Quantum Digital Signature

Functionality

Digital Signatures (DS) allow for the exchange of single or multiple bit classical messages from sender to multiple recipients, with a guarantee that the signature has come from a genuine sender. It comes with the properties of (i) transferability, i.e. messages with DS can be forwarded from one recipient to another such that DS is verifiable to have come from the original sender, (ii) non-repudiation, i.e at any stage after sending the message to one recipient, sender cannot deny having sent the message and corresponding DS, and (iii) unforgeability, i.e. a dishonest recipient cannot alter or fake the sender's DS and forward it to other recipients successfully.

Protocols

For simlicity, most protocols use the case of three parties, one sender (Seller) and two recipients (Buyer and Verifier) exchanging one-bit classical messages signed by Quantum Digital Signatures (QDS).

Use Case

Signing e-Marksheet, Financial Transactions, Software Distribution, Cryptocurrencies, e-voting

Tags: Multi Party, Quantum Enhanced Classical Functionality, Specific Task

Properties

All QDS protocols are divided into two phases, distribution and messaging. Distribution phase enables sender to generate private keys (kept secret with sender) and public keys (distributed to recipients) while messaging phase enables exchange of messages using the above keys.

  • A QDS scheme is correct if a message signed by a genuine sender is accepted by a recipient with unit probability.
  • A QDS scheme is secure if no one but the sender can sign a message such that it is accepted by a recipient with non-negligible probability.
  • Transferability means that at any point a recipient (buyer) can prove it to another recipient (verifier) that the concerned message has been signed by the claimed sender (Seller).
  • Unforgeability ensures that a dishonest recipient (buyer) can neither alter a DS nor sign a message with a fake DS (DS that has not come from a genuine sender) and forward it to other recipients (verifier) successfully.
  • Non-Repudiation implies that at any point a dishonest sender (seller) cannot deny having signed the message sent to a genuine recipient (Buyer).

Discussion

(Review Paper by Petros)