Functionality Description

Quantum Money is a quantum cryptographic scheme that was first introduced by Wiesner [Wie83] in 1983. Informally, the quantum money object is a unique (e.g. has a public classical serial number) and unforgeable (e.g. unclonable) physical object that is created by a third party called Mint (that could be trusted or not trusted). Then, it is circulated among potentially untrusted parties, Holder, who might attempt to forge it for double spending. However a Merchant, upon receiving it, should be able to verify the money has not been forged and originated from Mint. There are various verification schemes based on different types of communication and types of key encryption used by Mint (see Protocols).

Protocols

Private Key with Quantum Verification

It involves a trusted party called Bank, who shares a private secret classical key with Mint for all distributed money. For verification, Merchant sends the quantum money to Bank through a quantum channel. Bank performs local quantum operations, dictated by the secret classical key, and accepts or rejects the money.

Private Key with Classical Verification

It involves a trusted party called Bank, who shares secrete key with Mint for all distributed money. For verification, Merchant performs local quantum operations on the money and sends classical data to Bank who accepts or rejects based on the secret key they holds.

Public Key with Quantum Verification

For verification, Merchant performs local quantum operations depending on the public key of the money to reject or accept the money.

Properties

  • A QMoney scheme is correct if an original quantum money issued by Mint is accepted by the verifier with unit probability.
  • A QMoney scheme is Information-theoretically or Computationally secure if no adversarial holder with unlimited or computational power can pass verification with different Merchants or Banks at the same time with high probability.
  • A QMoney is reusable if an honest Holder can pass verification with different Merchants or Banks at different times.

Further Information

*contributed by Mahshid Delavar and Mathieu Bozzio