We study potential security vulnerabilities of a single-photon detector based on superconducting transition-edge sensor. In one experiment, we show that an adversary could fake a photon number result at a certain wavelength by sending a larger number of photons at a longer wavelength, which is an expected and known behaviour. In another experiment, we unexpectedly find that the detector can be blinded by bright continuous-wave light and then, a controlled response simulating single-photon detection can be produced by applying a bright light pulse. We model an intercept-and-resend attack on a quantum key distribution system that exploits the latter vulnerability and, under certain assumptions, able to steal the key.

中文翻译：

---

在过渡边缘传感器上伪造光子数

我们研究了基于超导过渡边缘传感器的单光子探测器的潜在安全漏洞。在一项实验中，我们表明，对手可以通过发送更长波长的更多光子来伪造某个波长的光子数结果，这是一种预期且已知的行为。在另一个实验中，我们意外地发现探测器可以被明亮的连续波光致盲，然后通过施加明亮的光脉冲可以产生模拟单光子探测的受控响应。我们对利用后一个漏洞并在某些假设下能够窃取密钥的量子密钥分发系统进行拦截和重发攻击建模。