Write, autoreview, editor, reviewer
3,125
edits
Arbitrated Quantum Digital Signature: Difference between revisions
Jump to navigation
Jump to search
no edit summary
m (→Outline) |
No edit summary |
||
| Line 9: | Line 9: | ||
* In the signing process, the [[Glossary#Quantum One Way Function|quantum one-way function]] used to create the quantum digest is assumed to take polynomial time to compute and is hard to invert. | * In the signing process, the [[Glossary#Quantum One Way Function|quantum one-way function]] used to create the quantum digest is assumed to take polynomial time to compute and is hard to invert. | ||
* Seller and PKG are assumed to have a pre-shared quantum key (say, using [[Quantum Key Distribution|QKD]]) | * Seller and PKG are assumed to have a pre-shared quantum key (say, using [[Quantum Key Distribution|QKD]]) | ||
* Secure quantum channel between seller and buyer is assumed | |||
==Outline== | ==Outline== | ||
| Line 23: | Line 24: | ||
** The public and the private key are used to perform Hadamard transformation on the state produced in the previous step in order to generate the signature quantum state. | ** The public and the private key are used to perform Hadamard transformation on the state produced in the previous step in order to generate the signature quantum state. | ||
** The Seller then performs some operation using her private key and measures the quantum state. It can be shown the states were one of the BB84 states and hence, can have one of the two possible bases ([[Glossary#Quantum States|X basis, Z basis or + basis,x basis]]) and four possible states. She records the basis and classical bit representing the state obtained. | ** The Seller then performs some operation using her private key and measures the quantum state. It can be shown the states were one of the BB84 states and hence, can have one of the two possible bases ([[Glossary#Quantum States|X basis, Z basis or + basis,x basis]]) and four possible states. She records the basis and classical bit representing the state obtained. | ||
**Seller then concatenates these classical bits, the two random string bits, and a timestamp unique to the signature. The concatenated classical string is used as the input of publicly chosen QOWF, to get the output called 'quantum digest'. She produces some copies of quantum digest | **Seller then concatenates these classical bits, the two random string bits, and a timestamp unique to the signature. The concatenated classical string is used as the input of publicly chosen QOWF, to get the output called 'quantum digest'. She produces some copies of quantum digest for each recipient (buyer). | ||
**Seller then encrypts the timestamp and quantum output of QOWF with pre-shared common key via quantum vernam cipher. PKG unpads these and publicly announces for buyer's verification step. | **Seller then encrypts the timestamp and quantum output of QOWF with pre-shared common key via quantum vernam cipher. PKG unpads these and publicly announces for buyer's verification step. | ||
** Sellers sends the signature to the buyer which includes the signature quantum state, message, timestamp and basis states. | ** Sellers sends the signature to the buyer which includes the signature quantum state, message, timestamp and basis states. | ||
* '''Verification''': In this method, | * '''Verification''': In this method, buyer checks the authenticity of the signature (whether the message has come from a genuine seller). | ||
** The | ** The buyer performs some quantum gates on the signature quantum state, using seller's public key and message. He measures the resulting quantum state, using basis states for each qubit sent in the signature. The result thus, obtained is represnted by a classical string, in the same way as done by seller. | ||
** | **The result should reveal the random string used by seller and hence, buyer can also generate the same number of copies of the quantum digest using the publicly known QOWF. | ||
**Buyer, thus, compares his outputs of QOWF with the ones sent by the seller using [[quantum SWAP Test]]. If the number of matches is greater than the accepted/decided threshold value, the signature is accepted else it is rejected. | |||
** | |||
==Notation== | ==Notation== | ||
| Line 71: | Line 70: | ||
==Hardware Requirements== | ==Hardware Requirements== | ||
*'''Network Stage''':[[:Category:Quantum Memory Network Stage|Prepare and Measure]][[Category:Quantum Memory Network Stage]] | |||
*The total number of qubits used in this protocol is equal to the total number of qubits in the message. | *The total number of qubits used in this protocol is equal to the total number of qubits in the message. | ||
* Secure quantum channel between | * Secure quantum channel between seller and buyer | ||
==Properties== | ==Properties== | ||
* This protocol cannot be broken even if the adversary had unlimited computing power. | * This protocol cannot be broken even if the adversary had unlimited computing power. | ||
* In this protocol, it is proven that no adversary can break the secrecy of the | * In this protocol, it is proven that no adversary can break the secrecy of the seller's signature private key. | ||
* The quantum digital signature | * The quantum digital signature produced in this protocol is impossible to repudiate and cannot be forged in any condition. | ||
* In the protocol the public and the private key belong to the classical bits, only the signature cipher has quantum nature. | * In the protocol the public and the private key belong to the classical bits, only the signature cipher has quantum nature. | ||
* No Certificate Authority is required to manage digital public-key certificate of | * No Certificate Authority is required to manage digital public-key certificate of sellers. | ||
* If <math>|F\rangle = |F\rangle'</math>, the measuring result <math>|0\rangle</math> occurs with probability 1, otherwise it occurs with probability <math>\frac{1+\delta^2}{2}</math>. Hence, when repeated for <math>w</math> times, the probability of equality is at least 1-<math>(\frac{1+\delta^2}{2})^w</math>. | * If <math>|F\rangle = |F\rangle'</math>, the measuring result <math>|0\rangle</math> occurs with probability 1, otherwise it occurs with probability <math>\frac{1+\delta^2}{2}</math>. Hence, when repeated for <math>w</math> times, the probability of equality is at least 1-<math>(\frac{1+\delta^2}{2})^w</math>. | ||
| Line 90: | Line 86: | ||
'''Output''': Signer receives <math>k_{pri}</math> from the PKG. | '''Output''': Signer receives <math>k_{pri}</math> from the PKG. | ||
* <math>k_{pub}</math> is generated on the basis of | * <math>k_{pub}</math> is generated on the basis of Seller's public identity information like email or person ID-card. | ||
* PKG aquires <math>k_{pub}</math> through open channels. | * PKG aquires <math>k_{pub}</math> through open channels. | ||
* PKG selects <math>G</math> randomly as its master key. | * PKG selects <math>G</math> randomly as its master key. | ||
| Line 148: | Line 144: | ||
==Further Information== | ==Further Information== | ||
Like most other classical digital signature schemes which provide unconditional security, this scheme also requires a trusted arbitrator who distributes public key to the recipients. | Like most other classical digital signature schemes which provide unconditional security, this scheme also requires a trusted arbitrator who distributes public key to the recipients. This protocol was preceded by a few other protocols which use an arbitrator to establish quantum digital signatures, which used entangled states. | ||
==References== | ==References== | ||
#[https://arxiv.org/abs/quant-ph/0003059 BR (2000)] | #[https://arxiv.org/abs/quant-ph/0003059 BR (2000)] | ||
#[https://www.sciencedirect.com/science/article/pii/S0378437106010119 Zhou et al. (2006)] | #[https://www.sciencedirect.com/science/article/pii/S0378437106010119 Zhou et al. (2006)] | ||
<div style='text-align: right;'>''*contributed by Rhea Parekh''</div> | <div style='text-align: right;'>''*contributed by Rhea Parekh''</div> | ||