Measurement Device Independent Quantum Digital Signature (MDI-QDS): Difference between revisions

*'''Key Distribution:''' Seller uses MDI-KGP twice with buyer and verifier, individually, to generate two different [[Correlation in Qubits|correlated]] keys, each. In the end, buyer and verifier have two keys each , one for message bit 0 and one for message bit 1. Seller's signature for a particular message bit is a conjugation/concatenation of corresponding key for message bit sent to the Buyer and the Verifier.  

**'''MDI-KGP:''' MDI-KGP consists of only quantum communication part from MDI-QKD protocol in [[Measurement Device Independent Quantum Digital Signature (MDI-QDS)#References|(2)]. This protocol requires an untrusted third party sitting in the middle of the participating parties, arbitrator. The following steps are performed with seller and each receiver, pairwise for each possible bit (0 and 1). Seller and receiver each, prepare a state in a randomly chosen basis (of the two chosen bases, say rectilinear ([[Glossary#X basis |X]]) and diagonal ([[Glossary#Z basis|Z]]) basis), and send it to the arbitrator. The arbitrator performs [[Glossary#Bell State Measurement|Bell State Measurement]] on the two incoming states. A successful BSM entangles the two states and the outcome of the measurement is one of the four [[Glossary#Bell State|Bell States]], which is declared by the arbitrator over public channel. This process is repeated until sifting condition is met. In '''sifting''', seller and receiver then exchange the preparation basis chosen for each event, which is neglected if the basis is mismatched. If matched then, depending on the basis chosen, data (classical information of their own states/ classical bits) corresponding to each event is classified into two sets. This is repeated unless cardinality of the two sets is above a certain threshold number of elements. The receiver flips his bits (set elements) for each event according to the table shown in [[Measurement Device Independent Quantum Digital Signature (MDI-QDS)#Pseudo Code|Pseudo Code]]. It is done to correlate seller's bits with receiver's bits. This marks the end of Sifting. Finally, one of the sets is used for error correction in MDI-QKD (not the concern of this protocol), while the other set is divided into two parts, one to be used as the code key and the other, to calculate the error rate. If error rate is greater than the tolerance value decided, the protocol is aborted by both parties. The signature/private key of seller for a particular message bit is the concatenation of both buyer and verifier's code keys corresponding to that bit.

*'''Symmetrisation:''' Buyer and Verifier exchange half of their MGI-KGP keys. These become the final keys of the recipients. This prevents a dishonest seller succeed in cheating by sending dissimilar public keys to the receiver and makes the protocol secure against repudiation. Thus ends the distribution phase.

*'''Signing:''' Sender sends desired message and the corresponding signature to the desired receiver (called buyer). Buyer checks for mismatches, first with his half of the key, received directly from Seller and then, with verifier's half shared with him during symmterisation. If there are fewer mismatches than the decided threshold (to check for repudiation, determined by experimental parameters) then buyer accepts the signature.  

*'''Transfer:''' Buyer forwards the same message and private key to the other receiver (called verifier) who compares it with his key for this message bit in the same way as the buyer, but with a different threshold value (to check for forgery and repudiation).