We study potential security vulnerabilities of a single-photon detector based on superconducting transition-edge sensor. In a simple experiment, we show that an adversary could fake a photon number result at a certain wavelength by sending a larger number of photons at a longer wavelength. In another experiment, we show that the detector can be blinded by bright continuous-wave light and then, a controlled response simulating single-photon detection can be produced by applying a bright light pulse. We model an intercept-and-resend attack on a quantum key distribution system that exploits the latter vulnerability and, under certain assumptions, succeeds to steal the key.
@article{arxiv.2102.08746,
title = {Faking photon number on a transition-edge sensor},
author = {Poompong Chaiwongkhot and Jiaqiang Zhong and Anqi Huang and Hao Qin and Sheng-cai Shi and Vadim Makarov},
journal= {arXiv preprint arXiv:2102.08746},
year = {2022}
}