Write, autoreview, editor, reviewer
3,125
edits
Gottesman and Chuang Quantum Digital Signature: Difference between revisions
Jump to navigation
Jump to search
Gottesman and Chuang Quantum Digital Signature (edit)
Revision as of 12:07, 28 May 2019
, 28 May 2019→Outline
| Line 12: | Line 12: | ||
Gottesman and Chuang signature scheme is based on quantum [https://en.wikipedia.org/wiki/One-way_function one way functions], which take classical bit string as input and give quantum states as output. Quantum Digital Signature (QDS) protocols can be divided into two stages: the distribution stage, where quantum signals (public keys) are sent to all recipients, and the messaging stage, where classical messages are signed, sent and verified. Here, we take the case of three parties, one sender (referred to as seller) and two receivers (buyer and verifier) sharing a one bit message. Distribution phase can be divided into the following steps: | Gottesman and Chuang signature scheme is based on quantum [https://en.wikipedia.org/wiki/One-way_function one way functions], which take classical bit string as input and give quantum states as output. Quantum Digital Signature (QDS) protocols can be divided into two stages: the distribution stage, where quantum signals (public keys) are sent to all recipients, and the messaging stage, where classical messages are signed, sent and verified. Here, we take the case of three parties, one sender (referred to as seller) and two receivers (buyer and verifier) sharing a one bit message. Distribution phase can be divided into the following steps: | ||
*'''Key Generation:''' For each message bit (say 0 and 1) seller selects some (say M) classical bit strings. These are chosen to be her private keys for that message bit. Using this private key as input, seller generates output of the quantum one-way function/map, which she calls her public key and as assumed above, distributes them to each recipient, for each message bit. In the end of this step, each recipient has 2M public keys, M for message bit 0 and M for message bit 1. Following are a few suggestions for the quantum one way functions, by the authors. | *'''Key Generation:''' For each message bit (say 0 and 1) seller selects some (say M) classical bit strings. These are chosen to be her private keys for that message bit. Using this private key as input, seller generates output of the quantum one-way function/map, which she calls her public key and as assumed above, distributes them to each recipient, for each message bit. In the end of this step, each recipient has 2M public keys, M for message bit 0 and M for message bit 1. Following are a few suggestions for the quantum one way functions, by the authors. | ||
'''Quantum One Way Functions:''' The author suggests [[quantum fingerprint states]], [[stabilizer states]] to represent classical strings in terms of quantum states. The number of qubits for the quantum state used to represent each bit in the classical string depends on which of the above methods is used. Another method where each classical bit is represented by one quantum bit, is also suggested. | '''Quantum One Way Functions:''' The author suggests [[quantum fingerprint states]], [[stabilizer states]] to represent classical strings in terms of quantum states. The number of qubits for the quantum state used, to represent each bit in the classical string, depends on which of the above methods is used. Another method where each classical bit is represented by one quantum bit, is also suggested. | ||
* '''Key Distribution:''' The authors suggest a few methods for key distribution. One of them is the assumption of a trusted third party who receives public keys from seller, checks all the keys using [[SWAP Test]] and then if test is passed by each key sent, the trusted party distributes it to the recipients. A second method eliminates the requirement of a trusted third party and instead requires Sender to send two copies of each public key to each recipient, such that, in the end each recipient has 4M keys (2M public keys for each message bit). Both buyer and verifier perform Swap test on their supposedly identical copies of public keys. Then, if passed, Buyer sends one copy of his public key to the verifier, who then performs the SWAP test between the received copy and his copy of public key. | * '''Key Distribution:''' The authors suggest a few methods for key distribution. One of them is the assumption of a trusted third party who receives public keys from seller, checks all the keys using [[SWAP Test]] and then if test is passed by each key sent, the trusted party distributes it to the recipients. A second method eliminates the requirement of a trusted third party and instead requires Sender to send two copies of each public key to each recipient, such that, in the end each recipient has 4M keys (2M public keys for each message bit). Both buyer and verifier perform Swap test on their supposedly identical copies of public keys. Then, if passed, Buyer sends one copy of his public key to the verifier, who then performs the SWAP test between the received copy and his copy of public key. | ||
*'''Messaging:''' Seller sends her message bit with the associated private keys to the buyer. Buyer performs the map on the private key (quantum one way function takes the sent private key as input) and then compares the output thus generated with the public key received in the distribution stage. If the number of unmatched bits are below rejection threshold, the message is declared valid, else invalid. If the number of unmatched bits is below acceptance threshold, it is declared transferable, else not transferable. | *'''Messaging:''' Seller sends her message bit with the associated private keys to the buyer. Buyer performs the map on the private key (quantum one way function takes the sent private key as input) and then compares the output thus generated with the public key received in the distribution stage. If the number of unmatched bits are below rejection threshold, the message is declared valid, else invalid. If the number of unmatched bits is below acceptance threshold, it is declared transferable, else not transferable. | ||