Write, autoreview, editor, reviewer
3,129
edits
Gottesman and Chuang Quantum Digital Signature: Difference between revisions
Jump to navigation
Jump to search
Gottesman and Chuang Quantum Digital Signature (edit)
Revision as of 09:19, 28 May 2019
, 28 May 2019→Properties
| Line 21: | Line 21: | ||
* Unlike some classical information-theoretic (unconditional security) schemes which require secure anonymous broadcast channel or noisy channel, which are hard to achieve resources, the quantum scheme provides information-theoretic security by only demanding plausible quantum channels and modest interaction between parties involved. | * Unlike some classical information-theoretic (unconditional security) schemes which require secure anonymous broadcast channel or noisy channel, which are hard to achieve resources, the quantum scheme provides information-theoretic security by only demanding plausible quantum channels and modest interaction between parties involved. | ||
* The scheme is secure against forgery if <math>(1-\delta^2)(M-G)>c_2M</math>, where <math>\delta</math> depends on public keys and hence, on quantum one way functions; M is the number of private keys chosen for each message bit; <math>G=2^{-(L-Tn)}2M</math>, and c_2 is the threshold for rejection. | * The scheme is secure against forgery if <math>(1-\delta^2)(M-G)>c_2M</math>, where <math>\delta</math> depends on public keys and hence, on quantum one way functions; M is the number of private keys chosen for each message bit; <math>G=2^{-(L-Tn)}2M</math>, and c_2 is the threshold for rejection. | ||
* The Sender can successfully repudiate by probability <math>\sim O(d^{-M})</math>, for some <math>d>1</math> | * The Sender can successfully repudiate by probability <math>p_{cheat}\sim O(d^{-M})</math>, for some <math>d>1</math> | ||
== Requirements == | == Requirements == | ||