Quantum Digital Signature: Difference between revisions

Unlike classical digital signature schemes which generalize a two party model, QDS protocols always study a three party model as transferability is not inherent and has to be proved in the quantum case. Given this situation, usually, the third party acts as the judge (a verififer) who would gain nothing out of cheating, and hence, cheating strategy is only studied for seller (repudiation) and buyer (forgery). Quantum digital signatures provide unconditional security, not relying on any computational assumption which is its basic advantage over the classical schemes. However, over time classical unconditionally secure digital signature schemes have been realized. These classical protocols take extra some assumptions like trusted omnipotent (one who distributes everyone signatures) or authenticated message broadcast. QDS does not require any such assumption. Yet, the low key rate could render QDS impractical over classical digital signature schemes. At the same time, there exist post quantum secure Digital signature schemes based on hash-key cryptography which cannot be broken by quantum computers.  Still, if someone requires a lifetime security without the above mentioned assumptions, QDS is the answer. Areas to improve QDS could be addressing the key rate and scalability of key length with length of message.