Title: Testing random-detector-efficiency countermeasure in a commercial system reveals a breakable unrealistic assumption

Abstract: In the last decade, efforts have been made to reconcile theoretical security with realistic imperfect implementations of quantum key distribution (QKD). Implementable countermeasures are proposed to patch the discovered loopholes. However, certain countermeasures are not as robust as would be expected. In this paper, we present a concrete example of ID Quantique's random-detector-efficiency countermeasure against detector blinding attacks. As a third-party tester, we have found that the first industrial implementation of this countermeasure is effective against the original blinding attack, but not immune to a modified blinding attack. Then, we implement and test a later full version of this countermeasure containing a security proof [C. C. W. Lim et al., IEEE Journal of Selected Topics in Quantum Electronics, 21, 6601305 (2015)]. We find that it is still vulnerable against the modified blinding attack, because an assumption about hardware characteristics on which the proof relies fails in practice.