Quantum Digital Signature
Functionality
Digital Signatures (DS) allow for the exchange of single or multiple bit classical messages from sender to multiple recipients, with a guarantee that the signature has come from a genuine sender and the properties of transferability, non-repudiation and unforgeability (see Properties). It ensures that once signed a classical message with a quantum digital signature (QDS) the sender (seller) cannot deny at a later stage having signed the message, a recipient (buyer) cannot fake or alter the QDS and another sender (verifier) can use the above two properties to verify if the sent message is signed by the genuine sender.
Tags:Multi Party (three), Quantum Enhanced Classical Functionality, Specific Task, Blind Quantum Digital Signature, Arbitrated Signature, Quantum Proxy Signature, Designated Verifiable Quantum Signature, Limited Delegation of Quantum Signature
Protocols
- Prepare and Measure Quantum Digital Signature
- Quantum Digital Signature with Quantum Memory
- Measurement Device Independent Quantum Digital Signature (MDI-QDS)
Use Case
Signing e-Marksheet, Financial Transactions, Software Distribution, Cryptocurrencies, e-voting
Properties
All QDS protocols are divided into two phases, distribution and messaging. Distribution phase enables sender to generate private keys (kept secret with sender) and public keys (information distributed to recipients) while messaging phase enables exchange of messages using the above keys. For simlicity, most protocols use the case of three parties, one sender (Seller) and two recipients (Buyer and Verifier) exchanging one-bit classical messages signed by Quantum Digital Signatures (QDS).
- A QDS scheme is correct if a message signed by a genuine sender is accepted by a recipient with unit probability.
- A QDS scheme is secure if no one but the sender can sign a message such that it is accepted by a recipient with non-negligible probability.
- Transferability means that at any point a recipient (buyer) can prove it to another recipient (verifier) that the concerned message has been signed by the claimed sender (Seller).
- Unforgeability ensures that a dishonest recipient (buyer) can neither alter a DS nor sign a message with a fake DS (DS that has not come from a genuine sender) and forward it to other recipients (verifier) successfully.
- Non-Repudiation implies that at any point a dishonest sender (seller) cannot deny having signed the message sent to a genuine recipient (Buyer).
Discussion
(Review Paper by Petros)