Quantum Digital Signature

Revision as of 14:33, 4 December 2018 by Shraddha (talk | contribs)

Functionality

Digital Signatures (QDS) allow the exchange of classical messages from sender to multiple recipients, with a guarantee that the signature has come from a genuine sender. Additionally, it comes with the properties of (i) transferability i.e. messages with DS can be forwarded from one recipient to another such that DS is verifiable to have come from the original sender, (ii) non-repudiation i.e at any stage after sending the message to one recipient, sender cannot deny having sent the message and corresponding DS, and (iii) unforgeability i.e. a dishonest recipient cannot alter or fake the sender's DS and forward it to other recipients successfully. In contrast, Classical digital signatures rely on authentication (taken as an assumption for some QDS protocols) i.e. the message has come from the claimed party; integrity i.e. the message has not been altered (if authentication is confirmed, this property is unforgeability) and non-repudiation (same as QDS).

Tags: Multi Party (three), Quantum Enhanced Classical Functionality, Specific Task, Blind Quantum Digital Signature, Arbitrated Signature, Quantum Proxy Signature, Designated Verifiable Quantum Signature, Limited Delegation of Quantum Signature,,


Use Case

  • Classical task
  • Classical analogue: RSA, Post-Quantum Secure analogue: XMSS
  • QDS implementation specifications (best achieved) per half bit message (0 or 1):
    • best estimated time: 3.5 secs
    • key length: 2Mbits
    • maximum transmission distance: 200 kms
    • scalability: linear in time, not linear in key length

Protocols

Properties

All QDS protocols are divided into two phases, distribution and messaging. Distribution phase enables sender to generate private keys (kept secret with sender) and public keys (information distributed to recipients) while messaging phase enables exchange of messages using the above keys. For simlicity, most protocols use the case of three parties, one sender (Seller) and two recipients (Buyer and Verifier) exchanging one-bit classical messages signed by Quantum Digital Signatures (QDS).

  • A QDS scheme is correct if a message signed by a genuine sender is accepted by a recipient with unit probability.
  • A QDS scheme is secure if no one but the sender can sign a message such that it is accepted by a recipient with non-negligible probability.
  • Transferability means that at any point a recipient (buyer) can prove it to another recipient (verifier) that the concerned message has been signed by the claimed sender (Seller).
  • Unforgeability ensures that a dishonest recipient (buyer) can neither alter a DS nor sign a message with a fake DS (DS that has not come from a genuine sender) and forward it to other recipients (verifier) successfully.
  • Non-Repudiation implies that at any point a dishonest sender (seller) cannot deny having signed the message sent to a genuine recipient (Buyer).

Discussion

  1. AA (2015) Discusses various classical and quantum digital signature schemes
  2. Wallden P. (2018) (In preparation): Discusses the development of Quantum Digital Signatures from the first protocol by Gottesman and Chuang, elaborating advancements in further protocols to turn it into a practical QDS scheme.