I haven't verified the results of this particular paper, but there is a broad class of potential problems along these lines with quantum cryptography. Here's a short piece I wrote about these problems in 2004: http://michaelnielsen.org/blog/whats-wrong-with-those-quantu...

The short summary is that side channel attacks are a real problem with quantum cryptography, potentially moreso than with conventional crypto. The reason is that only a limited number of people have the resources to seriously test (and thus improve) real-world implementations of quantum cryptosystems systems. I.e., quantum crypto greatly raises the bar to do white hat hacking.

On our university these guys built a complete eavesdropper, installed in a running quantum cryptography link, and actually extracted the full ‘secret’ key unnoticed.

Read more about it here: http://www.iet.ntnu.no/groups/optics/qcr/

Pictures and description: http://www.iet.ntnu.no/groups/optics/qcr/full-eavesdropping-...

For the majority of us, a much more readable description of this experiment: http://physicsworld.com/cws/article/news/46305

that's why we came up with http://arxiv.org/abs/quant-ph/0408179 in 2004 (one of the co-authors here)

announcing the bases in public isn't a great idea

Vadim Makarov's homepage: http://www.vad1.com/

Well, that didn't take long