vulnerabilities in this self-compensating setup and outlines adapted countermeasures designed to limit the information leakage from back-reflections. A sympathetic reader would see this as a step toward closing practical gaps in QKD hardware security, where implementation flaws can undermine the physics-based guarantees of the protocol. If the countermeasures hold, they would allow the iPOGNAC to be used with reduced risk in fiber networks without altering the core quantum mechanics of key exchange.

Core claim

The authors claim that vulnerabilities in the iPOGNAC encoder against Trojan-Horse attacks can be addressed through adapted countermeasures that target the back-reflected light, thereby mitigating the attack without requiring fundamental changes to the modulator design.

What carries the argument

The iPOGNAC encoder, a self-compensating all-fiber polarization modulator, whose reflected signals the adapted countermeasures are intended to suppress.

If this is right

  • QKD implementations using the iPOGNAC can incorporate these measures to lower the success probability of light-injection attacks.
  • All-fiber polarization modulators become more suitable for secure key distribution in noisy or lossy channels when reflections are controlled.
  • Security evaluations of similar self-compensating devices must account for these specific countermeasures in their threat models.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The approach could extend to other all-fiber components in QKD setups that rely on polarization encoding.
  • Combining these countermeasures with existing finite-key analysis might yield tighter overall security proofs for deployed systems.
  • Testing the countermeasures under realistic fiber lengths and noise levels would clarify their performance limits.

Load-bearing premise

The vulnerabilities in the iPOGNAC can be effectively reduced by these adapted countermeasures even without new quantitative security bounds or direct experimental tests of the mitigation.

What would settle it

A measurement showing that an eavesdropper still obtains usable information about the polarization state from the back-reflected light after the countermeasures are applied.

Figures

Figures reproduced from arXiv: 2510.16868 by Alberto De Toni, Aynur Cemre Aka, Costantino Agnesi, Davide Giacomo Marangon, Giuseppe Vallone, Paolo Villoresi.

Figure 1
Figure 1. Figure 1: FIG. 1: Scheme of the setup for the THA on the [PITH_FULL_IMAGE:figures/full_fig_p002_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: FIG. 2: Theoretical prediction accuracy with respect to the mean photon number [PITH_FULL_IMAGE:figures/full_fig_p003_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: FIG. 3: Theoretical detection probabilities for each [PITH_FULL_IMAGE:figures/full_fig_p005_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: FIG. 4: 2D-histogram of the waveform resulting from [PITH_FULL_IMAGE:figures/full_fig_p006_4.png] view at source ↗
Figure 6
Figure 6. Figure 6: FIG. 6: Mean of [PITH_FULL_IMAGE:figures/full_fig_p007_6.png] view at source ↗
Figure 5
Figure 5. Figure 5: FIG. 5: Waveform with calculated symbol positions and [PITH_FULL_IMAGE:figures/full_fig_p007_5.png] view at source ↗
Figure 7
Figure 7. Figure 7: FIG. 7: Waveform with calculated symbol positions and [PITH_FULL_IMAGE:figures/full_fig_p007_7.png] view at source ↗
Figure 9
Figure 9. Figure 9: FIG. 9: Mean photon number [PITH_FULL_IMAGE:figures/full_fig_p008_9.png] view at source ↗
Figure 10
Figure 10. Figure 10: FIG. 10: Prediction accuracy in relation to the mean [PITH_FULL_IMAGE:figures/full_fig_p009_10.png] view at source ↗
Figure 11
Figure 11. Figure 11: FIG. 11: Attenuation required to counteract the THA [PITH_FULL_IMAGE:figures/full_fig_p011_11.png] view at source ↗
read the original abstract

Quantum Key Distribution (QKD) leverages the principles of quantum mechanics to exchange a secret key between two parties. Unlike classical cryptographic systems, the security of QKD is not reliant on computational assumptions but is instead rooted in the fundamental laws of physics. In a QKD protocol, any attempt by an eavesdropper to intercept the key is detectable: this provides an unprecedented level of security, making QKD an attractive solution for secure communication in an era increasingly threatened by the advent of quantum computers and their potential to break classical cryptographic systems. However, QKD also faces several practical challenges such as transmission loss and noise in quantum channels, finite key size effects, and implementation flaws in QKD devices. Addressing these issues is crucial for the large-scale deployment of QKD and the realization of a global quantum internet. A whole body of research is dedicated to the hacking of the quantum states source, for example using Trojan-Horse attacks (THAs), where the eavesdropper injects light into the system and analyzes the back-reflected signal. In this paper, we study the vulnerabilities against THAs of the iPOGNAC encoder, first introduced in Avesani, Agnesi et al., to propose adapted countermeasures that can mitigate such attacks.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The manuscript analyzes the susceptibility of the iPOGNAC self-compensating all-fiber polarization modulator (used as an encoder in QKD) to Trojan-Horse attacks that exploit back-reflections, and proposes device-specific adapted countermeasures including additional optical isolation and state randomization to reduce leakage.

Significance. If the proposed mitigations demonstrably limit the information an eavesdropper can extract from back-reflected light, the work would offer practical value for hardening a specific class of polarization modulators against a known side-channel attack, thereby supporting more secure QKD hardware deployments.

major comments (2)
  1. [Vulnerability analysis and countermeasures sections] The central claim that adapted countermeasures mitigate THAs rests on qualitative device analysis; however, no quantitative leakage bounds, reflected-power measurements, or security-parameter calculations are supplied to show how much the attack success probability is reduced (see the vulnerability-analysis and countermeasures sections).
  2. [Countermeasures section] No experimental validation, simulation results, or error analysis of the proposed fixes (e.g., isolation attenuation values or randomization entropy) is presented, leaving the mitigation effectiveness unverified and the claim load-bearing on untested assumptions.
minor comments (2)
  1. [Abstract] The abstract would be clearer if it briefly listed the specific countermeasures (additional isolation, state randomization) rather than only stating that they are proposed.
  2. [Device description] Notation for the modulator components and back-reflection paths should be defined consistently when first introduced to aid readers unfamiliar with the iPOGNAC architecture.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the careful reading of our manuscript and the constructive comments. We agree that strengthening the quantitative support for the proposed countermeasures would improve the work and will revise the manuscript to address these points while preserving its focus on device-specific analysis of the iPOGNAC encoder.

read point-by-point responses

  1. Referee: [Vulnerability analysis and countermeasures sections] The central claim that adapted countermeasures mitigate THAs rests on qualitative device analysis; however, no quantitative leakage bounds, reflected-power measurements, or security-parameter calculations are supplied to show how much the attack success probability is reduced (see the vulnerability-analysis and countermeasures sections).

    Authors: We agree that quantitative estimates would strengthen the central claim. The manuscript currently emphasizes the qualitative device physics of back-reflections in the self-compensating all-fiber design. In the revision we will add order-of-magnitude calculations of leakage reduction, using representative isolation values (30–40 dB) and the entropy contribution from state randomization, together with references to standard QKD information-leakage models to bound the eavesdropper’s success probability. revision: yes

  2. Referee: [Countermeasures section] No experimental validation, simulation results, or error analysis of the proposed fixes (e.g., isolation attenuation values or randomization entropy) is presented, leaving the mitigation effectiveness unverified and the claim load-bearing on untested assumptions.

    Authors: The referee correctly notes the lack of experimental or simulation data. This work is an analytical study that identifies vulnerabilities and proposes tailored countermeasures based on the modulator’s optical properties. We will expand the countermeasures section with a discussion of simulation approaches, typical measured isolation values from comparable fiber components, and an explicit statement of the assumptions and associated uncertainties. Full experimental validation remains outside the scope of the present manuscript and is planned for future work. revision: partial

Circularity Check

0 steps flagged

No significant circularity detected

full rationale

The paper analyzes device-specific vulnerabilities of the iPOGNAC encoder to Trojan-Horse attacks and proposes targeted countermeasures such as additional isolation or state randomization. No equations, derivations, fitted parameters, or self-referential definitions appear in the argument structure. The reference to the original iPOGNAC introduction functions as background context rather than a load-bearing premise that reduces the new claims to prior inputs by construction. The central mitigation claims rest on empirical device analysis and security scoping, remaining self-contained without reducing to self-citation chains or ansatzes.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Review performed on abstract only; no free parameters, axioms, or invented entities are described in the provided text.

pith-pipeline@v0.9.0 · 5773 in / 999 out tokens · 35491 ms · 2026-05-18T06:03:14.895603+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

36 extracted references · 36 canonical work pages

  1. [1]

    Filtering (using aWavelength Division Multiplexerfilter in Alice’s transmission band)

    work page

  2. [2]

    Isolation (using an Isolator or a Circulator at Alice’s output)

    work page

  3. [3]

    Watchdog

    Attenuation (using Optical Attenuators at Alice’s output); •Active 1.Watchdogdetectors (exploiting a Circulator connected to a detector at Alice’s output). Passive countermeasures can be all traced back to the attenuation type, since all of them can be overcome sending enough optical power [9, 33]. By measuring input and output power on different off-the-...

    work page 2023

  4. [4]

    Stable, low-error, and calibration- free polarization encoder for free-space quantum communication,

    M. Avesani, C. Agnesi, A. Stanco, G. Vallone, and P. Villoresi, “Stable, low-error, and calibration- free polarization encoder for free-space quantum communication,”Opt. Lett., vol. 45, pp. 4706–4709, Sep 2020

    work page 2020

  5. [5]

    Quantum cryptography: Public key distribution and coin tossing,

    C. H. Bennett and G. Brassard, “Quantum cryptography: Public key distribution and coin tossing,”Theoretical Computer Science, vol. 560, p. 7–11, Dec. 2014

    work page 2014

  6. [6]

    Quantum cryptography,

    N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, “Quantum cryptography,”Rev. Mod. Phys., vol. 74, pp. 145–195, Mar 2002

    work page 2002

  7. [7]

    Overcoming the rate–distance limit of quantum key distribution without quantum repeaters,

    M. Lucamarini, Z. L. Yuan, J. F. Dynes, and A. J. 13 Shields, “Overcoming the rate–distance limit of quantum key distribution without quantum repeaters,”Nature, vol. 557, p. 400–403, May 2018

    work page 2018

  8. [8]

    Twin-field quantum key distribution over 830-km fibre,

    S. Wang, Z.-Q. Yin, D.-Y. He, W. Chen, R.-Q. Wang, P. Ye, Y. Zhou, G.-J. Fan-Yuan, F.-X. Wang, W. Chen, Y.-G. Zhu, P. V. Morozov, A. V. Divochiy, Z. Zhou, G.-C. Guo, and Z.-F. Han, “Twin-field quantum key distribution over 830-km fibre,”Nature Photonics, vol. 16, p. 154–161, Jan. 2022

    work page 2022

  9. [9]

    Security of high-speed quantum key distribution with imperfect sources,

    G. Curr´ as-Lorenzo, M. Pereira, G. Kato, M. Curty, and K. Tamaki, “Security of high-speed quantum key distribution with imperfect sources,” 2025

    work page 2025

  10. [10]

    Trojan-horse attacks on quantum-key- distribution systems,

    N. Gisin, S. Fasel, B. Kraus, H. Zbinden, and G. Ribordy, “Trojan-horse attacks on quantum-key- distribution systems,”Physical Review A, vol. 73, Feb. 2006

    work page 2006

  11. [11]

    Trojan-horse attacks threaten the security of practical quantum cryptography,

    N. Jain, E. Anisimova, I. Khan, V. Makarov, C. Marquardt, and G. Leuchs, “Trojan-horse attacks threaten the security of practical quantum cryptography,”New Journal of Physics, vol. 16, p. 123030, Dec. 2014

    work page 2014

  12. [12]

    Large pulse attack as a method of conventional optical eavesdropping in quantum cryptography,

    A. Vakhitov, V. Makarov, and D. R. Hjelme, “Large pulse attack as a method of conventional optical eavesdropping in quantum cryptography,”Journal of Modern Optics, vol. 48, p. 2023–2038, Nov. 2001

    work page 2023

  13. [13]

    Risk analysis of trojan-horse attacks on practical quantum key distribution systems,

    N. Jain, B. Stiller, I. Khan, V. Makarov, C. Marquardt, and G. Leuchs, “Risk analysis of trojan-horse attacks on practical quantum key distribution systems,”IEEE Journal of Selected Topics in Quantum Electronics, vol. 21, p. 168–177, May 2015

    work page 2015

  14. [14]

    Trustworthiness of detectors in quantum key distribution with untrusted detectors,

    B. Qi, “Trustworthiness of detectors in quantum key distribution with untrusted detectors,”Phys. Rev. A, vol. 91, p. 020303, Feb 2015

    work page 2015

  15. [15]

    Practical security bounds against the trojan- horse attack in quantum key distribution,

    M. Lucamarini, I. Choi, M. Ward, J. Dynes, Z. Yuan, and A. Shields, “Practical security bounds against the trojan- horse attack in quantum key distribution,”Physical Review X, vol. 5, Sept. 2015

    work page 2015

  16. [16]

    Attacks exploiting deviation of mean photon number in quantum key distribution and coin tossing,

    S. Sajeed, I. Radchenko, S. Kaiser, J.-P. Bourgoin, A. Pappa, L. Monat, M. Legr´ e, and V. Makarov, “Attacks exploiting deviation of mean photon number in quantum key distribution and coin tossing,”Physical Review A, vol. 91, Mar. 2015

    work page 2015

  17. [17]

    Deployment-ready quantum key distribution over a classical network infrastructure in padua,

    M. Avesani, G. Foletto, M. Padovan, L. Calderaro, C. Agnesi, E. Bazzani, F. Berra, T. Bertapelle, F. Picciariello, F. B. L. Santagiustina, D. Scalcon, A. Scriminich, A. Stanco, F. Vedovato, G. Vallone, and P. Villoresi, “Deployment-ready quantum key distribution over a classical network infrastructure in padua,”Journal of Lightwave Technology, vol. 40, p....

    work page 2022

  18. [18]

    Cross-encoded quantum key distribution exploiting time-bin and polarization states with qubit-based synchronization,

    D. Scalcon, C. Agnesi, M. Avesani, L. Calderaro, G. Foletto, A. Stanco, G. Vallone, and P. Villoresi, “Cross-encoded quantum key distribution exploiting time-bin and polarization states with qubit-based synchronization,”Advanced Quantum Technologies, vol. 5, Oct. 2022

    work page 2022

  19. [19]

    Hybrid encoder for discrete and continuous variable qkd,

    M. Sabatini, T. Bertapelle, P. Villoresi, G. Vallone, and M. Avesani, “Hybrid encoder for discrete and continuous variable qkd,” 2025

    work page 2025

  20. [20]

    Security analysis against the trojan horse attack on practical polarization-encoding quantum key distribution systems,

    T. Luo, Q. Liu, X. Sun, C. Huang, Y. Chen, Z. Zhang, and K. Wei, “Security analysis against the trojan horse attack on practical polarization-encoding quantum key distribution systems,”Physical Review A, vol. 109, Apr. 2024

    work page 2024

  21. [21]

    Modular source for near-infrared quantum communication,

    F. Berra, C. Agnesi, A. Stanco, M. Avesani, S. Cocchi, P. Villoresi, and G. Vallone, “Modular source for near-infrared quantum communication,”EPJ Quantum Technol., vol. 10, p. 27, Jul 2023

    work page 2023

  22. [22]

    Resource-effective quantum key distribution: a field trial in padua city center,

    M. Avesani, L. Calderaro, G. Foletto, C. Agnesi, F. Picciariello, F. B. L. Santagiustina, A. Scriminich, A. Stanco, F. Vedovato, M. Zahidy, G. Vallone, and P. Villoresi, “Resource-effective quantum key distribution: a field trial in padua city center,”Opt. Lett., vol. 46, pp. 2848–2851, Jun 2021

    work page 2021

  23. [23]

    In-field comparison between G.652 and G.655 optical fibres for polarisation-based quantum key distribution,

    C. Agnesi, M. Giacomin, D. Sartorato, S. Artuso, G. Vallone, and P. Villoresi, “In-field comparison between G.652 and G.655 optical fibres for polarisation-based quantum key distribution,”IET Quantum Comm., vol. 5, no. 4, pp. 567–574, 2024

    work page 2024

  24. [24]

    Fpga design methodology for industrial control systems—a review,

    E. Monmasson and M. N. Cirstea, “Fpga design methodology for industrial control systems—a review,” IEEE Transactions on Industrial Electronics, vol. 54, no. 4, pp. 1824–1842, 2007

    work page 2007

  25. [25]

    Gaussian quantum information,

    C. Weedbrook, S. Pirandola, R. Garc´ ıa-Patr´ on, N. J. Cerf, T. C. Ralph, J. H. Shapiro, and S. Lloyd, “Gaussian quantum information,”Reviews of Modern Physics, vol. 84, p. 621–669, May 2012

    work page 2012

  26. [26]

    Quantum detection and estimation theory,

    C. W. Helstrom, “Quantum detection and estimation theory,”Journal of Statistical Physics, vol. 1, pp. 231– 252, 1969

    work page 1969

  27. [27]

    Semidefinite programming relaxations for quantum correlations,

    A. Tavakoli, A. Pozas-Kerstjens, P. Brown, and M. Ara´ ujo, “Semidefinite programming relaxations for quantum correlations,”Reviews of Modern Physics, vol. 96, Dec. 2024

    work page 2024

  28. [28]

    Ben-Tal and A

    A. Ben-Tal and A. Nemirovski,Lectures on Modern Convex Optimization: Analysis, Algorithms, and Engineering Applications. Society for Industrial and Applied Mathematics, Jan. 2001

    work page 2001

  29. [29]

    Efficient optimal minimum error discrimination of symmetric quantum states,

    A. Assalini, G. Cariolaro, and G. Pierobon, “Efficient optimal minimum error discrimination of symmetric quantum states,”Physical Review A, vol. 81, Jan. 2010

    work page 2010

  30. [30]

    Fukunaga,Introduction to Statistical Pattern Recognition

    K. Fukunaga,Introduction to Statistical Pattern Recognition. San Diego: Academic Press, second ed., 2000

    work page 2000

  31. [31]

    Direct measurement of the recovery time of superconducting nanowire single- photon detectors,

    C. Autebert, G. Gras, E. Amri, M. Perrenoud, M. Caloz, H. Zbinden, and F. Bussi` eres, “Direct measurement of the recovery time of superconducting nanowire single- photon detectors,”Journal of Applied Physics, vol. 128, Aug. 2020

    work page 2020

  32. [32]

    High-power laser testing of calcium-phosphate-based bioresorbable optical fibers,

    P. Peterka, D. Pugliese, B. Jiˇ r´ ıˇ ckov´ a, N. G. Boetti, H. Turˇ ciˇ cov´ a, I. Mirza, A. Borodkin, and D. Milanese, “High-power laser testing of calcium-phosphate-based bioresorbable optical fibers,”Optical Materials Express, vol. 11, p. 2049, June 2021

    work page 2049

  33. [33]

    Optical damage limits to pulse energy from fibers,

    A. V. Smith, B. T. Do, G. R. Hadley, and R. L. Farrow, “Optical damage limits to pulse energy from fibers,” IEEE Journal of Selected Topics in Quantum Electronics, vol. 15, p. 153–158, Jan. 2009

    work page 2009

  34. [34]

    Fast and simple qubit-based synchronization for quantum key distribution,

    L. Calderaro, A. Stanco, C. Agnesi, M. Avesani, D. Dequal, P. Villoresi, and G. Vallone, “Fast and simple qubit-based synchronization for quantum key distribution,”Physical Review Applied, vol. 13, p. 054041, May 2020

    work page 2020

  35. [35]

    A comprehensive study of various superconductors for superconducting nanowire single photon detectors applications,

    S. Tripathy, K. Tyagi, and P. Pratap, “A comprehensive study of various superconductors for superconducting nanowire single photon detectors applications,”iScience, vol. 27, no. 10, p. 110779, 2024

    work page 2024

  36. [36]

    Protecting fiber- optic quantum key distribution sources against light- injection attacks,

    A. Ponosova, D. Ruzhitskaya, P. Chaiwongkhot, 14 V. Egorov, V. Makarov, and A. Huang, “Protecting fiber- optic quantum key distribution sources against light- injection attacks,”PRX Quantum, vol. 3, Oct. 2022

    work page 2022