Prepare and Measure Quantum Digital Signature: Difference between revisions

Line 26: Line 26:
*The protocol assumes authenticated quantum channels between all seller-receiver pairs.
*The protocol assumes authenticated quantum channels between all seller-receiver pairs.
*The protocol assumes authenticated classical channels between all parties.
*The protocol assumes authenticated classical channels between all parties.
*The protocol provides security against repudiation, i.e. the probability that seller succeeds in making buyer and seller disagree on the validity of her sent quantum signature decays exponentially with L, as stated by the formula P(rep)≤ e−(sv−sa)2L.
*The protocol provides security against repudiation, i.e. the probability that seller succeeds in making buyer and seller disagree on the validity of her sent quantum signature decays exponentially with L, as stated by the formula P(rep)<math>\le e^{-(s_v-s_a)^2L}</math>.
*The protocol provides security against forgery, i.e. any recipient (verifier) with high probability rejects any message which was not originally sent by the seller herself. Forging probability is given by the formula, P(forge)≤ e−(cmin−2sv)2L, where cmin is the minimum possible rate at which buyer declares a single signature element which has been eliminated by the verifier.
*The protocol provides security against forgery, i.e. any recipient (verifier) with high probability rejects any message which was not originally sent by the seller herself. Forging probability is given by the formula, P(forge)<math>\le e^{-(c_{min}-2s_v)^2L}</math>, where <math>c_{min}</math> is the minimum possible rate at which buyer declares a single signature element which has been eliminated by the verifier.


== Pseudo Code ==  
== Pseudo Code ==  
Write, autoreview, editor, reviewer
3,129

edits