Garcia-Escartin, Juan CarlosSajeed, ShihanMakarov, Vadim2026-05-062026-05-062020-08-03https://doi.org/10.1371/journal.pone.0236630https://hdl.handle.net/10012/23229© 2020 Garcia-Escartin et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.Quantum cryptography promises security based on the laws of physics with proofs of security against attackers of unlimited computational power. However, deviations from the original assumptions allow quantum hackers to compromise the system. We present a side channel attack that takes advantage of ventilation holes in optical devices to inject additional photons that can leak information about the secret key. We experimentally demonstrate light injection on an ID Quantique Clavis2 quantum key distribution platform and show that this may help an attacker to learn information about the secret key. We then apply the same technique to a prototype quantum random number generator and show that its output is biased by injected light. This shows that light injection is a potential security risk that should be addressed during the design of quantum information processing devices.enAttribution 4.0 Internationalhttp://creativecommons.org/licenses/by/4.0/photonslaserslightlight pulsesoptical equipmentfiber opticsquantum key distributionrandom number generatorsArticle