Quantum Money: Difference between revisions

Latest revision as of 18:56, 21 December 2020

Functionality DescriptionEdit

Quantum Money is a quantum cryptographic scheme that was first introduced by Wiesner [Wie83] in 1983. Informally, the quantum money object is a unique (e.g. has a public classical serial number) and unforgeable (e.g. unclonable) physical object that is created by a third party called Mint (that could be trusted or not trusted). Then, it is circulated among potentially untrusted parties, Holder, who might attempt to forge it for double spending. However a Merchant, upon receiving it, should be able to verify the money has not been forged and originated from Mint. There are various verification schemes based on different types of communication and types of key encryption used by Mint (see Protocols).

ProtocolsEdit

Private Key with Quantum VerificationEdit

Mint generates the quantum money and hands it to Holder. Bank shares a secret classical key with Mint for all distributed money. For verification, Merchant sends the quantum money to Bank through a quantum channel. Bank performs local quantum measurements, dictated by the secret classical key, and accepts or rejects the money conditioned on the measurement outcomes.

Private Key with Classical VerificationEdit

Mint generates the quantum money and hands it to Holder. Bank shares a secret classical key with Mint for all distributed money. For verification, Merchant performs local quantum operations on the money and sends classical data to Bank who accepts or rejects based on the secret key they hold.

Public Key with Quantum VerificationEdit

Mint generates the quantum money and hands it to Holder. All Holder and Merchant parties can verify the authenticity of the money themselves with the help of a public key.

PropertiesEdit

A QMoney scheme is correct if an original quantum money issued by Mint is accepted by Bank with unit probability.
A QMoney scheme is information-theoretically (resp. computationally) secure if no adversarial holder with unlimited (resp. computational) power can pass verification with different Merchants or Banks at the same time with high probability.
A QMoney is reusable if an honest Holder can pass verification with different Merchants or Banks at different times.

Use-casesEdit

Knowledge GraphEdit

Further InformationEdit

*contributed by Mahshid Delavar and Mathieu Bozzio

@@ Line 2: / Line 2: @@
-Quantum Money is a quantum cryptographic scheme that was first introduced by Wiesner [Wie83] in 1983. Informally, a quantum coin is a unique object that is created by a Trusted Third Party (TTP). Then, it is circulated among untrusted clients (Transferability property). Each client should be able to verify it and confirm that it is authentic if it has been circulated according to the prescribed rules. On the other hand, an adversary must fail in counterfeiting it with overwhelmingly high probability (Unforgeability property).
+Quantum Money is a quantum cryptographic scheme that was first introduced by Wiesner [Wie83] in 1983. Informally, the quantum money object is a unique (e.g. has a public classical serial number) and unforgeable (e.g. unclonable) physical object that is created by a third party called Mint (that could be trusted or not trusted). Then, it is circulated among potentially untrusted parties, Holder, who might attempt to forge it for double spending. However a Merchant, upon receiving it, should be able to verify the money has not been forged and originated from Mint. There are various verification schemes based on different types of communication and types of key encryption used by Mint (see Protocols).
-The quantum money schemes can be classified in two categories: Public Quantum Money and Private Quantum Money.
-== Outline ==
+== Protocols ==
-Assume a TTP (eg. a bank), a verifier (eg. a merchant) and a prover (eg. a client) are involved in a quantum money scheme. Also, assume there is only one circulating quantum coin. They follow the following procedure:</br>
+=== Private Key with Quantum Verification ===
-* '''Preparation''': TTP prepares n qubits for each quantum coin with a serial number S. It stores the classical information about the qubits corresponding to S in a database and handover the quantum coin to a prover.
-* '''Interaction''': In this step, the prover wants to transfer the quantum coin to a verifier. So, the authenticity of the quantum coin shall be verified by the verifier. To this end, the verifier sends a challenge to the prover and gets the serial number $SN$ of the quantum coin and the prepared qubits for it.
-* '''Transaction''': The verifier accepts the coin if the received qubits corresponds to the stored information in the database regarding the serial number and classical information of the quantum coin. If the verifier can do the verification process by his own, the quantum money scheme is called public quantum money. Otherwise, if he needs to communicate with the TTP to verify the quantum coin, the scheme is called private quantum money.
-<div style='text-align: right;'>''*contributed by Mashid Delavar''</div>
+Mint generates the quantum money and hands it to Holder. Bank shares a secret classical key with Mint for all distributed money.  For verification, Merchant sends the quantum money to Bank through a quantum channel. Bank performs local quantum measurements, dictated by the secret classical key, and accepts or rejects the money conditioned on the measurement outcomes.
+*[[Wiesner Quantum Money]]: [[:Category: Quantum Memory Network Stage|Quantum Memory Network Stage]]
+*[[Quantum Cheque]]
+=== Private Key with Classical Verification ===
+Mint generates the quantum money and hands it to Holder. Bank shares a secret classical key with Mint for all distributed money. For verification, Merchant performs local quantum operations on the money and sends classical data to Bank who accepts or rejects based on the secret key they hold.
+*[[Quantum Coin]]: [[:Category: Quantum Memory Network Stage|Quantum Memory Network Stage]]
+*[[Quantum Token]]: [[:Category: Quantum Memory Network Stage|Quantum Memory Network Stage]]
+=== Public Key with Quantum Verification ===
+Mint generates the quantum money and hands it to Holder. All Holder and Merchant parties can verify the authenticity of the money themselves with the help of a public key.
+== Properties ==
+*A QMoney scheme is '''correct''' if an original quantum money issued by Mint is accepted by Bank with unit probability.
+*A QMoney scheme is information-theoretically (resp. computationally) '''secure''' if no adversarial holder with unlimited (resp. computational) power can pass verification with different Merchants or Banks at the same time with high probability.
+* A QMoney is '''reusable''' if an honest Holder can pass verification with different Merchants or Banks at different times.
+==Use-cases==
+* [[Cross-platform finance]]
+* [[Toward regulation for security and privacy]]
+==Knowledge Graph==
+{{graph}}
+== Further Information ==
+<div style='text-align: right;'>''*contributed by Mahshid Delavar and Mathieu Bozzio''</div>