Prepare and Measure Quantum Digital Signature: Difference between revisions

Line 27: Line 27:
*The protocol assumes authenticated classical channels between all parties.
*The protocol assumes authenticated classical channels between all parties.
*The protocol provides security against repudiation, i.e. the probability that seller succeeds in making buyer and seller disagree on the validity of her sent quantum signature decays exponentially with L, as stated by the formula <math>P(rep)\le e^{-(s_v-s_a)^2L}</math>.
*The protocol provides security against repudiation, i.e. the probability that seller succeeds in making buyer and seller disagree on the validity of her sent quantum signature decays exponentially with L, as stated by the formula <math>P(rep)\le e^{-(s_v-s_a)^2L}</math>.
*The protocol provides security against forgery, i.e. any recipient (verifier) with high probability rejects any message which was not originally sent by the seller herself. Forging probability is given by the formula, P(forge)<math>\le e^{-(c_{min}-2s_v)^2L}</math>, where <math>c_{min}</math> is the minimum possible rate at which buyer declares a single signature element which has been eliminated by the verifier.
*The protocol provides security against forgery, i.e. any recipient (verifier) with high probability rejects any message which was not originally sent by the seller herself. Forging probability is given by the formula, <math>P(forge)\le e^{-(c_{min}-2s_v)^2L}</math>, where <math>c_{min}</math> is the minimum possible rate at which buyer declares a single signature element which has been eliminated by the verifier.


== Pseudo Code ==  
== Pseudo Code ==  
Write, autoreview, editor, reviewer
3,129

edits