A Singaporean study proves that the first quantum satellite is vulnerable to hacking

| By:   Tamer Karam           |  June 3, 2025

q-china-sat

In 2016, China launched its first satellite dedicated to quantum communications, named Micius or Mozi, with the goal of enhancing secure information transmission through Quantum Key Distribution (QKD). The satellite relies on the BB84 protocol to exchange encryption keys with ground stations, a protocol theoretically believed to be unhackable without immediate detection.

However, this assumption has begun to change after Russian quantum researcher Alexander Miller, who is currently working in Singapore, conducted an experimental study on the protocol’s functioning and discovered weaknesses that make it more vulnerable to hacking than previously expected.

The protocol uses quantum key distribution, where encryption keys are exchanged through photons, making interception detectable due to quantum state alterations. However, since using single photons for long-distance communication is impractical, laser pulses containing multiple identical photons are used instead. This method enhances reliability and practicality but introduces security vulnerabilities, as the interception of a single photon within the pulse may not be detected, being considered a natural loss within quantum communication systems.

To strengthen security, the system employs eight laser devices, with one sending the actual signal while the other seven transmit decoy laser pulses. The idea is to prevent hackers from distinguishing the real signal from the fake ones, thereby protecting encryption keys. However, Miller discovered minor timing delays between the laser pulses emitted by the satellite, which could be exploited to identify the genuine signal. In a non-peer-reviewed research paper, Miller’s analysis showed that noticeable timing discrepancies exist between signals, with delays reaching up to 300 picoseconds in some instances — enough to differentiate real signals from decoy ones. According to his findings, an attacker using high-precision measurement tools could identify the real signal in 98.7% of cases, revealing that the system is not as secure as previously believed.

These findings contradict the core assumption of BB84’s security, which relies on the idea that the density levels used for quantum bit transmission are unknown to potential attackers. Based on previous theoretical studies, which introduced photon-number-splitting attack strategies exploiting distinguishable decoy states, Miller’s research demonstrates that quantum key distribution via Micius is not fully secure. His findings indicate that the issue lies not in theoretical failure but rather in the technical limitations of the satellite’s communication system, highlighting the need for improvements in quantum encryption security to prevent such vulnerabilities in future quantum networks. 


Share