Micius’ Security Flaw Could Hack First Quantum Satellite

Micius

A study finds a security issue in the first quantum satellite.

A Singaporean researcher found that Micius, China's 2016 quantum communication satellite, may be hackable despite its guaranteed safe information delivery. The satellite uses Quantum Key Distribution (QKD) to share encryption keys with ground stations using the BB84 protocol to improve communication security. This recent study suggests that the BB84 technique may be vulnerable despite its theoretical impenetrability.

Quantum communication encodes data in photons using quantum mechanics-based encryption. The secret key exchange mechanism QKD makes eavesdropping difficult and possibly impossible. It is generally known that “side-channel attacks” that exploit experimental implementation vulnerabilities may harm real-world QKD devices.

Micius employ laser pulses with multiple identical photons for long-distance communication. This increases reliability but compromises security. The system uses numerous laser devices to prevent photon-number-splitting (PNS) attacks. Reports say Micius used eight laser diodes, four of which transmitted “decoy” states and four the real “signal” states. Decoy states protect encryption keys by making attackers unable to distinguish between real and fake signals. According to the security assumption, an eavesdropper cannot distinguish signal and decoy photons before data processing.

However, Singapore-based quantum physicist Alexander Miller detected tiny temporal delays between the satellite's laser pulses in one experiment. Miller examined data from Micius-ground station transmission to find time delays between the quantum transmitter's lasers. Taking advantage of temporal delays or mismatches could reveal the genuine signal.

Miller's non-peer-reviewed work says signal times differ. Experimental data from quantum communication sessions between Micius and a ground station in Zvenigorod, Russia, suggests a 300-picosecond delay between the signal and decoy lasers. Pulses last 200 picoseconds, therefore this delay is identical. Over multiple sessions and months, the time difference persisted, indicating a long-term design issue.

Desynchronisation creates a “telltale fingerprint” in photon arrival timing. In 98.7% of cases, an attacker could determine the genuine signal using high-precision measurement devices, Miller found. Such precision suggests the system is not as safe as anticipated.

These findings violate BB84's decoy state security premise that signal and decoy pulses are identical in all degrees of freedom except intensity. Miller's research reveals that quantum key distribution via Micius is not safe, supporting past theoretical work on PNS attacks that use separate decoy states.

Rather than a theoretical protocol failure, the report blames technological limits and defects in the satellite's communication system hardware. Using many lasers to create photon states makes implementation easier, but each laser may act differently over time, releasing accidental information. Satellite transmitter design appears to cause systematic vulnerability.

The study uses a previously proposed theoretical model of the PNS attack that uses distinguish ability to calculate that, given the observed degree of mismatch, the secure key rate would effectively decrease to zero, indicating that the encryption might be cracked.

This new analysis contradicts earlier reports that Micius' lasers were synchronised in 10 picoseconds. This raises problems about synchronisation checking and degradation. Micius could not remotely adjust laser time in orbit, making it difficult or impossible to fix a design flaw after launch.

If confirmed by future research, these findings underscore a bigger difficulty in quantum communication: the gap between theoretical objectives and real-world device limits, especially in challenging environments like space.

To prevent future issues, the paper recommends stronger laser synchronisation, rigorous pre-flight hardware testing, and the flexibility to adjust timing parameters after launch. Entanglement-based QKD systems and single-laser systems may be considered, notwithstanding their limitations.

The paper used experimental data from Russian company QSpace Technologies, released on a pre-print website without peer review. The scientific method demands peer review. The study focused on temporal side channels (timing differences) rather than spectral or geographical distinguishability or environmental influences across time, which could also be dangerous.