Measurement Device Independent Quantum Digital Signature (MDI-QDS): Difference between revisions

Measurement Device Independent Quantum Digital Signatures (MDI-DS) achieves the functionality of QDS by allowing exchange of messages using the procedure studied in Prepare and Send QDS but without trusting one's measurement devices, thus making the protocol device independent. It uses the security proof of MDI-QKD to the QDS scheme for insecure channels. The example protocol involves three parties and is designed for signing one bit and the authors suggest that longer messages can be signed by iterating the same process. All three conditions that define QDS i.e. non-repudiation, transferability and unforgeability are implied by the protocol.

Tags: Multi Party (three), Digital Signature, Quantum Enhanced Classical Functionality, Specific Task, Quantum Digital Signature (QDS), Prepare and Send QDS, QKD

Assumptions

• There exists authenticated classical channels between Sender and Receiver and Sender and Verifier.
• Receiver and Verifier share a MDI-QKD link, used to transmit classical messages in full secrecy

Outline

Quantum Digital Signature protocols can be separated into two stages: the distribution stage, where quantum public keys are sent to all recipients, and the messaging stage, where classical messages are sent and verified. Here, we take the case of three parties, one sender (referred to as seller) and two receivers (buyer and verifier) sharing a one bit message.\newline The following protocol consists of only quantum communication in the distribution phase and only classical communication in the messaging phase. It uses the protocol for QDS with insecure channels and replaces KGP (Key generation protocol) with Measurement Device Independent KGP (MDI-KGP). Distribution phase can be divided into the following steps:

• Key Distribution: Seller uses MDI-KGP twice with Buyer and Verfier, each, to generate four different correlated(?) keys. Both Seller and Receiver have two keys each, one for message bit 0 and one for message bit 1. Sender's signature for a particular message bit is a conjugation of corresponding key for message bit sent to the Buyer and the Verifier.
• MDI-KGP: MDI-KGP is based on MDI-QKD but consists of fewer steps (only quantum communication) and can be divided into the following steps:
  • State Preparation:
  • Measurement:
  • Sifting:
• Symmetrisation: Buyer and Verifier exchange half of their randomly chosen eliminated signature elements. This prevents a dishonest seller succeed in cheating by sending dissimilar public keys to the receiver and makes the protocol secure against repudiation. Thus ends the distribution phase.\end{itemize}

Similarly, Messaging Phase is divided into the following steps:

• Signing: Sender sends desired message and the corresponding signature to the desired receiver (called buyer). Buyer compares the private key with his eliminated signature for the corresponding message and counts the number of mismatches (eliminated signature element in seller's private key).
• Transfer: Buyer forwards the same message and private key to the other receiver (called verifier) who compares it with his eliminated signature for this message.

Hardware Requirements

Properties

• The strings generated by Sender and Receiver are free from detector side channel attacks as one does not trust measurement devices.
• Implementation of long distance MDI-QKD (see Further Information in MDI-QKD) employs establishes long distance QDS protocol without side channel attacks
• It is valid against repudiation and forging attacks

Pseudocode

Further Information