CN110213060B - Non-entanglement quantum blind signature method and system based on quantum walking - Google Patents

Non-entanglement quantum blind signature method and system based on quantum walking Download PDF

Info

Publication number
CN110213060B
CN110213060B CN201910602779.7A CN201910602779A CN110213060B CN 110213060 B CN110213060 B CN 110213060B CN 201910602779 A CN201910602779 A CN 201910602779A CN 110213060 B CN110213060 B CN 110213060B
Authority
CN
China
Prior art keywords
quantum
state
particles
particle
walking
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910602779.7A
Other languages
Chinese (zh)
Other versions
CN110213060A (en
Inventor
昌燕
李雪杨
张仕斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yami Technology Guangzhou Co ltd
Original Assignee
Chengdu University of Information Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu University of Information Technology filed Critical Chengdu University of Information Technology
Priority to CN201910602779.7A priority Critical patent/CN110213060B/en
Publication of CN110213060A publication Critical patent/CN110213060A/en
Application granted granted Critical
Publication of CN110213060B publication Critical patent/CN110213060B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • H04L9/0858Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3257Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures

Abstract

The invention belongs to the technical field of quantum information processing, and discloses a quantum blind signature method and a quantum blind signature system without entanglement based on quantum walking, wherein in the message encoding stage, four single particle states are combined with the blind encoding rule of a message to encode and blind information; in the invisible propagation process of the coded particles, quantum walking is used for realizing the invisible propagation of the coded particles, and the particles spontaneously generate entanglement in the invisible propagation process, so that the invisible propagation state is used for resisting denial attack of a signer and denial attack of a verifier and also used for preventing the signer from forging the signature. The invention comprises the key updating, which achieves the effect of one-time pad (OTP), thus the next execution scheme does not need to redistribute the key; the security analysis shows that the solution of the invention satisfies the characteristics of being non-forgeable, undeniable, blinded, and it is also resistant to entanglement attacks, which is very suitable for use in e-commerce or e-payment systems.

Description

Non-entanglement quantum blind signature method and system based on quantum walking
Technical Field
The invention belongs to the technical field of quantum information processing, and particularly relates to a quantum blind signature method and system based on quantum walking without entanglement.
Background
Currently, the closest prior art:
digital signatures are widely used in e-government, e-medical and e-payment systems. It ensures the integrity and authenticity of the information. However, with the development of quantum computers, classical signature schemes become insecure in the quantum environment. The reason is that the security of classical signature schemes depends mainly on classical mathematical challenges such as factorization of large integers and discrete logarithm problems, which may be broken quickly in the face of quantum computation, like the Shor algorithm and the Grover algorithm. The classical digital signature is not considered to be safe any more, so that scientific researchers propose quantum digital signatures, and the classical digital signature is expanded by adding a quantum mechanical theory to the original digital signature. Due to the range of properties of quantum states, more and more researchers are beginning to study quantum signature schemes.
The first quantum signature scheme was proposed in 2001 by Gottesman and Chuang, who used a one-way function to complete the signature scheme. In 2002, Barnum et al discovered the vulnerability of this quantum signature scheme, thus indicating the impracticality of this quantum signature scheme. Recently Zeng and Keitel proposed a quantum arbitration signature scheme based on the GHZ state, which successfully satisfied the theoretical requirements proposed by Barnum by setting up an arbitrator. Since then, more and more quantum signature schemes are proposed. Blind signatures are a special type of digital signatures in which the true content of a message is blinded until the blind signature protocol is complete. It has been implemented in many cryptographic protocols and applied in many fields of information security, such as electronic payment systems and electronic voting protocols. In 2009, Wen et al proposed a weak blind signature scheme based on EPR entanglement pairs and one-time pad. In 2010, Wang et al introduced a new equal blind signature scheme based on the fundamental characteristics of quantum mechanics. In 2013, Shi et al propose a quantum batch proxy blind signature scheme based on a three-dimensional two-particle entangled state system. In addition, there are many other blind signature protocols based on the state of entanglement of multiple particles.
In summary, the problems of the prior art are as follows:
(1) the prior quantum blind signature scheme has the problem of preparation technical obstacle in the particle state preparation stage, and many existing protocols mainly utilize the entanglement characteristic of GHZ state or multi-particle entangled state to realize the quantum blind signature scheme, however, the preparation of the entangled state needs to consume more resources and is not easy to prepare in the prior art, and the technical obstacle greatly reduces the practicability of the quantum blind signature scheme.
(2) The traditional quantum blind signature scheme mostly utilizes the entanglement characteristic of a GHZ state or a multi-particle entangled state to complete particle invisible state transmission, and some schemes can not resist the entanglement attack when facing the entanglement attack, so that the results of particle interception and information leakage are caused.
(3) Some quantum blind signature schemes in the past lack self-key updating, and one-time pad key updating technology (OTP) mostly depends on QKD key distribution before each protocol execution, and the process causes resource waste.
The difficulty of solving the technical problems is as follows:
at present, preparation and storage of GHZ state or multi-particle entangled state are very challenging, expensive equipment and more resources are needed to face entangled attack compared with preparation of single particle state, entangled attack is resisted through overall system design, and theoretical analysis proves that the system has capability of resisting entangled attack
Most protocols rely heavily on QKD key distribution to ensure scheme security, which can be ensured by the same way of implementing one-time pad (OTP) effects by updating the original keys.
The significance of solving the technical problems is as follows:
the preparation and storage of the single particle state are easier and more stable than those of the GHZ state or the multi-particle entangled state, so that the practicability of the quantum blind signature scheme adopting the single particle is improved. Through the quantum walking system, spontaneous entanglement of single particle states in the quantum walking process is realized, the entanglement characteristic is used for invisible state transfer of particles, invisible state transfer based on GHZ states or multi-particle entangled states is replaced, and communication safety is guaranteed while long-distance communication is completed. The invention uses the measurement result of the remaining k/2 bit decoy particles detected by eavesdropping for key updating of both communication parties, and the both communication parties can use the measurement result of the remaining decoy particles after the eavesdropping detection and combine with the updating rule agreed in advance to complete the key updating, thereby reducing the dependence on QKD key distribution before executing the protocol each time. Aiming at the invisible single-particle state transfer based on the quantum walking system, the invention formulates the coding rule and the signature protocol, and provides a more practical quantum blind signature method and system without entanglement based on quantum walking.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a quantum blind signature method and system based on quantum walking without entanglement.
The invention is realized in such a way that a quantum walking-based non-entangled quantum blind signature method comprises the following steps:
in the coding stage of the message, coding and blinding information are carried out by using four single particle state combined blinding coding rules of the message.
In the invisible propagation process of the coded particles, quantum walking is used for realizing the invisible propagation of the coded particles, and the particles spontaneously generate entanglement in the invisible propagation process, so that the invisible propagation state is used for resisting denial attack of a signer and denial attack of a verifier and also used for preventing the signer from forging the signature.
Further, the blinding encoding rule of the message comprises: in the blind encoding stage of the message, the message owner generates a string of n-bit random binary strings L, and then uses L to encode the strings L, M and | bc>Generates two particle bit strings { | b of n bits of original information M according to the corresponding bit value (Table 1.)1c1>,|b2c2>,|b3c3>...|bncn>}。
TABLE 1 corresponding bit values for strings L, M and | bc >.
Figure GDA0002151597810000031
Table 1 means two particle bits | bici>Are determined by L and their eigenvectors by M. This means that when the L bit is 0, | bici>The measured base of (A) is a Z base; when the L bit is 1, | bici>Measured base X base, and | bi>XOR|ci>Is equal to Mi. Here, | +>=1/2(|0>+|1>),|->=1/2(|0>-|1>). The message producer then extracts | b in order>Particle generation B ═ B1b2b3...bn>In order extract | c>Particle generation C ═ C1c2c3...cn>. For example, if L is 0110, M is 1011, the two-particle bit string | bc>Can be generated into { |01>,|-->,|+->,|10>Thus B ═ 0- +1>,C=|1--0>Only the producer knows exactly the two-particle bit | b she producedici>The B string or C string alone cannot infer the information of M. At this point, the blind encoding of the message is complete.
Further, the quantum walking method comprises the following steps: quantum walking operates in a quantum space consisting of a position space and a coin space, and is expressed as
Figure GDA0002151597810000041
Hp represents position span { n, n belongs to Z }, Hc represents coin direction { |0>, |1> } of quantum walking, and evolution of a total subsystem of each step of quantum walking is described as an equation
Figure GDA0002151597810000042
Wherein
Figure GDA0002151597810000043
S is called the shift operator and is denoted as S ═ Σn|n+1><n |, and C is a coin operator, when the coin operator is |0>In the state, the coin is driven from the state | n>Move to state | n +1>When the coin operator is |1>In the state, the coin is moved backward to the state | n-1>。
Further, using quantum walking to achieve invisible states of transport of the encoded particles comprises:
the two-coin based quantum walking system was chosen to successfully transfer any unknown qubits between the two parties by choosing the appropriate initial state and matching measurement basis, and without the need to prepare the initial entangled particles.
Invisible transmission unknown quantum bit if sender wants to verifier
Figure GDA0002151597810000044
Wherein | α2+|β|21. In the stealth state, two particles are prepared, A1And Ap,A1Is an unknown qubit of which the sender wants to conceal the state, denoted coin1, ApIs a state of a position space. Similarly, the verifier prepares particle B, denoted as coin 2. A. thepAnd B are both |0 in the initial state>. And completing the invisible transmission state through two-step quantum walking.
The first step of quantum walking is as follows:
Figure GDA0002151597810000045
wherein the content of the first and second substances,
Figure GDA0002151597810000046
formula (middle, C)1Representing the operator of coin1-A1, the I operation is selected as the operator.
The second step of quantum walking is as follows:
Figure GDA0002151597810000051
wherein the content of the first and second substances,
Figure GDA0002151597810000052
in the formula, H represents that Hadamard operation is performed on the coin2-B particle when the initial state of the B particle is in the |0> state, this operator is replaced by an I operation when the initial state of the B particle is in the | + > state.
Sender measures A with X basis1The measurement result of the particle is marked as lambda 1(| +)>And | ->Respectively noted as 1 and-1). The sender then measures A with Q basepParticles of wherein | Q>={|-2'>,|-1>,|0>,|1>,|2'>},
Figure GDA0002151597810000053
Figure GDA0002151597810000054
The measurement result was recorded as λ 2(| -2'>,|0>,|2'>Respectively-1, 0, 1). The sender informs the verifier of the measurement results lambda 1 and lambda 2, and the verifier carries out corresponding Pauli recovery operation on the B particles according to the lambda 1 and the lambda 2 to finish the operation related to A1Invisible transport states of the particles.
Further, the quantum walking-based entanglement-free quantum blind signature method further comprises the following steps:
the first step, initialization stage: the sender, signer and verifier prepare a number of particles for the quantum walking system.
Step two, a blinding stage: the sender generates a random binary character string L with n bits, and then the sender generates a two-particle bit string { | b of the original information M with n bits by using L according to a blind coding rule1c1>,|b2c2>,|b3c3>...|bncn>}. When the sender generates a two-particle bit string | bc>Then, the sender extracts | b in order>Particle generation B ═ B1b2b3...bn>In order extract | c>Particle generation C ═ C1c2c3...cn>. At this point, the blinded encryption of the message is complete.
Step three, signature stage: the sender transmits the encrypted sub-information C of the M to the signer in a quantum walking invisible mode, requests the blind signature of the signer, and the signer executes Pauli operation on the received quantum bit string to complete the blind signature.
Further, the third step further comprises:
(1) the sender randomly adds k-bit spoofing particles to C for eavesdropping detection and key update. The sender can invisibly transmit her blind information CK added to the decoy particle to the signer without relying on preparing the entangled particle, wherein CK ═ { c1,c2,c3...cn+k}. The sender prepares the initial state as |0>Particle Ap of (2)iFor quantum invisible transport, the sender will ciAs particles in the quantum walking system which need to be stealthy transferred, wherein ci=α|0>+β|1>,|α|2+|β|21. The signer has prepared the qubit string Cp in the particle preparation phase, and has attached the particle CpiAs receiving particles in quantum walking systems, CpiAt |0>State. The initial state of the whole quantum walking system is as follows:
Figure GDA0002151597810000061
after the first quantum walking W1, the whole system state changes to
|Φ>(1)=(α|100>+β|-110>)p12
After the second quantum walking W2, the whole system state changes to
|Φ>(2)=(α|200>+α|001>+β|010>+β|-211>)p12
(2) Sender measurement with X base ciMeasurement result | +>And | ->Are denoted as 1 and-1, respectively. Sender continues to use Q-base | Q>={|-2'>,|-1>,|0>,|1>,|2'>Measurement ApiWherein, in the step (A),
Figure GDA0002151597810000062
measurement results | -2'>、|0>And 2' v are noted as-1, 0,1, respectively. Finally, the measurement result sequences of the X group and the Q group are respectively expressed as a λ 1 sequence and a λ 2 sequence.
(3) Secret key K for senderACEncrypting λ 1 and λ 2 generates Sac=EKAC(λ 1, λ 2). Then, S is addedacThe signer is informed.
(4) Signer used secret key KACDecryption Sacλ 1 and λ 2 are obtained, and the signer performs Pauli recovery operation on the particle string Cp through λ 1 and λ 2 to obtain the target state. The signer completes the invisible state of the unknown particle from the sender, and the state of the Cp particle string is converted into the state of the CK particle string.
(5) After the signer is confirmed to complete the particle stealth state, the sender begins to announce the positions of the decoy particles and the measuring bases, the signer selects the appropriate measuring bases to measure each decoy particle, then the sender is informed of the measuring results of the k/2-bit decoy particles and the positions of the measuring bases, and the sender can evaluate the error rate in the particle stealth state process. If the error rate exceeds a specified threshold epsilon, the communication is terminated and the scheme is repeated from the beginning until the error rate is acceptable. Otherwise, the signature scheme continues to be executed.
(6) The remaining K/2 bit measurements, signer and sender update key KAC
(7) After discarding decoy particles, signer pair ciBlind signatures are made. The signer generates an n-bit random binary string G ═ G1,g2,g3...gnAccording to g, theniManipulation of unknown particles ciTo complete the signature, if giIs 0, to ciPerform Pauli operation I ═ 0><0|+|1><1|, otherwise, Pauli operation σ is executedx=|0><1|+|1><0 |. And recording the unknown quantum string as Mc after Pauli operation is finished. SigmaxThe state is flipped in both measurement bases, i.e.,
σx|0>=|1>,σx|1>=|0>。
σx|+>=|->,σx|->=|+>。
further, after the third step is completed, security verification is required.
Another object of the present invention is to provide a quantum walking based non-entangled quantum blind signature system implementing the quantum walking based non-entangled quantum blind signature method.
Another object of the present invention is to provide a quantum walking based non-entangled quantum blind signature terminal implementing the quantum walking based non-entangled quantum blind signature method.
It is another object of the present invention to provide a computer-readable storage medium, comprising instructions which, when run on a computer, cause the computer to perform the quantum walking-based entanglement-free quantum blind signature method.
In summary, the advantages and positive effects of the invention are:
the invention relates to a quantum blind signature scheme without entanglement based on quantum walking, which only adopts single particles in the initial particle preparation stage.
Unlike previous quantum blind signature schemes, the particular advantages of the scheme of the present invention can be summarized as follows.
Firstly, the scheme of the invention does not need to prepare entangled particles when preparing initial state particles, but enables single particles to be automatically entangled in the quantum walking process, and the difficult preparation of the entangled particles can show that the scheme is not worth in some cases when the quantum blind signature scheme based on the entangled particles is applied, and after all, the practicability is an important pursuit of quantum information theory.
Secondly, the invention provides a smart encryption blinding means, so that the information of the message owner Alice is blindly encrypted, nobody can deduce the original message according to a single subset, and the invention proves the robustness of the encryption blinding means.
Thirdly, the main information of the invention is coded into quantum state, the communication process of the signature scheme is completed by quantum walking invisible state, and many successful quantum walking experiments are realized at present, and quantum walking is needed for quantum communication no matter quantum computation or quantum simulation. Furthermore, the scheme involves a key update, which achieves the effect of a One Time Pad (OTP), which makes it unnecessary to redistribute keys for the next execution of the scheme. The final security analysis shows that the solution of the invention satisfies the characteristics of being non-counterfeitable, undeniable, blinding, and it is also resistant to entanglement attacks, which is very suitable for use in e-commerce or e-payment systems.
Drawings
Fig. 1 is a flow chart of a quantum walking-based non-entanglement quantum blind signature method provided by an embodiment of the invention.
Fig. 2 is a graph of the number of correctly guessed particles, k, versus the probability of successfully inferring the entire message, P, when N is 100,500, and 1000, as provided by an embodiment of the present invention.
Fig. 3 illustrates the number k of rejected signatures and the rejection probability P when N is 50,100, and 200 according to an embodiment of the present inventiondThe relationship between them.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The prior quantum blind signature scheme has the problem of preparation technical obstacle in the particle state preparation stage, and many existing protocols mainly utilize the entanglement characteristic of GHZ state or multi-particle entangled state to realize the quantum blind signature scheme, however, the preparation of the entangled state needs to consume more resources and is not easy to prepare in the prior art, and the technical obstacle greatly reduces the practicability of the quantum blind signature scheme.
The invention provides a quantum blind signature method and system based on quantum walking technology and without entanglement. Specifically, as early as 1993, Aharonov et al proposed quantum walking techniques, and thereafter Ambainis et al proposed a linear quantum walking system. The quantum blind signature method and the quantum blind signature system have the advantages that the characteristics of the quantum walking system are used for the invisible state transfer of unknown particles, namely the particles are spontaneously entangled, so that the condition that the entangled particles are prepared in the particle preparation stage to finish the invisible state transfer of the particles is avoided, and further, the quantum walking-based invisible state transfer is combined with the encoding rule and the blind signature step to finish the quantum blind signature method and the quantum-based non-entangled quantum blind signature system.
Aiming at the problems in the prior art, the invention provides a quantum blind signature method and system based on quantum walking without entanglement, and the invention is described in detail by combining the technical scheme.
In the quantum blind signature method based on quantum walking without entanglement, provided by the embodiment of the invention, in the message encoding stage, four single particle states are combined with the rule in the table 1, and information is ingeniously encoded and blinded. In addition, in the invisible state transfer process of the encoded particles, the invisible state transfer of the encoded particles is realized by quantum walking, the particles in the invisible state transfer are spontaneously entangled, and the integrity and the safety of original information are ensured. The scheme can resist denial attack of a signer and denial attack of a verifier and prevent the signer from forging the signature. The method specifically comprises the following steps:
(1) the blinding coding rule of the message is as follows:
in the blind encoding stage of the message, the message owner generates a string of n-bit random binary wordsString L, then use L to generate two-particle bit string { | b of n-bit original information M according to Table 11c1>,|b2c2>,|b3c3>...|bncn>}。
TABLE 1 corresponding bit values for strings L, M and | bc >.
Figure GDA0002151597810000091
Table 2 means two particle bits | bici>Are determined by L and their eigenvectors by M. This means that when the L bit is 0, | bici>The measured base of (A) is a Z base; when the L bit is 1, | bici>Measured base X base, and | bi>XOR|ci>Is equal to Mi. Here, | +>=1/2(|0>+|1>),|->=1/2(|0>-|1>). The message producer then extracts | b in order>Particle generation B ═ B1b2b3...bn>In order extract | c>Particle generation C ═ C1c2c3...cn>. For example, if L is 0110, M is 1011, the two-particle bit string | bc>Can be generated into { |01>,|-->,|+->,|10>Thus B ═ 0- +1>,C=|1--0>Only the producer knows exactly the two-particle bit | b she producedici>The B string or C string alone cannot infer the information of M. At this point, the blinding of the message is complete.
(2) The quantum walking technology comprises the following steps:
quantum walking is a quantum simulation of classical random walking, and can be used as a quantum key generator according to inherent unpredictable chaotic nonlinear dynamic behaviors.
Quantum walking occurs in a complex Hilbert space, consisting of two main quantum spaces, position space and coin space, respectively, denoted as
Figure GDA0002151597810000101
Where Hp represents the position span { n, n ∈ Z }, Hc represents the coin direction of quantum walking { |0>, |1> }, and the evolution of the total subsystem at each step of quantum walking can be described as an equation
Figure GDA0002151597810000102
Wherein
Figure GDA0002151597810000103
S is called the shift operator and is denoted as S ═ Σn|n+1><n |, and C is a coin operator, when the coin operator is |0>In state, it takes the coin from state | n>Move to state | n +1>When the coin operator is |1>In state, it causes the coin to move backwards to state | n-1>。
(3) The invisible state of the particles realized by the two-step quantum walking system comprises the following steps:
in a quantum walking system, a shift operator can bring entanglement between a position space and a coin space, so that the invention can apply the entanglement resource to the invisible state of the particle. Specifically, the present invention selects a two-coin based quantum walking system, and by selecting the appropriate initial state and matching measurement basis, the present invention can successfully transfer any unknown qubit between the two parties, and does not require the preparation of initial entangled particles.
Suppose that Alice wants to give Bob an unknown qubit with invisible states
Figure GDA0002151597810000104
Wherein | α2+|β|21. To complete the stealth state, two particles, A, need to be prepared1And Ap,A1Is an unknown qubit that Alice wants to latent states of transmission, and is also denoted as coin1, ApIs a state of a position space. Similarly, Bob prepares particle B, which is also denoted as coin 2. A. thepAnd B are both |0 in the initial state>. The invisible transmission state can be completed through two-step quantum walking.
The first step quantum walking can be described as:
Figure GDA0002151597810000105
wherein the content of the first and second substances,
Figure GDA0002151597810000106
in the formulae (3) and (4), C1Representing the operators of coin1-A1, the protocol of the present invention selects I operations as operators. The second quantum walking step can be expressed as:
Figure GDA0002151597810000111
wherein the content of the first and second substances,
Figure GDA0002151597810000112
in equation (5), H indicates that Hadamard operation is performed on the coin2-B particle when the initial state of the B particle is in the |0> state, this operator can also be replaced by an I operation when the initial state of the B particle is in the | + > state.
At this time, Alice measures A with the X basis1The measurement result of the particle is marked as lambda 1(| +)>And | ->Respectively noted as 1 and-1). Thereafter, Alice measures A with the Q basispParticles of wherein | Q>={|-2'>,|-1>,|0>,|1>,|2'>},
Figure GDA0002151597810000113
Figure GDA0002151597810000114
The measurement result was recorded as λ 2(| -2'>,|0>,|2'>Respectively-1, 0, 1). Then, Alice informs Bob of the measurement results λ 1 and λ 2, and Bob performs corresponding Pauli recovery operation on the B particles according to λ 1 and λ 2 to complete the operation on A1Invisible transport states of the particles.
The invention particularly deduces the following two-step quantum walking scheme:
Figure GDA0002151597810000115
through analytical calculation, it can be found that through W1, an entanglement relationship is generated between Ap particles and A1 particles, and the complex state of the Ap particles and the A1 particles is changed from the complex state
Figure GDA0002151597810000116
Become (a | 10)>+b|-11>)p1This is why quantum walking can be used for the invisible transport state of the particles without the need to prepare the entangled particles in an initial stage.
Figure GDA0002151597810000117
Now, A1And B are also in an entangled state when Alice measures particle A1According to the quantum mechanics theory, particles Ap and B will collapse to the corresponding states.
Figure GDA0002151597810000121
Alice then measures the Ap particle with the Q-base and particle B also collapses to the corresponding state.
Figure GDA0002151597810000122
Figure GDA0002151597810000123
Finally, Alice informs Bob of the measurement result. Based on these measurements, Bob performs a corresponding Pauli operation on particle B to recover the unknown quantum state. The relationship between the measurements and Pauli operation is shown in Table 2.
TABLE 2 relationship between measurement results and Pauli operation
Figure GDA0002151597810000124
The above shows that quantum walking theoretically has the capability of generating infinite random key space to resist violent attack by the inherent unpredictable chaotic nonlinear dynamic behavior of the coin state, and further the application of the quantum walking in quantum signatures can be researched. Therefore, the invention provides a quantum blind signature scheme without entanglement based on quantum walking.
The invention is further described with reference to the following figures and specific embodiments.
Examples
As shown in fig. 1, the quantum walking-based non-entangled quantum blind signature method provided by the embodiment of the present invention includes three participants, a sender Alice, a signer Charlie and a verifier Bob. The protocol involves four phases: an initialization phase, a blinding phase, a signing phase and a verification phase. Alice and Bob share the secret key K in advance before the protocol startsABAlice and Charlie share secret Key K in advanceACBob and Charlie share a secret key K in advanceBC. These keys are distributed by the QKD protocol. The method specifically comprises the following steps:
the first step, initialization stage:
in the initialization phase, Alice, Charlie and Bob prepare some particles for the quantum walking system. Alice prepares a string of particle sequences Ap for invisible states in a quantum walking system, where Ap ═ 010203...0n>. Charlie prepares a string with an initial state of |0>A particle sequence of states Cp for invisible states with Alice in a quantum walking system, wherein Cp ═ 010203...0n>. Bob prepares a string with an initial state of |0>The particle sequence Bp of the state is used for invisible transmission state with Alice in a quantum walking system, wherein Bp is |010203...0n>. Bob prepares another string with initial state of |0>Particle sequence of states Bc for stealth propagation states of Charlie blind signatures in quantum walking systems, wherein Bc ═ 010203...0n>。
Step two, a blinding stage:
in the blindIn the conversion stage, Alice generates a random binary string L with n bits, and then Alice generates a two-particle bit string { | b of the original information M with n bits by using L according to the rule in Table 11c1>,|b2c2>,|b3c3>...|bncn>}. When Alice generates a two-particle bit string | bc>Then, Alice extracts | b in order>Particle generation B ═ B1b2b3...bn>In order extract | c>Particle generation C ═ C1c2c3...cn>. At this point, the blinded encryption of the message is complete.
Step three, signature stage:
in the signature stage, Alice transmits the encrypted sub-information C of M to Charlie through quantum walking invisibility, requests the blind signature of Charlie, and Charlie performs Pauli operation on the received quantum bit string to complete the blind signature.
(1) Alice randomly adds k-bit decoy particles to C for eavesdropping detection and key update. By using the quantum walking method introduced earlier, Alice can blind her blind information CK added to decoy particles to Charlie, and does not rely on preparing entangled particles, where CK ═ { c ═ c1,c2,c3...cn+k}. The invention uses ciInvisible states of particles are examples. Previously, Alice had prepared an initial state of |0>Particle Ap of (2)iFor quantum invisible transport, Alice will ciAs particles in the quantum walking system which need to be stealthy transferred, wherein ci=α|0>+β|1>,|α|2+|β|21. Charlie has prepared the qubit string Cp in the particle preparation phase, which he will have prepared the particle CpiAs receiving particles in quantum walking systems, CpiAt |0>State. Now, the initial state of the whole quantum walking system can be written as:
Figure GDA0002151597810000131
after the first quantum walking W1, the whole system state changes to
|Φ>(1)=(α|100>+β|-110>)p12(13)。
After the second quantum walking W2, the whole system state changes to
|Φ>(2)=(α|200>+α|001>+β|010>+β|-211>)p12(14)。
(2) Alice measures c with the X basisiMeasurement result | +>And | ->Are denoted as 1 and-1, respectively. Alice continues to use Q-base | Q>={|-2'>,|-1>,|0>,|1>,|2'>Measurement ApiWherein, in the step (A),
Figure GDA0002151597810000141
measurement results | -2'>、|0>、|2'>Are noted as-1, 0,1, respectively. Finally, the measurement result sequences of the X group and the Q group are respectively expressed as a λ 1 sequence and a λ 2 sequence.
(3) Secret key K for AliceACEncrypting λ 1 and λ 2 generates Sac=EKAC(λ 1, λ 2). Then she will SacCharlie is informed.
(4) Secret key K for CharlieACDecryption Sacλ 1 and λ 2 are obtained and the target state is obtained by λ 1 and λ 2, Charlie in conjunction with table 2. Pauli recovery operation on the particle string Cp. Thereafter, Charlie completes the invisible state of the unknown particle from Alice, and the state of the Cp particle string is transformed to that of the CK particle string.
(5) After Charlie is determined to complete the particle invisible state, Alice begins to announce the positions of the decoy particles and the measurement bases, Charlie selects a proper measurement base to measure each decoy particle, and then informs Alice of the measurement results of the k/2-bit decoy particles and the positions of the measurement results, and Alice can evaluate the error rate in the particle invisible state process. If the error rate exceeds a specified threshold ε, they terminate the communication and then repeat the scheme from the beginning until the error rate is acceptable. Otherwise, they continue to execute the signature scheme.
(6) The remaining K/2 bit measurements, Charlie and Alice, are used to update the secret key K according to a pre-agreed secret key update ruleACFor future use.
(7) In discarding the decoyAfter the particle, Charlie pairs ciBlind signatures are made. Charlie generates n-bit random binary string G ═ G1,g2,g3...gnThen he follows giManipulation of unknown particles ciTo complete the signature, i.e. if giIs 0, he is paired with ciPerform Pauli operation I ═ 0><0|+|1><1, otherwise he performs Pauli operation σx=|0><1|+|1><0 |. And recording the unknown quantum string as Mc after Pauli operation is finished. SigmaxThe state can be flipped between the two measurement bases, i.e.,
σx|0>=|1>,σx|1>=|0>(15)。
σx|+>=|->,σx|->=|+>(16)。
the invention is further described below in connection with the verification phase.
In the verification stage, Alice invisibly transmits the encoded and encrypted qubit string B to Bob through the quantum walking system to support the verification stage, and Charlie then invisibly transmits his signature to Bob through the quantum walking system and also transmits the string G to Bob to support the verification stage. Bob measures the quantum string in his hand according to L and completes signature verification according to Alice's message digest.
(1) Similar to steps (1-6) of the signature phase, by using the quantum walking system, Alice can pass the B stealth to Bob and complete the secret key KABFor future use. At this time, Alice represents the measurement result sequences of the measurement bases X and Q by γ 1 and γ 2, respectively. Alice uses K for gamma 1 and gamma 2ABEncryption generation Sab=EKAB(γ 1, γ 2), she will be SabAnd transmitted to Bob.
(2) K for BobABDecryption SabAnd completing the invisible state of the unknown particles from Alice, converting the state of the quantum string Bp into the state of the quantum string B, and recording the converted quantum string Bp as Mb.
(3) After Bob announces that he receives all unknown quantum states from Alice through the quantum walking system, Charlie invisibly transmits the signature Mc of him to Bob through the quantum walking system, and completes the secret key KBCUpdate of (2), photo labelCharlie, this time, η 1 and η 2 represent the measurement result sequences of the measurement bases X and Q, respectively, as in the steps (1-6) of the first name phase, Charlie uses K for η 1 and η 2 and the random binary string GBCEncryption generation Sbc=EKBC(η 1, η 2, G), He will be SbcAnd transmitted to Bob.
(4) K for BobBCDecryption SbcAnd G is obtained, the invisible state of the unknown particle from Charlie is completed, and the state of the particle string Bc is changed into the state of the particle string Mc. The converted particle string Bc is recorded as Mc'.
(5) When the invisible transmission state of Bob, Alice and Charlie is finished, the quantum strings Mb and Mc' exist in the hand of Bob. Alice transmits a string L determining the basis of the measurement of two quantum strings to Bob and uses the secret key KABEncryption, S1 ═ EKAB(L), Bob decrypts S1 and selects the measurement basis Z or X for each qubit based on the string L, i.e., takes the Z basis measurement if the bit value of L is 0 and takes the X basis measurement if the bit value of L is 1. The measurement results of Mb and Mc 'are represented as Rb and Rc', respectively.
(6) Bob calculates the result of RbXOR Rc 'XOR G and records the result as M'.
(7) Alice derives the hash value of M using an appropriate hash function H. Then, Alice uses the secret key KABEncrypting H (M) to generate Shm ═ EKAB(H (M)), and Shm is sent to Bob.
(8) Key K for BobABDecrypt Shm to obtain H (M). Bob computes the result of H (M ') and verifies that H (M ') is equal to H (M), if H (M ') ═ H (M), Bob declares the signature valid and accepts Charlie's blind signature, otherwise he rejects Charlie's signature.
The invention is further described below in connection with a security analysis.
The method has safety, namely the safe quantum blind signature protocol not only prevents the forgery or the rejection of a legal participant, but also can prevent the attack of external eavesdropping. The method specifically comprises the following steps:
1) blindness: in the present invention, the quantum string C that Alice invisibly passes state to Charlie is blinded. First, Charlie performs Pauli operations only on unknown quantum string C to complete the signature, and he cannot measure the quantum string C because only Alice knows the measurement basis of the quantum string C. Second, Alice's message M is encoded as quantum strings C and B, which are unknown quantum strings and are invisible to Charlie with the encrypted quantum walking system, while the measurements required for the invisible state are generated by Alice and encrypted with the secret key. Furthermore, even if Charlie obtains the measurement basis and measures the measurement of the unknown mass string C, he cannot guess B by C to infer the information of M, since only Alice knows exactly the pair of particles she prepared. The invention assumes that Charlie has a 50% probability of guessing another particle B, and can quantitatively evaluate the probability of successfully inferring the entire message M from statistical data.
Figure GDA0002151597810000161
Where k represents the total number of correctly guessed particles and N represents the overall information length of M. Probability PiFitting the binomial distribution and binomial coefficients.
Figure GDA0002151597810000162
For N100, N500, N1000, PiFig. 2, with respect to k, shows that Pi has its maximum value for different N and decreases as N increases. Thus, it can be concluded that the signature scheme can effectively blind information.
2) Non-eavesdroppable by attackers: the protocol of the invention can resist eavesdropping attack, and even if an attacker Eve uses entanglement attack, the protocol is useless.
Firstly, the invention adds the decoy particles in the transmission particles to avoid the attack and improve the safety of the protocol. The present invention describes this process in detail in steps (1-5) of the signature phase. Assume that Eve intercepts any particle sequence transmitted from Alice and then resends another particle sequence to the recipient. Since Eve has no knowledge of the location and state of the spoofed particles, the recipient will obtain irrelevant measurements and the error rate during the particle transmission increases, which will cause the session to terminate. Thus, the eavesdropping attack of Eve is not effective for the present invention.
Second, Eve also cannot obtain information through an entanglement attack because when information is transmitted in a quantum channel, the information is encoded as a sequence of particles and encrypted with discrete-time quantum walking. Suppose that Eve intercepts particle C during transmission and winds new particle e with C to form a larger hilbert space, where C { |0>, |1>, | + >, | - > }.
Figure GDA0002151597810000171
Figure GDA0002151597810000172
Figure GDA0002151597810000173
Figure GDA0002151597810000174
Where E is the single operation matrix of Eve, denoted as
Figure GDA0002151597810000175
Four { E } determined by the E operator00,e01,e10,e11The pure state satisfies the normalization condition
Figure GDA0002151597810000176
Because of EE *1, a, b, a ', b' satisfy the following relationship
|a|2+|b|2=1,|a'|2+|b'|2=1,ab*=(a')*b' (25)。
The invention can obtain the result
|a|2=|a'|2,|b|2=|b'|2(26)。
If Eve's attack particles are in an entangled state, such eavesdropper interference will inevitably introduce errors, and the present invention can use P as the number of PEDetects the presence of an eavesdropper.
PE=|b|2=1-|a|2=|b'|2=1-|a'|2(27)。
If Eve does not want to introduce errors, the total particles must be related to the auxiliary particles of Eve in a direct-product state. However, in the direct product state, there is no correlation between the helper particles e and C particles, so Eve does not get any useful information, which proves that the entanglement attack is fruitless.
3) Non-repudiation of signer, assuming the signer Charlie wants to repudiate his signed information, Bob needs Charlie's measurements η 1 and η 2 to complete the stealth propagation of quantum walking due to the step (3,4) of the verification phase, the measurements η 1 and η 2 using the key KBCEncryption, key KBCDistributed for the first time by the QKD protocol and updated during eavesdropping detection. Therefore, it is difficult for other members to obtain KBCSecret key, KBCPlays a role of identity authentication, so Charlie cannot deny his signature.
Furthermore, based on the statistical data, the probability of denial of Charlie can be quantitatively evaluated. Assuming Charlie agrees or denies the likelihood of his signature having 1/2, his probability of denial can be calculated as Pd
Figure GDA0002151597810000181
Where k represents the number of Charlie rejected signatures received by Bob and N represents the length of all received signatures. Probability PdSatisfying binomial distribution and binomial coefficients.
Figure GDA0002151597810000182
The present invention finds P in fig. 3dAnd k, respectively in N ═ NWhen N is 100, N is 200, the graph indicates PdThere is a maximum for different N and decreases as N increases.
4) Non-rejectability by verifier: in the protocol of the present invention, Bob cannot deny that he obtained the signature of Chalie and the qubit string B of Alice through the quantum walking system. If Bob refuses to receive the signature, he cannot obtain any benefit. Since Bob needs Charlie's signature Mc and a random string G to verify the integrity of the signature in step (6) of the verification phase, and G uses the key KBCEncrypted, and the information can only be decrypted by Bob. Secret key KBCWill be updated during eavesdropping detection to achieve the effect of a One Time Pad (OTP). On the other hand, if Bob has received some signatures but does not acknowledge the correctness of the signature, that is, Bob declares H (M ') ≠ H (M) in the verification phase, even though H (M') ≠ H (M). However, this denial has no benefit to Bob. Once he claims H (M') ≠ H (M), he would consider the signature to have been intercepted by an eavesdropper in the view of Chalie. Thus, Chalie will invalidate the signature and terminate the communication, and the signature obtained by Bob will be useless. Also, Bob cannot deny that he obtained qubit string B from Alice's hand via the stealth propagation state. In order to complete signature verification by Bob, Alice invisibly transmits the quantum bit string B to Bob through a quantum walking system, and the measurement results gamma 1 and gamma 2 use a secret key KABEncryption, KABAnd can only be decrypted by Bob. If Bob denies that he obtained the qubit string B from Alice through the stealth pass state, he will not be able to complete signature verification.
5) Non-forgeability: suppose a dishonest member, Alice, Bob or an attacker, Eve, tries to forge Charlie's blind signature. For Alice, her goal is to have Charlie complete the blind signature, and even if she obtained Charlie's binary string G from step (3,4) of the verification phase, she cannot modify Charlie's quantum signature Mc. Because the qubit string B associated with Mc is in Bob's hand, it was sent to Bob before Charlie completed signing. If Alice modifies the signature Mc and then re-sends Mc to Bob, this will not pass the final verification, since H (M') ≠ H (M). She needs to resend to Bob another string of qubit strings B', which is obviously not allowed by the agreement.
For Bob, one may worry that his authority is too large, he knows the measurements of G and the two qubit strings. In fact, Bob cannot complete verification by G modifying the signature message Mc, because the measurement of the quantum string B associated with Mc is deterministic, whereas G is a unique time-stream sequence. If Bob modifies Mc, the final verification result may not be able to complete because H (M') ≠ H (M).
For an attacker Eve, if he wants to forge a signature, all particles in the invisible propagation state in the whole signature process need to be intercepted. However, the present invention has been demonstrated in the non-eavesdropping nature of previous attacks, even with entanglement attacks, Eve cannot steal particles or obtain useful information. Therefore, he cannot intercept the particles of anyone to complete signature forgery.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (8)

1. The quantum walking-based non-entangled quantum blind signature method is characterized by comprising the following steps of:
in the coding stage of the message, coding and blinding information are carried out by utilizing four single particle state combined blinding coding rules of the message;
the blinding coding rule of the message comprises: in the blind encoding stage of the message, the message owner generates a string of n-bit random binary character strings L, and then uses L to generate a two-particle bit string { | b of n-bit original information M1c1>,|b2c2>,|b3c3>...|bncn>};
In the invisible state-transferring process of the coded particles, quantum walking is used for realizing the invisible state-transferring of the coded particles, the particles are spontaneously entangled in the invisible state-transferring, the denial attack of a signer and the denial attack of a verifier are resisted, and the signature is prevented from being forged by the attacker;
the quantum walking method comprises the following steps: quantum walking operates in a quantum space consisting of a position space and a coin space, and is expressed as
Figure FDA0002399934500000011
Hp represents position span { n, n belongs to Z }, Hc represents coin direction { |0>, |1> } of quantum walking, and evolution of a total subsystem of each step of quantum walking is described as an equation
Figure FDA0002399934500000012
Wherein
Figure FDA0002399934500000013
S is called the shift operator and is denoted as S ═ Σn|n+1><n |, and C is a coin operator, when the coin operator is |0>In the state, the coin is driven from the state | n>Move to state | n +1>When the coin operator is |1>In the state, the coin is moved backward to the state | n-1>。
2. The quantum walking-based entanglement-free quantum blind signature method of claim 1, wherein the using quantum walking to achieve invisible states of propagation of the encoded particles comprises:
selecting a quantum walking system based on two coins, successfully transferring any unknown qubit between the two parties by selecting a suitable initial state and a matching measurement basis, and without the need to prepare initial entangled particles;
if the sender wants to send the receiver the invisible unknown quantum bit
Figure FDA0002399934500000014
Wherein | α2+|β|21 is ═ 1; in the stealth state, two particles are prepared, A1And Ap,A1Is an unknown quantity of invisible states desired by the senderSub-bits, denoted as coin1, ApIs a state of a position space; likewise, the recipient prepares particle B, denoted coin 2; a. thepAnd B are both |0 in the initial state>(ii) a Completing invisible transmission state through two quantum walking steps;
the first step of quantum walking is as follows:
Figure FDA0002399934500000021
wherein the content of the first and second substances,
Figure FDA0002399934500000022
formula (middle, C)1Representing an operator of coin1-A1, and selecting an I operation as the operator;
the second step of quantum walking is as follows:
Figure FDA0002399934500000023
wherein the content of the first and second substances,
Figure FDA0002399934500000024
in the formula, H represents that Hadamard operation is performed on the coin2-B particle when the initial state of the B particle is |0> state, the operator is replaced by I operation when the initial state of the B particle is | + > state;
sender measures A with X basis1The measurement result of the particle is marked as lambda 1(| +)>And | ->1 and-1, respectively); the sender then measures A with Q basepParticles of wherein | Q>={|-2'>,|-1>,|0>,|1>,|2'>},
Figure FDA0002399934500000025
Figure FDA0002399934500000026
The measurement result was recorded as λ 2(| -2'>,|0>,|2'>Are respectively provided withAs-1, 0, 1); the sender informs the receiver of the measurement results lambda 1 and lambda 2, and the receiver performs corresponding Pauli recovery operation on the B particles according to the lambda 1 and the lambda 2 to finish the operation related to A1Invisible transport states of the particles.
3. The quantum-walking-based entanglement-free quantum blind signature method as claimed in claim 1, wherein the quantum-walking-based entanglement-free quantum blind signature method further comprises:
the first step, initialization stage: the sender, signer and verifier prepare some particles for the quantum walking system;
step two, a blinding stage: the sender generates a random binary character string L with n bits, and then the sender generates a two-particle bit string { | b of the original information M with n bits by using L according to a blind coding rule1c1>,|b2c2>,|b3c3>...|bncn>}; when the sender generates a two-particle bit string | bc>Then, the sender extracts | b in order>Particle generation B ═ B1b2b3...bn>In order extract | c>Particle generation C ═ C1c2c3...cn>(ii) a At this time, the blinded encryption of the message is completed;
step three, signature stage: the sender transmits the encrypted sub-information C of the M to the signer in a quantum walking invisible mode, requests the blind signature of the signer, and the signer executes Pauli operation on the received quantum bit string to complete the blind signature.
4. The quantum walking-based entanglement-free quantum blind signature method as claimed in claim 3, wherein the third step further comprises:
(1) the sender randomly adds k bit decoy particles to C for eavesdropping detection and key update; the sender invisibly transmits blind information CK added with decoy particles to a signer, and does not depend on preparation of entangled particles, wherein CK ═ { c }1,c2,c3...cn+k}; the sender prepares the initial state as |0>Particle Ap of (2)iFor quantum invisible transport, the sender will ciAs particles in the quantum walking system which need to be stealthy transferred, wherein ci=α|0>+β|1>,|α|2+|β|21 is ═ 1; the signer has prepared the qubit string Cp in the particle preparation phase, and has attached the particle CpiAs receiving particles in quantum walking systems, CpiAt |0>State; the initial state of the whole quantum walking system is as follows:
Figure FDA0002399934500000031
after the first quantum walking W1, the whole system state changes to
|Φ>(1)=(α|100>+β|-110>)p12
After the second quantum walking W2, the whole system state changes to
|Φ>(2)=(α|200>+α|001>+β|010>+β|-211>)p12
(2) Sender measurement with X base ciMeasurement result | +>And | ->Are noted as 1 and-1, respectively; sender continues to use Q-base | Q>={|-2'>,|-1>,|0>,|1>,|2'>Measurement ApiWherein, in the step (A),
Figure FDA0002399934500000032
measurement results | -2'>、|0>、|2'>Are noted as-1, 0,1, respectively; finally, the measurement result sequences of the X base and the Q base are respectively expressed as a lambda 1 sequence and a lambda 2 sequence;
(3) secret key K for senderACEncrypting λ 1 and λ 2 generates Sac=EKAC(λ 1, λ 2); then, S is addedacInforming the signer;
(4) signer used secret key KACDecryption SacObtaining lambda 1 and lambda 2, and obtaining a target state by a signer performing Pauli recovery operation on the particle string Cp through the lambda 1 and the lambda 2; the signer completes the invisible state of the unknown particle from the sender, and the state of the Cp particle string is converted into the state of the CK particle string;
(5) after the situation that the signer finishes the invisible state of the particles is determined, the sender begins to announce the positions and the measuring bases of the decoy particles, the signer selects a proper measuring base to measure each decoy particle, then the sender is informed of the measuring result of the k/2-bit decoy particles and the positions of the measuring bases, and the sender can evaluate the error rate in the invisible state process of the particles; terminating the communication if the error rate exceeds a specified threshold epsilon and then re-executing steps (1) - (5) until the error rate is accepted; otherwise, continuing to execute the next step;
(6) the rest of the K/2 bit measurement, the signer and the sender use the measurement for updating the secret key K according to the rule agreed in advanceAC
(7) After discarding decoy particles, signer pair ciBlind signature; the signer generates an n-bit random binary string G ═ G1,g2,g3...gnAccording to g, theniManipulation of unknown particles ciTo complete the signature, if giIs 0, to ciPerform Pauli operation I ═ 0><0|+|1><1|, otherwise, Pauli operation σ is executedx=|0><1|+|1><0 |; recording the unknown quantum string as Mc after Pauli operation is completed; sigmaxThe state is flipped in both measurement bases, i.e.,
σx|0>=|1>,σx|1>=|0>;
σx|+>=|->,σx|->=|+>。
5. the quantum walking-based entanglement-free quantum blind signature method as claimed in claim 3, wherein the third step is completed and then security verification is performed.
6. A quantum walking based entanglement-free quantum blind signature system implementing the quantum walking based entanglement-free quantum blind signature method of claim 1.
7. A quantum walking based non-entangled quantum blind signature terminal implementing the quantum walking based non-entangled quantum blind signature method of claim 1.
8. A computer-readable storage medium comprising instructions which, when run on a computer, cause the computer to perform the quantum walking based entanglement-free quantum blind signature method of any one of claims 1-5.
CN201910602779.7A 2019-07-05 2019-07-05 Non-entanglement quantum blind signature method and system based on quantum walking Active CN110213060B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910602779.7A CN110213060B (en) 2019-07-05 2019-07-05 Non-entanglement quantum blind signature method and system based on quantum walking

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910602779.7A CN110213060B (en) 2019-07-05 2019-07-05 Non-entanglement quantum blind signature method and system based on quantum walking

Publications (2)

Publication Number Publication Date
CN110213060A CN110213060A (en) 2019-09-06
CN110213060B true CN110213060B (en) 2020-04-28

Family

ID=67796329

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910602779.7A Active CN110213060B (en) 2019-07-05 2019-07-05 Non-entanglement quantum blind signature method and system based on quantum walking

Country Status (1)

Country Link
CN (1) CN110213060B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111988139B (en) * 2020-08-18 2022-05-17 中南大学 Improved one-time pad quantum proxy signature method based on quantum walk
CN112804009B (en) * 2021-03-05 2022-02-22 苏州大学 Joint quantum remote state acceleration preparation method based on terminal uncertainty
CN113517986B (en) * 2021-09-15 2021-11-23 湖南师范大学 Identity authentication method based on quantum walking and related equipment
CN113645034B (en) * 2021-10-15 2022-01-04 湖南师范大学 Multi-party quantum secret sharing method and system based on quantum walking
CN114448522B (en) * 2022-02-22 2023-09-22 中国海洋大学 Noise quantum network transmission control method and system based on quantum Shor code
CN114465670B (en) * 2022-02-22 2023-10-27 中国海洋大学 Multipartite quantum invisible state communication method and system based on quantum surface code
CN115865343B (en) * 2022-12-06 2023-07-14 西藏民族大学 Quantum voting method based on GHZ state
CN116996237B (en) * 2023-09-29 2023-12-08 山东高速建设管理集团有限公司 Distributed management method and system based on quantum threshold signature

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108880790A (en) * 2018-05-28 2018-11-23 华南师范大学 A kind of quantum ballot system and method based on quantum teleportation
CN109257183A (en) * 2018-11-05 2019-01-22 中南大学 Arbitration quantum signature method based on quantum migration Teleportation
CN109816844A (en) * 2019-01-30 2019-05-28 陕西师范大学 A kind of quantum ballot system based on quantum homomorphism signature

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090031137A1 (en) * 2006-02-01 2009-01-29 Nec Cororation Blind signature method and its system
CN107070664B (en) * 2017-04-01 2020-01-07 成都信息工程大学 Quantum authorization management method based on EPR pair and entanglement exchange
CN109818756A (en) * 2019-03-13 2019-05-28 北京信息科技大学 A kind of identity authorization system implementation method based on quantum key distribution technology

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108880790A (en) * 2018-05-28 2018-11-23 华南师范大学 A kind of quantum ballot system and method based on quantum teleportation
CN109257183A (en) * 2018-11-05 2019-01-22 中南大学 Arbitration quantum signature method based on quantum migration Teleportation
CN109816844A (en) * 2019-01-30 2019-05-28 陕西师范大学 A kind of quantum ballot system based on quantum homomorphism signature

Also Published As

Publication number Publication date
CN110213060A (en) 2019-09-06

Similar Documents

Publication Publication Date Title
CN110213060B (en) Non-entanglement quantum blind signature method and system based on quantum walking
US11121878B2 (en) Authentication using key distribution through segmented quantum computing environments
Dodis et al. Non-malleable extractors and symmetric key cryptography from weak secrets
CN108632261B (en) Multi-party quantum summation method and system
CN109257183B (en) Arbitration quantum signature method based on quantum walking invisible transmission
CN110445609B (en) Quantum secret sharing method and quantum secret sharing system based on quantum walking
Tsai et al. Semi-quantum secret sharing protocol using W-state
Renner et al. Unconditional authenticity and privacy from an arbitrarily weak secret
CN110071814B (en) Quantum blind signature method and system based on Bell state entanglement exchange
WO2021000329A1 (en) Multi-party quantum key agreement method, computer terminal and storage device
CN110166251B (en) Semi-quantum group signature method and system based on quantum walking
CN108092770A (en) Quanta identity authentication method, computer, computer program, readable storage medium storing program for executing
Marzan et al. An enhanced key security of playfair cipher algorithm
Lü et al. An arbitrated quantum message signature scheme
Puthuparambil et al. Freestyle, a randomized version of ChaCha for resisting offline brute-force and dictionary attacks
Tang et al. Improved verifier-based three-party password-authenticated key exchange protocol from ideal lattices
CN111224780B (en) Arbitration quantum signature method based on XOR encryption
Guo et al. A novel quantum proxy blind signature scheme
CN110912695B (en) Quantum arbitration signature method and system based on six-particle invisible transmission state
CN113938275A (en) Quantum homomorphism signature method based on d-dimensional Bell state
Zhong et al. A quantum partially blind signature scheme without entanglement
Li et al. A verifiable multi-secret sharing scheme based on short integer solution
Guo et al. An improved proxy blind signature scheme
Xin et al. Quantum authentication of classical messages without entangled state as authentication key
Ali et al. Defensive strategies against PCC attacks based on ideal (t, n)-secret sharing scheme

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20230323

Address after: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province

Patentee after: Yami Technology (Guangzhou) Co.,Ltd.

Address before: 610225, No. 24, Section 1, Xuefu Road, Southwest Economic Development Zone, Chengdu, Sichuan

Patentee before: CHENGDU University OF INFORMATION TECHNOLOGY

TR01 Transfer of patent right