Wiesner Quantum Money: Difference between revisions

From Quantum Protocol Zoo
Jump to navigation Jump to search
No edit summary
No edit summary
 
(14 intermediate revisions by 3 users not shown)
Line 1: Line 1:
A classical money/banknote has a unique serial number and the bank can provide a verification according to these serial numbers. However, Wiesner suggests that a quantum money has also a number of isolated two-state quantum system and the two-state systems are located in one of four states.
The classical money scheme involves the Bank distributing notes to untrusted users. Each note has a unique serial number attached to it and this number provides a basis for the verification of the note when the user wants to use it for a transaction. However, in the classical world, nothing prevents a user with sufficient resources to be able to forge the note and create more notes than what he originally had in possession. In the 1980s, Wiesner proposed the idea of quantum money to create unforgeable bank notes. The unforgeability of the note relied on the no-cloning property of quantum mechanics. In this [http://users.cms.caltech.edu/~vidick/teaching/120_qcrypto/wiesner.pdf example protocol], the banknotes are several
Assumptions  
BB84 states prepared by the Bank, who then distributes them to the untrusted users. When the user needs to carry out a transaction with his note, he sends it to the Bank for verification, who then authenticates the validity of the note. Based on the no-cloning property of quantum mechanics, Wiesner showed information-theoretic security against a forger of bank notes.  
1) The two state systems must be isolated from the rest of universe enoughly 2) When Wiesner wrote his thesis, there was no device operating in which the phase coherence of a two state system was preserved for longer then about a second  
 
OUTLINE Let’s us think that the money has twenty isoleted system Si, i=1....20. At the mint created two random binary sequences of twenty digits each which we can call M i and N i, i=1,,...20, M i = 0 or 1 and Ni = 0 or 1. Then the two-state systems are placed in one of the four states a, b, alpha, beta in accordance with the scheme shown in Fig.  
'''Tags:''' [[:Category: Multi Party Protocols|Multi Party Protocols]], non-local games, [[:Category: Quantum Enhanced Classical Functionality|Quantum Enhanced Classical Functionality]], [[:Category: Specific Task|Specific Task]]
1) Bank prepares a pair of orthonormal base states for each state system. Then two  
[[Category: Prepare and Measure Network Stage]]
state system are located in one of the four states a, b, alpha, beta in accordance 2) The bank records all polarizations and their serial numbers. On the bank note/  
[[Category: Specific Tasks]]
quantum money the serial number can be seen, while polarizations are kept secret 3) If the money is returned to the mint, then check that if each isolated system is still in  
[[Category: Quantum Enhanced Classical Functionality]]
its initial state or not.  
[[Category: Multi Party Protocols]]
4) If someone copies the money then she/he cannot recover Ni because since she does
 
not know Mi. She does not know what measurement to make an Si NOTATION Si = isolated system Mi and Ni = random binary sequences a,b,alpha,beta = states REQUIREMENTS
==Assumptions==
1) Network stage: quantum memory network PROPERTIES
* The quantum money state which is a two-state system must be isolated from the rest of universe, roughly.
1) Wiesner’s schema requires a central bank for verifying the money 2) The “qubit” was used firstly in Wiesner’s article 3) Pairs of conjugate variables has same relation with Heisenberg uncertanity principle Pseudocode Input: ​Product state of N qubit and a serial number Outout: ​approved/rejected  
* When Wiesner wrote his thesis, there was no device operating in which the phase coherence of a two-state system was preserved for longer than about a second.
1) Money has two component (|S>,k), k is a serial number of the banknote and S is a product state of N qubits. For every N qubits of the product states are choosen randomly in {|0>, |1>,|+>,| ->} 2) Serial numbers and their states are recorded and kept at the mint7 3) For verifying the money, the mint looks the serial number and their correspending
 
states. Thus, each qubit is measured in the right basis, {|0>,|1>} or {|+>,|->}, and looked if corresponded to the classical description of the state. 4) If the result(measurement) <1, rejected (If somebody wants to copy a piece of quantum money, she can choose the measurement basis at random for each qubit of a quantum money state. For each qubit, If he guesses the right basis, she will find the right value with probability 1. In the other case, she will find the right value with probability 1/2. so, the probability that an attacker guesses correctly the quantum money state is (3/4)^N )
==Outline==
Furthermore Information
Let the money have <math>n</math> isolated systems <math>S_i\in\{a, b, \alpha, \beta\}, i=1,...,n</math>.  
* The Mint creates two random binary sequences of <math>n</math>  digits <math>M_i,N_i\in\{0,1\}</math> where <math>i=1,...,n</math>. Then, two-state systems are placed in one of four states <math>a, b, \alpha, \beta</math>.  
# Bank prepares a pair of orthonormal base states for each state system. Then the two-state system is located in one of four states <math>a, b, \alpha, \beta</math>
# The bank records all polarizations and their serial numbers. On the banknote/quantum money the serial number is plain, while polarizations are kept hidden.
# If the money is returned to the Mint, it checks whether each isolated system is still in its initial state or not.  
Note that since no one except the Mint knows <math>M_i</math> and <math>N_i</math>, even if someone copies the money, he cannot recover the polarization.
 
==Notation==
*<math>S_i</math>= Isolated system
*<math>M_i,N_i</math>= Random binary sequences
*<math>a,b,\alpha,\beta</math>= States
==Requirements==  
* Network stage: quantum memory network
 
==Knowledge Graph==
 
{{graph}}
 
==Properties==
* The scheme requires a central bank for verifying the money
* Pairs of conjugate variables has the same relation with Heisenberg uncertainty principle
* The success probability of the adversary in guessing the state of the target quantum money is <math>(3/4)^n</math>
 
==Protocol Description==
'''Input''': ​Product state of <math>N</math> qubit and a serial number</br>
'''Output''': ​approved/rejected </br>
'''Stage 1: Preparation'''
# The Mint generate a quantum money composed of two component <math>(|S\rangle,k)</math> where <math>k</math> is the serial number of the banknote and <math>S</math> is a product state of <math>N</math> qubits. Each qubit is randomly chosen from the set <math>\{|0\rangle,|1\rangle,|+\rangle,|-\rangle\}</math>  
# Serial numbers and their states are recorded and kept at the Mint
'''Stage 2: Verification'''
# The Mint looks for the serial number and the corresponding measurement basis in its database. Thus, each qubit is measured in the right basis,<math>\{|0\rangle,|1\rangle\}</math> or <math>\{|+\rangle,|-\rangle\}</math>.
# The Mint outputs 1 if the result of the measurement corresponds with the data stored in its database, otherwise it returns 0.
 
==References==
http://users.cms.caltech.edu/~vidick/teaching/120_qcrypto/wiesner.pdf
http://users.cms.caltech.edu/~vidick/teaching/120_qcrypto/wiesner.pdf
<div style='text-align: right;'>''contributed by Gözde Üstün''</div>

Latest revision as of 15:33, 16 October 2019

The classical money scheme involves the Bank distributing notes to untrusted users. Each note has a unique serial number attached to it and this number provides a basis for the verification of the note when the user wants to use it for a transaction. However, in the classical world, nothing prevents a user with sufficient resources to be able to forge the note and create more notes than what he originally had in possession. In the 1980s, Wiesner proposed the idea of quantum money to create unforgeable bank notes. The unforgeability of the note relied on the no-cloning property of quantum mechanics. In this example protocol, the banknotes are several BB84 states prepared by the Bank, who then distributes them to the untrusted users. When the user needs to carry out a transaction with his note, he sends it to the Bank for verification, who then authenticates the validity of the note. Based on the no-cloning property of quantum mechanics, Wiesner showed information-theoretic security against a forger of bank notes.

Tags: Multi Party Protocols, non-local games, Quantum Enhanced Classical Functionality, Specific Task

Assumptions[edit]

  • The quantum money state which is a two-state system must be isolated from the rest of universe, roughly.
  • When Wiesner wrote his thesis, there was no device operating in which the phase coherence of a two-state system was preserved for longer than about a second.

Outline[edit]

Let the money have isolated systems .

  • The Mint creates two random binary sequences of digits Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle M_i,N_i\in\{0,1\}} where . Then, two-state systems are placed in one of four states .
  1. Bank prepares a pair of orthonormal base states for each state system. Then the two-state system is located in one of four states
  2. The bank records all polarizations and their serial numbers. On the banknote/quantum money the serial number is plain, while polarizations are kept hidden.
  3. If the money is returned to the Mint, it checks whether each isolated system is still in its initial state or not.

Note that since no one except the Mint knows and , even if someone copies the money, he cannot recover the polarization.

Notation[edit]

  • = Isolated system
  • Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle M_i,N_i} = Random binary sequences
  • = States

Requirements[edit]

  • Network stage: quantum memory network

Knowledge Graph[edit]

Properties[edit]

  • The scheme requires a central bank for verifying the money
  • Pairs of conjugate variables has the same relation with Heisenberg uncertainty principle
  • The success probability of the adversary in guessing the state of the target quantum money is Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle (3/4)^n}

Protocol Description[edit]

Input: ​Product state of qubit and a serial number
Output: ​approved/rejected
Stage 1: Preparation

  1. The Mint generate a quantum money composed of two component where is the serial number of the banknote and is a product state of qubits. Each qubit is randomly chosen from the set
  2. Serial numbers and their states are recorded and kept at the Mint

Stage 2: Verification

  1. The Mint looks for the serial number and the corresponding measurement basis in its database. Thus, each qubit is measured in the right basis, or .
  2. The Mint outputs 1 if the result of the measurement corresponds with the data stored in its database, otherwise it returns 0.

References[edit]

http://users.cms.caltech.edu/~vidick/teaching/120_qcrypto/wiesner.pdf

contributed by Gözde Üstün