Measurement Device Independent Quantum Digital Signature (MDI-QDS): Difference between revisions

Line 11: Line 11:
Quantum Digital Signature protocols can be separated into two stages: the distribution stage, where quantum public keys are sent to all recipients, and the messaging stage, where classical messages are sent and verified. Here, we take the case of three parties, one sender (referred to as seller) and two receivers (buyer and verifier) sharing a one bit message.<br/>
Quantum Digital Signature protocols can be separated into two stages: the distribution stage, where quantum public keys are sent to all recipients, and the messaging stage, where classical messages are sent and verified. Here, we take the case of three parties, one sender (referred to as seller) and two receivers (buyer and verifier) sharing a one bit message.<br/>
The following protocol consists of only quantum communication in the distribution phase and only classical communication in the messaging phase. It uses the protocol for QDS with insecure channels [[Measurement Device Independent Quantum Digital Signature (MDI-QDS)#References|(1)]] and replaces KGP (Key generation protocol) with Measurement Device Independent KGP (MDI-KGP). Distribution phase can be divided into the following steps:
The following protocol consists of only quantum communication in the distribution phase and only classical communication in the messaging phase. It uses the protocol for QDS with insecure channels [[Measurement Device Independent Quantum Digital Signature (MDI-QDS)#References|(1)]] and replaces KGP (Key generation protocol) with Measurement Device Independent KGP (MDI-KGP). Distribution phase can be divided into the following steps:
*'''Key Distribution:''' Seller uses MDI-KGP twice with buyer and verifier, individually, to generate two different [[Correlation in Qubits|correlated]] keys, each. Both Seller and Receiver have two keys each, one for message bit 0 and one for message bit 1. Sender's signature for a particular message bit is a conjugation of corresponding key for message bit sent to the Buyer and the Verifier.  
*'''Key Distribution:''' Seller uses MDI-KGP twice with buyer and verifier, individually, to generate two different [[Correlation in Qubits|correlated]] keys, each. In the end, buyer and verifier have two keys each , one for message bit 0 and one for message bit 1. Seller's signature for a particular message bit is a conjugation/concatenation of corresponding key for message bit sent to the Buyer and the Verifier.  
*'''MDI-KGP:''' MDI-KGP consists of the following steps  (only quantum communication part) from MDI-QKD protocol in [[Measurement Device Independent Quantum Digital Signature (MDI-QDS)#References|(2)]]:</br>
**'''MDI-KGP:''' MDI-KGP consists of only quantum communication part from MDI-QKD protocol in [[Measurement Device Independent Quantum Digital Signature (MDI-QDS)#References|(2)]. This protocol requires an untrusted third party sitting in the middle of the participating parties, arbitrator. The following steps are performed with seller and each receiver, pairwise for each possible bit (0 and 1). Seller and receiver each, prepare a state in a randomly chosen basis (of the two chosen bases, say rectilinear ([[Glossary#X basis |X]]) and diagonal ([[Glossary#Z basis|Z]]) basis), and send it to the arbitrator. The arbitrator performs [[Glossary#Bell State Measurement|Bell State Measurement]] on the two incoming states. A successful BSM entangles the two states and the outcome of the measurement is one of the four [[Glossary#Bell State|Bell States]], which is declared by the arbitrator over public channel. This process is repeated until sifting condition is met. In '''sifting''', seller and receiver then exchange the preparation basis chosen for each event, which is neglected if the basis is mismatched. If matched then, depending on the basis chosen, data (classical information of their own states/ classical bits) corresponding to each event is classified into two sets. This is repeated unless cardinality of the two sets is above a certain threshold number of elements. The receiver flips his bits (set elements) for each event according to the table shown in [[Measurement Device Independent Quantum Digital Signature (MDI-QDS)#Pseudo Code|Pseudo Code]]. It is done to correlate seller's bits with receiver's bits. This marks the end of Sifting. Finally, one of the sets is used for error correction in MDI-QKD (not the concern of this protocol), while the other set is divided into two parts, one to be used as the code key and the other, to calculate the error rate. If error rate is greater than the tolerance value decided, the protocol is aborted by both parties. The signature/private key of seller for a particular message bit is the concatenation of both buyer and verifier's code keys corresponding to that bit.
The MDI-QKD protocol requires an untrusted third party sitting in the middle of the participating parties, arbitrator. The following steps are performed with Seller and each recipient, pairwise. Seller and recipient each prepare a state in a randomly chosen basis (of the two chosen bases, say rectilinear ([[Glossary#X basis |X]]) and diagonal ([[Glossary#Z basis|Z]]) basis), and send it to the arbitrator. The arbitrator performs [[Glossary#Bell State Measurement|Bell State Measurement]] on the two incoming states. A successful BSM entangles the two states and the outcome of the measurement is one of the four [[Glossary#Bell State|Bell States]], which is declared by the arbitrator over public channel. This process is repeated until sifting condition is met. In '''sifting''', Seller and recipient then exchange the information regarding their basis for each event, which is neglected if their chosen basis is mismatched. If matched then, depending on the basis chosen for preparation, data (classical information of their states/ classical bits) corresponding to each event is classified into two sets. This is repeated unless cardinality of the two sets is above a certain threshold number of elements. The recipient flips his bits (set elements) for each event according to the table shown in [[Measurement Device Independent Quantum Digital Signature (MDI-QDS)#Pseudo Code|Pseudo Code]]. This step is done to finally correlate seller's bits with recipient's bits. This marks the end of Sifting. Finally, one of sets is used for error correction in MDI-QKD (not the concern of this protocol), while the other set is divided into two parts, one to be used as the shared common key and the other, to calculate the error rate. If error rate is greater than the tolerance value decided, the protocol is aborted by both parties.
*'''Symmetrisation:''' Buyer and Verifier exchange half of their MGI-KGP keys. These become the final keys of the recipients. This prevents a dishonest seller succeed in cheating by sending dissimilar public keys to the receiver and makes the protocol secure against repudiation. Thus ends the distribution phase.
*'''Symmetrisation:''' Buyer and Verifier exchange half of their randomly chosen eliminated signature elements. This prevents a dishonest seller succeed in cheating by sending dissimilar public keys to the receiver and makes the protocol secure against repudiation. Thus ends the distribution phase.
Similarly, Messaging Phase is divided into the following steps:
Similarly, Messaging Phase is divided into the following steps:
*'''Signing:''' Sender sends desired message and the corresponding signature to the desired receiver (called buyer). Buyer compares the private key with his eliminated signature for the corresponding message  and counts the number of mismatches (eliminated signature element in seller's private key).
*'''Signing:''' Sender sends desired message and the corresponding signature to the desired receiver (called buyer). Buyer checks for mismatches, first with his half of the key, received directly from Seller and then, with verifier's half shared with him during symmterisation. If there are fewer mismatches than the decided threshold (to check for repudiation, determined by experimental parameters) then buyer accepts the signature.  
*'''Transfer:''' Buyer forwards the same message and private key to the other receiver (called verifier) who compares it with his eliminated signature for this message.
*'''Transfer:''' Buyer forwards the same message and private key to the other receiver (called verifier) who compares it with his key for this message bit in the same way as the buyer, but with a different threshold value (to check for forgery and repudiation).


==Requirements==
==Requirements==
Write, autoreview, editor, reviewer
3,129

edits