Write, autoreview, editor, reviewer
3,129
edits
Arbitrated Quantum Digital Signature: Difference between revisions
Add first part of Pseudo code
(Add notations) |
(Add first part of Pseudo code) |
||
| Line 51: | Line 51: | ||
* <math>|S\rangle_{k_{pri},m}</math>: Signature quantum state for message $m$ which is the quantum state | * <math>|S\rangle_{k_{pri},m}</math>: Signature quantum state for message $m$ which is the quantum state | ||
<math>|S\rangle_{k_{pri},m} = \bigotimes^{n}_{l=1} H^{k_{pub_l}\oplus k_{pri_l}} |\phi\rangle_{s_l,t_l\oplus m_l, m_l}</math> | <math>|S\rangle_{k_{pri},m} = \bigotimes^{n}_{l=1} H^{k_{pub_l}\oplus k_{pri_l}} |\phi\rangle_{s_l,t_l\oplus m_l, m_l}</math> | ||
* <math>|P\rangle</math>: Private key quantum state where <math>|P\rangle \in \{|+\rangle, |-\rangle, |1\rangle, |0\rangle\}^n</math> and it is the quantum state: | * <math>|P\rangle</math>: Private key quantum state where <math>|P\rangle \in \{|+\rangle, |-\rangle, |1\rangle, |0\rangle\}^n</math> and it is the quantum state: | ||
<math>|P\rangle := H^{k_{pri}}|\phi\rangle_{s, t\oplus m}</math> | <math>|P\rangle := H^{k_{pri}}|\phi\rangle_{s, t\oplus m}</math> | ||
* <math>P</math>: Classical 2n-bit for <math>n</math>-qubit <math>|P\rangle</math> where <math>|+\rangle</math> is encoded to 10, <math>|-\rangle</math> to 11, <math>|1\rangle</math> to 00 and <math>|0\rangle</math> is encoded to 01. | * <math>P</math>: Classical 2n-bit for <math>n</math>-qubit <math>|P\rangle</math> where <math>|+\rangle</math> is encoded to 10, <math>|-\rangle</math> to 11, <math>|1\rangle</math> to 00 and <math>|0\rangle</math> is encoded to 01. | ||
| Line 72: | Line 68: | ||
* <math>Q</math>: Classical bit string denoted as <math>Q \in \{00, 01, 10, 11\}^n</math>. It is proven that <math>P=Q</math>. | * <math>Q</math>: Classical bit string denoted as <math>Q \in \{00, 01, 10, 11\}^n</math>. It is proven that <math>P=Q</math>. | ||
* <math>\delta</math>: <math>\langle F|F\rangle'</math>, where <math>\delta \in [0,1)</math>. | * <math>\delta</math>: <math>\langle F|F\rangle'</math>, where <math>\delta \in [0,1)</math>. | ||
==Hardware Requirements== | |||
* Secure quantum channel between Signer and Verifier | |||
* Quantum channel between Signer and PKG | |||
* Private database for both Signer and PKG | |||
* Measurement devices for the Verifier. | |||
==Properties== | |||
* The protocol assumes the PKG to be a trusted party. | |||
* This protocol cannot be broken even if the adversary had unlimited computing power. | |||
* In this protocol, it is proven that no adversary can break the secrecy of the Signer's signature private key. | |||
* The quantum digital signature produces in this protocol is impossible to repudiate and cannot be forged in any condition. | |||
* In the protocol the public and the private key belong to the classical bits, only the signature cipher has quantum nature. | |||
* No Certificate Authority is required to manage digital public-key certificate of Signers. | |||
* If <math>|F\rangle = |F'\rangle</math>, the measuring result <math>|0\rangle</math> occurs with probability 1, otherwise it occurs with probability <math>\frac{1+\delta^2}{2}</math>. Hence, when repeated for <math>w</math> times, the probability of equality is at least 1-<math>(\frac{1+\delta^2}{2})^w</math>. | |||
==Pseudo-Code== | |||
'''Stage 1''': Key Generation </br> | |||
'''Output''': Signer receives <math>k_{pri}</math> from the PKG. | |||
* <math>k_{pub}</math> is generated on the basis of Signer's public identity information like email or person ID-card. | |||
* PKG aquires <math>k_{pub}</math> through open channels. | |||
* PKG selects <math>G</math> randomly as its master key. | |||
* PKG selects <math>k_{r}</math> randomly. | |||
* PKG calculates <math>k_{pri}</math> as | |||
<div style="text-align: center;"><math>k_{pri} := G(k_{pub}) \oplus k_{r} </math></div> | |||
* PKG uses <math>k_{at}</math> to encrypt <math>k_{pri}</math> and transmits <math>E_{k_{at}}</math> to Signer. | |||
* Signer decrypts <math>E_{k_{at}}</math> using <math>k_{at}</math> and receives <math>k_{pri}</math>. | |||
'''Stage 2''': Signature</br> | |||
'''Output''': PKG receives the quantum digest <math>|F\rangle</math> and the Verifier receives the Signature <math>(ts, m, B_P,|S\rangle_{k_{pri}, m})</math> from the Signer. | |||
* Signer wants to sign the message <math>m</math>. | |||
* Signer selects <math>s</math> and <math>t</math>. | |||
* For <math>l = 1, 2, ...n</math>: | |||
** Signer generates the state <math>|\phi\rangle_{s_l,t_l\oplus m_l, m_l}</math>, which is: | |||
<div style="text-align: center;"><math> |\phi\rangle_{s_l,t_l\oplus m_l, m_l} = Y^{m_l}H^{s_l}U_{\frac{\pi}{4}}H^{t_l\oplus m_l}|0\rangle</math></div> | |||
* For <math>l = 1, 2, ...n</math>: | |||
** Signer generates the Signature quantum state <math>|S\rangle_{{k_{pri}}_l,m_l}</math>, which is | |||
<div style="text-align: center;"><math> |S\rangle_{{k_{pri}}_l,m_l} = H^{k_{pub_l}\oplus k_{pri_l}}|\phi\rangle_{s_l,t_l\oplus m_l, m_l}</math></div> | |||
* For <math>l = 1, 2, ...n</math>: | |||
** Signer generates the private key quantum state <math>|P\rangle_1</math>, which is | |||
<div style="text-align: center;"><math>|P\rangle_1 = H^{k_{pri_l}} |\phi\rangle_{s_l, t_l\oplus m_l}</math></div> | |||
** The classical <math>P_l</math> is calculated based on <math>|P\rangle_1</math>. | |||
** The basis set is formed by Signer is: | |||
<div style="text-align: center;"><math> B_{P_l} = Basis(|P\rangle_1) \in \{+,\times \} </math></div> | |||
* For <math>k = 1, 2, ...u w</math>: Different copies of the quantum digital digest state is prepared. | |||
** For <math>l = 1, 2, ...n</math>: | |||
# The quantum digital digest state <math>|F\rangle_l</math> is prepared by Signer, where: | |||
<div style="text-align: center;"><math> |F\rangle_l = |F(t_l||m_l||P_l|| t_l s_l)\rangle_l</math></div> | |||