Editing Quantum Cheque
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
[https://link.springer.com/article/10.1007/s11128-016-1273-4 Quantum Cheque] is a private-key quantum money scheme that allows trusted banks to issue perfectly secure and verifiable quantum cheque books to account holders and also enables them to undertake monetary transactions with other parties. The quantum cheque is secure against [[non-signalling]] adversaries and cannot be counterfeited. | [https://link.springer.com/article/10.1007/s11128-016-1273-4 Quantum Cheque] is a private-key quantum money scheme that allows trusted banks to issue perfectly secure and verifiable quantum cheque books to account holders and also enables them to undertake monetary transactions with other parties. The quantum cheque is secure against [[non-signalling]] adversaries and cannot be counterfeited. | ||
'''Tags:''' Private-Key Quantum Money, Digital Signature | '''Tags:''' Private-Key Quantum Money, [[Quantum Digital Signature]], [[Quantum Key Distribution]], Quantum One-Way Function. | ||
== Assumptions == | == Assumptions == | ||
* The protocol assumes the account holder and the bank, to be honest. The bank is a trusted party, however, the branches may or may not be trusted. | * The protocol assumes the account holder and the bank, to be honest. The bank is a trusted party, however, the branches may or may not be trusted. | ||
* This protocol assumes perfect state preparations, transmissions, and measurements. | * This protocol assumes perfect state preparations, transmissions, and measurements. | ||
* The protocol takes the assumption that the Digital Signature and the Quantum key distribution schemes are unconditionally secure. | * The protocol takes the assumption that the Quantum Digital Signature and the Quantum key distribution schemes are unconditionally secure. | ||
* The digital signature scheme | * The digital signature scheme must satisfy the following security conditions of unforgeability and non-repudiation | ||
==Outline== | ==Outline== | ||
Line 17: | Line 17: | ||
* '''Gen''' | * '''Gen''' | ||
** In this stage, the bank first creates a cheque book and a key for the account holder. | ** In this stage, the bank first creates a cheque book and a key for the account holder. | ||
** Then, the bank and the account holder create a shared key using [[Quantum Key Distribution]]. Both parties agree upon | ** Then, the bank and the account holder create a shared key using [[Quantum Key Distribution]]. Both parties agree upon the [[Quantum Digital Signature]]. The account holder stores his private key safely with himself and shares the public key with the bank. | ||
** The bank then prepares <math>n</math> GHZ triplet states (link to page) and stores only the third entangled qubit of every GHZ in the database, while handing over the first two qubits of every GHZ state to the account holder. Along with this, the bank also creates and shares a corresponding unique serial number for this cheque. | ** The bank then prepares <math>n</math> GHZ triplet states (link to page) and stores only the third entangled qubit of every GHZ in the database, while handing over the first two qubits of every GHZ state to the account holder. Along with this, the bank also creates and shares a corresponding unique serial number for this cheque. | ||
** Finally, the account holder has stored his identity, shared key, private key, public key, serial number and first two entangled qubits of every GHZ triplet state whereas the bank has stored each account holder's identity, shared key, public key, serial number and third entangled qubit of every GHZ triplet states in its database.<br></br> | ** Finally, the account holder has stored his identity, shared key, private key, public key, serial number and first two entangled qubits of every GHZ triplet state whereas the bank has stored each account holder's identity, shared key, public key, serial number and third entangled qubit of every GHZ triplet states in its database.<br></br> | ||
Line 35: | Line 35: | ||
* Secure quantum channel to connect the branches of the bank to the main branch. | * Secure quantum channel to connect the branches of the bank to the main branch. | ||
* Secure quantum channel to connect the bank to the account holder and to connect any other third party to the bank. | * Secure quantum channel to connect the bank to the account holder and to connect any other third party to the bank. | ||
* This protocol required quantum memory to store | * This protocol required quantum memory to store issuer's quantum state of the cheque if the protocol is not running in real time. | ||
* Private database for both account holder and bank. | * Private database for both account holder and bank. | ||
* Measurement devices for the account holder and the main branch of the bank. | * Measurement devices for the account holder and the main branch of the bank. | ||
Line 46: | Line 46: | ||
* In the signing process, the quantum one-way function used to create the cheque for the account holder is assumed to take polynomial time to compute and is hard to invert. | * In the signing process, the quantum one-way function used to create the cheque for the account holder is assumed to take polynomial time to compute and is hard to invert. | ||
* In the verification process, the bank sets a thresholding security parameter <math>\kappa</math>. The swap test is passed if <math>\{ \langle\psi^{(i)}|\psi^{,(i)}\rangle \geq \kappa\}_{i=1:l}</math> | * In the verification process, the bank sets a thresholding security parameter <math>\kappa</math>. The swap test is passed if <math>\{ \langle\psi^{(i)}|\psi^{,(i)}\rangle \geq \kappa\}_{i=1:l}</math> | ||
* No quantum memory would be required for the account holder to store the quantum check if the transaction is occurring in real | * No quantum memory would be required for the account holder to store the quantum check if the transaction is occurring in real time. | ||
* This protocol can be realized, efficiently, with few qubit systems, without compromising on the security | * This protocol can be realized, efficiently, with few qubit systems, without compromising on the security | ||
* Security: This protocol is impossible to counterfeit and non-repudiation by signatory is impossible here. | * Security: This protocol is impossible to counterfeit and non-repudiation by signatory is impossible here. | ||
Line 52: | Line 52: | ||
==Notation== | ==Notation== | ||
* <math>k</math>: Shared key between account holder and bank where <math>k \in \{0,1\}^L</math>. | * <math>k</math>: Shared key between account holder and bank where <math>k \in \{0,1\}^L</math>. | ||
* <math>\Pi</math>: | * <math>\Pi</math>: Digital signature scheme, where <math>\Pi=(Gen, Sign, Vrfy)</math>. | ||
* <math>id</math>: Account holder's identity. | * <math>id</math>: Account holder's identity. | ||
* <math>pk</math>: Account holder's public key. | * <math>pk</math>: Account holder's public key. | ||
* <math>sk</math>: Account holder's private key. | * <math>sk</math>: Account holder's private key. | ||
* <math>s</math>: Unique serial number where <math>s \in \{0,1\}^{l(n)}</math>. | * <math>s</math>: Unique serial number where <math>s \in \{0,1\}^{l(n)}</math>. | ||
* <math>{|\phi^{(i)}\rangle_ | * <math>{|\phi^{(i)}\rangle_{GHZ}}</math>: <math>n</math> GHZ triplet states where, | ||
<div style="text-align: center;"><math>|\phi^{(i)}\rangle_ | <div style="text-align: center;"><math>|\phi^{(i)}\rangle_{GHZ} = \frac{1}{\sqrt{2}}(|0^{(i)}\rangle_{A_1}|0^{(i)}\rangle_{A_2}|0^{(i)}\rangle_{B} + |1^{(i)}\rangle_{A_1}|1^{(i)}\rangle_{A_2}|1^{(i)}\rangle_{B})</math></div> | ||
* <math>{\ | * <math>{|\phi^{(i)}\rangle_{A_1}}</math>: First entangled qubit from every GHZ triplet state which is given to account holder. | ||
* <math>{\ | * <math>{|\phi^{(i)}\rangle_{A_2}}</math>: Second entangled qubit from every GHZ triplet state which is given to account holder. | ||
* <math>{\ | * <math>{|\phi^{(i)}\rangle_{B}}</math>: First entangled qubit from every GHZ triplet state which stays with bank. | ||
* <math>r</math>: Generated random number where <math>r \in \{0,1\}^L</math>. | * <math>r</math>: Generated random number where <math>r \in \{0,1\}^L</math>. | ||
* <math>M</math>: Amount of money account holder signs on the cheque. | * <math>M</math>: Amount of money account holder signs on the cheque. | ||
Line 73: | Line 73: | ||
* <math>\chi</math>: Quantum cheque where, | * <math>\chi</math>: Quantum cheque where, | ||
<div style="text-align: center;"><math> | <div style="text-align: center;"><math> | ||
\chi = (id, s, r, \sigma, M, \{{\ | \chi = (id, s, r, \sigma, M, \{{|\phi^{(i)}\rangle_{A_1}}\}_{i=1:n}) | ||
</math></div> | </math></div> | ||
* <math>\kappa</math>: Threshold constant set as a security parameter by the bank in the swap test. | * <math>\kappa</math>: Threshold constant set as a security parameter by the bank in the swap test. | ||
Line 81: | Line 81: | ||
'''Stage 1''': Gen</br> | '''Stage 1''': Gen</br> | ||
'''Output''': Account holder now holds <math>(id, pk, sk, k, s, \{\ | '''Output''': Account holder now holds <math>(id, pk, sk, k, s, \{|\phi^{(i)}\rangle_{A_1}|\phi^{(i)}\rangle_{A_2}\}_{i=1:n})</math> and Bank now holds <math>(id, pk, k, s, {\|\phi^{(i)}\rangle_{B}\}_{i=1:n})}</math> in their private databases. | ||
* Account holder and Bank create <math>k</math>. | * Account holder and Bank create <math>k</math>. | ||
Line 89: | Line 89: | ||
* For <math>i = 1, 2, ...n</math>: | * For <math>i = 1, 2, ...n</math>: | ||
** Bank generates GHZ triple state <math>|\phi^{(i)}\rangle_{GHZ}</math> | ** Bank generates GHZ triple state <math>|\phi^{(i)}\rangle_{GHZ}</math> | ||
** Bank stores <math>\ | ** Bank stores <math>|\phi^{(i)}\rangle_{B}</math> in their private database. | ||
** Bank gives <math>\ | ** Bank gives <math>|\phi^{(i)}\rangle_{A_1}|\phi^{(i)}\rangle_{A_2}</math> to account holder. | ||
* Bank prepares <math>s</math> and shares it with the account holder. | * Bank prepares <math>s</math> and shares it with the account holder. | ||
* For <math>i = 1, 2, ...n</math>: | * For <math>i = 1, 2, ...n</math>: | ||
** Account holder stores <math>\ | ** Account holder stores <math>|\phi^{(i)}\rangle_{A_1}|\phi^{(i)}\rangle_{A_2}</math> privately. | ||
* Account holder now holds <math>(id, pk, sk, k, s, \{\ | * Account holder now holds <math>(id, pk, sk, k, s, \{|\phi^{(i)}\rangle_{A_1}|\phi^{(i)}\rangle_{A_2}\}_{i=1:n})</math> | ||
* Bank now holds <math>(id, pk, k, s, | * Bank now holds <math>(id, pk, k, s, {|\phi^{(i)}\rangle_{B}\}_{i=1:n})}</math> | ||
Line 104: | Line 104: | ||
* For <math>i = 1, 2, ...n</math>: | * For <math>i = 1, 2, ...n</math>: | ||
** Account holder prepares <math>|\psi^{(i)}\rangle = f(k \mid\mid id\mid\mid r\mid\mid M\mid\mid i)</math>. | ** Account holder prepares <math>|\psi^{(i)}\rangle = f(k \mid\mid id\mid\mid r\mid\mid M\mid\mid i)</math>. | ||
** Account holder encodes <math>|\psi^{(i)}\rangle</math> with <math>|\phi^{(i)}\rangle_{GHZ}</math> by combining <math>|\psi^{(i)}\rangle</math> with <math>\ | ** Account holder encodes <math>|\psi^{(i)}\rangle</math> with <math>|\phi^{(i)}\rangle_{GHZ}</math> by combining <math>|\psi^{(i)}\rangle</math> with <math>|\phi^{(i)}\rangle_{A_1}</math> and performing a bell measurement on the two. | ||
<div style="text-align: center;"><math> | <div style="text-align: center;"><math> | ||
|\phi^{(i)}\rangle = |\psi^{(i)}\rangle \otimes |\phi^{(i)}\rangle_{GHZ} | |\phi^{(i)}\rangle = |\psi^{(i)}\rangle \otimes |\phi^{(i)}\rangle_{GHZ} | ||
</math></div> | </math></div> | ||
** Based on the measurement, account holder performs the suitable error correction, by applying the corresponding Pauli matrix, on <math>\ | ** Based on the measurement, account holder performs the suitable error correction, by applying the corresponding Pauli matrix, on <math>|\phi^{(i)}\rangle_{A_1}</math>: | ||
<div style="text-align: center;"><math> | <div style="text-align: center;"><math> | ||
|\Phi^{(+)}\rangle \xrightarrow{} I, | |\Phi^{(+)}\rangle \xrightarrow{} I, | ||
Line 127: | Line 127: | ||
** else: | ** else: | ||
*** Bank continues the verification process. | *** Bank continues the verification process. | ||
* Main branch of the bank performs the measurement in Hadamard basis on its copy of <math>\ | * Main branch of the bank performs the measurement in Hadamard basis on its copy of <math>|\phi^{(i)}\rangle_{B}</math> and obtains outcome <math>|+\rangle</math> or <math>|-\rangle</math>. | ||
* Main branch communicates this result with the local branch. | * Main branch communicates this result with the local branch. | ||
* For <math>i = 1, 2, ...n</math>: | * For <math>i = 1, 2, ...n</math>: | ||
** Based on outcome, branch performs the corresponding Pauli matrix operation on <math>\ | ** Based on outcome, branch performs the corresponding Pauli matrix operation on <math>|\phi^{(i)}\rangle_{A_2}</math> to recover <math>|\Psi^{(i)}\rangle</math> : <math>|+\rangle \xrightarrow{} I, |-\rangle \xrightarrow{} \sigma_z</math> | ||
* For <math>i = 1, 2, ...n</math>: | * For <math>i = 1, 2, ...n</math>: | ||
** Bank computes <math>|\Psi^{,(i)}\rangle </math>, where, | ** Bank computes <math>|\Psi^{,(i)}\rangle </math>, where, |