Measurement-device-independent quantum digital signatures
Erika Andersson2016, Physical Review A
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
Digital signatures play an important role in software distribution, modern communication, and financial transactions, where it is important to detect forgery and tampering. Signatures are a cryptographic technique for validating the authenticity and integrity of messages, software, or digital documents. The security of currently used classical schemes relies on computational assumptions. Quantum digital signatures (QDS), on the other hand, provide information-theoretic security based on the laws of quantum physics. Recent work on QDS Amiri et al., Phys. Rev. A 93, 032325 (2016); Yin, Fu, and Zeng-Bing, Phys. Rev. A 93, 032316 (2016) shows that such schemes do not require trusted quantum channels and are unconditionally secure against general coherent attacks. However, in practical QDS, just as in quantum key distribution (QKD), the detectors can be subjected to side-channel attacks, which can make the actual implementations insecure. Motivated by the idea of measurementdevice-independent quantum key distribution (MDI-QKD), we present a measurement-device-independent QDS (MDI-QDS) scheme, which is secure against all detector side-channel attacks. Based on the rapid development of practical MDI-QKD, our MDI-QDS protocol could also be experimentally implemented, since it requires a similar experimental setup.
Related papers
Experimental measurement-device-independent quantum digital signatures
Nature Communications, 2017
The development of quantum networks will be paramount towards practical and secure telecommunications. These networks will need to sign and distribute information between many parties with information-theoretic security, requiring both quantum digital signatures (QDS) and quantum key distribution (QKD). Here, we introduce and experimentally realise a quantum network architecture, where the nodes are fully connected using a minimum amount of physical links. The central node of the network can act either as a totally untrusted relay, connecting the end users via the recently introduced measurement-device-independent (MDI)-QKD, or as a trusted recipient directly communicating with the end users via QKD. Using this network, we perform a proof-of-principle demonstration of QDS mediated by MDI-QKD. For that, we devised an efficient protocol to distil multiple signatures from the same block of data, thus reducing the statistical fluctuations in the sample and greatly enhancing the final QDS rate in the finite-size scenario.
Quantum digital signatures with quantum-key-distribution components
Physical Review A, 2015
Digital signatures provide guarantees on the authenticity and transferability of a message. This important cryptographic functionality is frequently used in modern communication systems. The security of currently used classical digital signature schemes, however, relies on computational assumptions, and thus they may not constitute a satisfactory long-term solution. In contrast, quantum digital signature (QDS) schemes offer information-theoretic security guaranteed by the laws of quantum mechanics. This is appealing, provided feasible schemes can be found. Here, we present two different quantum digital signature protocols which essentially use the same experimental requirements as quantum key distribution (QKD), which is already commercially available. This enables existing systems for QKD to be used also for digital signatures, which significantly extends and enhances the use of QKD systems. The first scheme is an improvement on a recent QDS scheme, removing the requirement of an optical multiport, which was a major source of losses. The second protocol is essentially a classical digital signature protocol, which employs quantum key distribution for obtaining secret shared classical keys. Relying on the security of QKD, this results in an information-theoretically secure digital signature scheme. * V. Dunjko and P. Wallden contributed equally to this work. † [email protected]
Secure quantum signatures using insecure quantum channels
Physical Review A, 2016
Digital signatures are widely used in modern communication to guarantee authenticity and transferability of messages. The security of currently used classical schemes relies on computational assumptions. We present a quantum signature scheme that does not require trusted quantum channels. We prove that it is unconditionally secure against the most general coherent attacks, and show that it requires the transmission of significantly fewer quantum states than previous schemes. We also show that the quantum channel noise threshold for our scheme is less strict than for distilling a secure key using quantum key distribution. This shows that "direct" quantum signature schemes can be preferable to signature schemes relying on secret shared keys generated using quantum key distribution.
Continuous-variable quantum digital signatures over insecure channels
2018
Digital signatures ensure the integrity of a classical message and the authenticity of its sender. Despite their far-reaching use in modern communication, currently used signature schemes rely on computational assumptions and will be rendered insecure by a quantum computer. We present a quantum digital signatures (QDS) scheme whose security is instead based on the impossibility of perfectly and deterministically distinguishing between quantum states. Our continuous-variable (CV) scheme relies on phase measurement of a distributed alphabet of coherent states, and allows for secure message authentication against a quantum adversary performing collective beamsplitter and entangling-cloner attacks. Crucially, for the first time in the CV setting we allow for an eavesdropper on the quantum channels and yet retain shorter signature lengths than previous protocols with no eavesdropper. This opens up the possibility to implement CV QDS alongside existing CV quantum key distribution (QKD) pl...
Experimental measurement-device-independent quantum digital signatures over a metropolitan network
Physical review, 2017
Quantum digital signatures (QDS) provide a means for signing electronic communications with informationtheoretic security. However, all previous demonstrations of quantum digital signatures assume trusted measurement devices. This renders them vulnerable against detector side-channel attacks, just like quantum key distribution. Here, we exploit a measurement-device-independent (MDI) quantum network, over a 200square-kilometer metropolitan area, to perform a field test of a three-party measurement-device-independent quantum digital signature (MDI-QDS) scheme that is secure against any detector side-channel attack. In so doing, we are able to successfully sign a binary message with a security level of about 10 −7. Remarkably, our work demonstrates the feasibility of MDI-QDS for practical applications.
Quantum Digital Signatures without Quantum Memory
Physical Review Letters, 2014
Quantum Digital Signatures (QDS) allow for the exchange of messages from one sender to multiple recipients, with the guarantee that messages cannot be forged or tampered with. Additionally, messages cannot be repudiated -if one recipient accepts a message, she is guaranteed that others will accept the same message as well. While messaging with these types of security guarantees are routinely performed in the modern digital world, current technologies only offer security under computational assumptions. QDS, on the other hand, offer security guaranteed by quantum mechanics. All thus far proposed variants of QDS require long-term, high quality storage of quantum information, making them unfeasible in the foreseeable future. Here, we present the first QDS scheme where no quantum memory is required, and all quantum information processing can be performed using just linear optics. This makes QDS feasible with current technology. PACS numbers: * Electronic address: [email protected] † Electronic address: [email protected] ‡ Electronic address: [email protected]
A SOLUTION FOR CONSTRUCTING QUANTUM - RESISTANT DIGITAL SIGNATURE SCHEMES
Journal of Military Science and Technology, ISSN: 1859-1043, 2024
In this article, the authors propose a solution for constructing quantum -resistant digital signature schemes based on a new type of hard problem, which belongs to the group of unsolvable problems. Therefore, the algorithms constructed according to the solution proposed here can be resistant to quantum attacks based on the quantum algorithm proposed by P. Shor. In addition to quantum resistance, the signature schemes proposed here can also be used as pre-quantum digital signature schemes (RSA, DSA, etc.) that are widely used in current practical applications.
Measurement device–independent quantum secure direct communication with user authentication
Quantum Information Processing, 2022
Quantum secure direct communication (QSDC) and deterministic secure quantum communication (DSQC) are two important branches of quantum cryptography, where one can transmit a secret message securely without encrypting it by a prior key. In the practical scenario, an adversary can apply detector-side-channel attacks to get some non-negligible amount of information about the secret message. Measurement-device-independent (MDI) quantum protocols can remove this kind of detector-side-channel attacks, by introducing an untrusted third party (UTP), who performs all the measurements during the protocol with imperfect measurement devices. In this paper, we put forward the first MDI-QSDC protocol with user identity authentication, where both the sender and the receiver first check the authenticity of the other party and then exchange the secret message. Then we extend this to an MDI quantum dialogue (QD) protocol, where both the parties can send their respective secret messages after verifying the identity of the other party. Along with this, we also report the first MDI-DSQC protocol with user identity authentication. Theoretical analyses prove the security of our proposed protocols against common attacks.
Authentication of quantum messages
Imaging and Applied Optics, 2011
Abstract: Message authentication is a cryptographic task that allows the receiver to reject a message that is forged or has been tampered with. A protocol to authenticate quantum messages was proposed by Barnum, Crépeau, Gottesman, Tapp, and Smith [1] and stand-alone security was proved. Here, we are concerned with universal composable security (which requires a protocol to be essentially indistinguishable from the ideal functionality and ensures overall security when the protocol is part of any larger scheme). We show that the protocol in [1] is universal ...
On the Power of Quantum Tamper-Proof Devices
International Journal of Quantum Information, 2008
We show how quantum tamper-proof devices (QTPD) can be used to attack and to develop security protocols. On one hand, we prove that it is possible to transfer proofs of zero-knowledge protocols using QTPD's. This attack can be extended to other security schemes where privacy is important. On the other hand, we present a fair contract signing protocol using QTPD's where there is no communication with Judge during the exchange phase (which is impossible classically). In the later case we make use of decoherence in the quantum state of the QTPD to implement a global clock over the asynchronous network. QTPD's seem to be possible to implement with existing quantum hardware, due to the fact that it is hard to isolate quantum memory from interference. These theoretical results contribute to justify the implementation of QTPD.
Related papers
Measurement-Device-Independent Quantum Cryptography
IEEE Journal of Selected Topics in Quantum Electronics, 2015
In theory, quantum key distribution (QKD) provides information-theoretic security based on the laws of physics. Owing to the imperfections of real-life implementations, however, there is a big gap between the theory and practice of QKD, which has been recently exploited by several quantum hacking activities. To fill this gap, a novel approach, called measurementdevice-independent QKD (mdiQKD), has been proposed. It can remove all side-channels from the measurement unit, arguably the most vulnerable part in QKD systems, thus offering a clear avenue towards secure QKD realisations. Here, we review the latest developments in the framework of mdiQKD, together with its assumptions, strengths and weaknesses.
Quantum key distribution with untrusted detectors
Side-channel attacks currently constitute the main challenge for quantum key distribution (QKD) to bridge theory with practice. So far two main approaches have been introduced to address this problem, (full) device-independent QKD and measurement-device-independent QKD. Here we present a third solution that might exceed the performance and practicality of the previous two in circumventing detector side-channel attacks, which arguably, is the most hazardous part of QKD implementations. We prove its security in the high-loss regime against a particular class of attacks, and we present a proof-of-principle experiment that demonstrates the feasibility of the protocol.
Realization of Quantum Digital Signatures without the Requirement of Quantum Memory
Physical Review Letters, 2014
Digital signatures are widely used to provide security for electronic communications, for example in financial transactions and electronic mail. Currently used classical digital signature schemes, however, only offer security relying on unproven computational assumptions. In contrast, quantum digital signatures (QDS) offer information-theoretic security based on laws of quantum mechanics . Here, security against forging relies on the impossibility of perfectly distinguishing between non-orthogonal quantum states. A serious drawback of previous QDS schemes is however that they require long-term quantum memory, making them unfeasible in practice. We present the first realisation of a scheme [4] that does not need quantum memory, and which also uses only standard linear optical components and photodetectors. To achieve this, the recipients measure the distributed quantum signature states using a new type of quantum measurement, quantum state elimination 6]. This significantly advances QDS as a quantum technology with potential for real applications.
Review Unconditionally Secure Quantum Signatures
2016
Signature schemes, proposed in 1976 by Diffie and Hellman, have become ubiquitous across modern communications. They allow for the exchange of messages from one sender to multiple recipients, with the guarantees that messages cannot be forged or tampered with and that messages also can be forwarded from one recipient to another without compromising their validity. Signatures are different from, but no less important than encryption, which ensures the privacy of a message. Commonly used signature protocols-signatures based on the Rivest-Adleman-Shamir (RSA) algorithm, the digital signature algorithm (DSA), and the elliptic curve digital signature algorithm (ECDSA)-are only computationally secure, similar to public key encryption methods. In fact, since these rely on the difficulty of finding discrete logarithms or factoring large primes, it is known that they will become completely insecure with the emergence of quantum computers. We may therefore see a shift towards signature protocols that will remain secure even in a post-quantum world. Ideally, such schemes would provide unconditional or information-theoretic security. In this paper, we aim to provide an accessible and comprehensive review of existing unconditionally securesecure signature schemes for signing classical messages, with a focus on unconditionally secure quantum signature schemes.
Security Analysis of One Quantum Digital Signature Scheme
2009 Sixth International Conference on Information Technology: New Generations, 2009
We point out that the quantum digital signature scheme proposed in ICACT 2005 has three problems. According to the original description of the scheme, we find: (1) the quantum one-way function is not specified clearly; (2) the signer Alice does not use her private key in the signing process; (3) both the signing and the verification can not work well.
Unconditionally Secure Quantum Signatures
Entropy, 2015
Signature schemes, proposed in 1976 by Diffie and Hellman, have become ubiquitous across modern communications. They allow for the exchange of messages from one sender to multiple recipients, with the guarantees that messages cannot be forged or tampered with and that messages also can be forwarded from one recipient to another without compromising their validity. Signatures are different from, but no less important than encryption, which ensures the privacy of a message. Commonly used signature protocols-signatures based on the Rivest-Adleman-Shamir (RSA) algorithm, the digital signature algorithm (DSA), and the elliptic curve digital signature algorithm (ECDSA)-are only computationally secure, similar to public key encryption methods. In fact, since these rely on the difficulty of finding discrete logarithms or factoring large primes, it is known that they will become completely insecure with the emergence of quantum computers. We may therefore see a shift towards signature protocols that will remain secure even in a post-quantum world. Ideally, such schemes would provide unconditional or information-theoretic security. In this paper, we aim to provide an accessible and comprehensive review of existing unconditionally securesecure signature schemes for signing classical messages, with a focus on unconditionally secure quantum signature schemes.
Practical quantum multiparty signatures using quantum key distribution networks
ArXiv, 2022
Digital signatures are widely used for providing security of communications. At the same time, the security of currently deployed digital signature protocols is based on unproven computational assumptions. An efficient way to ensure an unconditional (information-theoretic) security of communication is to use quantum key distribution (QKD), whose security is based on laws of quantum mechanics. In this work, we develop an unconditionally secure signatures (USS) scheme that guarantees authenticity and transferability of arbitrary length messages in a QKD network. In the proposed setup, the QKD network consists of two subnetworks: (i) the internal network that includes the signer and with limitation on the number of malicious nodes, and (ii) the external one that has no assumptions on the number of malicious nodes. A price of the absence of the trust assumption in the external subnetwork is a necessity of the assistance from an internal subnetwork recipients for the verification of mess...
Security of device-independent quantum key distribution protocols: a review
Quantum
Device-independent quantum key distribution (DI-QKD) is often seen as the ultimate key exchange protocol in terms of security, as it can be performed securely with uncharacterised black-box devices. The advent of DI-QKD closes several loopholes and side-channels that plague current QKD systems. While implementing DI-QKD protocols is technically challenging, there have been recent proof-of-principle demonstrations, resulting from the progress made in both theory and experiments. In this review, we will provide an introduction to DI-QKD, an overview of the related experiments performed, and the theory and techniques required to analyse its security. We conclude with an outlook on future DI-QKD research.
Lightweight authentication for quantum key distribution
IEEE Transactions on Information Theory, 2020
Almost-tight and versatile security analysis of measurement-device-independent quantum key distribution
Almost-tight and versatile security analysis of measurement-device-independent quantum key distribution, 2018
Measurement-device-independent quantum key distribution (MDI-QKD) is the only known QKD scheme that can completely overcome the problem of detection side-channel attacks. Yet, despite its practical importance, there is no standard approach towards computing the security of MDI-QKD. Here, we present a simple numerical method that can efficiently compute almost-tight security bounds for any discretely modulated MDI-QKD protocol. To demonstrate the broad utility of our method, we use it to analyze the security of coherent-state MDI-QKD, decoy-state MDI-QKD with leaky sources, and a variant of twin-field QKD called phase-matching QKD. In all of the numerical simulations (using realistic detection models) we find that our method gives significantly higher secret key rates than those obtained with current security proof techniques. Interestingly, we also find that phase-matching QKD using only two coherent test states is enough to overcome the fundamental rate-distance limit of QKD. Taken together, these findings suggest that our securityproof method enables a versatile, fast, and possibly optimal approach towards the security validation of practical MDI-QKD systems.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.