CN111224780B - Arbitration quantum signature method based on XOR encryption - Google Patents

Arbitration quantum signature method based on XOR encryption Download PDF

Info

Publication number
CN111224780B
CN111224780B CN202010196798.7A CN202010196798A CN111224780B CN 111224780 B CN111224780 B CN 111224780B CN 202010196798 A CN202010196798 A CN 202010196798A CN 111224780 B CN111224780 B CN 111224780B
Authority
CN
China
Prior art keywords
quantum
trent
particle
bob
alice
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010196798.7A
Other languages
Chinese (zh)
Other versions
CN111224780A (en
Inventor
郑晓毅
苏景军
匡畅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Polytechnic Of Water Resources And Electric Engineering
Original Assignee
Guangdong Polytechnic Of Water Resources And Electric Engineering
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Polytechnic Of Water Resources And Electric Engineering filed Critical Guangdong Polytechnic Of Water Resources And Electric Engineering
Priority to CN202010196798.7A priority Critical patent/CN111224780B/en
Publication of CN111224780A publication Critical patent/CN111224780A/en
Application granted granted Critical
Publication of CN111224780B publication Critical patent/CN111224780B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/70Photonic quantum communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Abstract

The invention discloses an arbitration quantum signature method based on XOR encryption, which comprises a signer Alice, a receiver Bob, an arbiter Trent and a three-party shared three-particle GHZ quantum key, wherein the three-particle GHZ quantum key is an entanglement resource commonly used in quantum communication, and the signature method comprises the following steps: an initialization phase, a signature phase and a verification phase. The signer Alice, the receiver Bob and the arbiter Trent share the three-particle GHZ state and keep the own particle information secret, the quantum message is encrypted and signed by sharing the GHZ state through the traditional XOR encryption and decryption method, the flow of the conventional arbitration quantum signature protocol is improved by introducing the decoy photon state, the requirements of non-counterfeitability and non-repudiation are realized, and finally, the encryption of the protocol does not involve a complex encryption method or complex quantum operation, so that the method is more practical than other methods.

Description

Arbitration quantum signature method based on XOR encryption
Technical Field
The invention relates to the technical field of quantum cryptography, in particular to an arbitration quantum signature method based on XOR encryption.
Background
With the development of AQS research work, some researchers began to study the security of protocols. In 2011 Gao et al pointed out that AQS based on quantum one-time pad encryption has a security hole. This is because Pauli operations used in encryption are exchangeable, so the receiver can forge a quantum signature. Subsequently, choi et al propose an AQS protocol that is resistant to the attack approach reported by Gao et al. This is based on improved QOTP encryption. However, it is pointed out by the applicant that this method does not prevent the recipient from forging the signature. Instead, they use the proposed mixed-key quantum cryptography concept to design a multiple encryption method that can be applied to quantum signature protocols. In 2015, li et al proposed a novel AQS protocol based on chained CNOT operation. The protocol encrypts quantum messages using chained CNOT operations and can resist signature forgery that may occur with Pauli operations. Later, the protocol of the plum by Row et al also provides a new counterfeit attack method. In this regard, 2017, et al used the idea of key control to improve chained CONT operations for encrypting quantum messages. The protocol re-orders the locations of quantum messages by introducing shared key control permutation operations, thereby enhancing the ability to resist forgery attacks. However, the requirements for quantum operations in the protocol are very high, making the protocol difficult to implement under practical conditions.
All AQS protocols should have two basic security conditions: non-counterfeitability and non-repudiation. In order to improve the security of protocols, most AQS protocols are designed to enhance the security of quantum message encryption and quantum signatures. Although the security performance is improved, more quantum resources and quantum operations are consumed, which increases the difficulty of practical application, and for this reason, we propose an arbitration quantum signature method based on XOR encryption to solve the above problems.
Disclosure of Invention
The invention aims to provide an arbitration quantum signature method based on XOR encryption, which aims to solve the problems in the background technology.
In order to achieve the above purpose, the present invention provides the following technical solutions: an arbitration quantum signature method based on XOR encryption comprises a signer Alice, a receiver Bob, an arbiter Trent and a three-party shared three-particle GHZ quantum key, wherein the three-particle GHZ quantum key is an entanglement resource commonly used in quantum communication, as shown in an expression (1):
Figure GDA0003891151850000021
performing a unitary Hadamard operation (H operation) on all three particles can result in expression (2):
Figure GDA0003891151850000022
the method for signing the quantum key according to the three-particle GHZ state is as follows:
A. initialization phase
(I1) Trent prepares the n+d group GHZ state and performs a Hadamard operation on each of the three particles in the GHZ state, expression (3) can be obtained:
Figure GDA0003891151850000023
and for each GHZ state particle, trent retains one of the particles and distributes the remaining two particles to Alice and Alice, respectivelyBob;
(I2) Trent randomly uses d-group GHZ states of n+d-group GHZ states to verify the security of the transmission channel by: trent randomly selects a measurement group for particles reserved in the d group GHZ state selected randomly, wherein the Z group is { |0>,|1>Either X-base { | +>,|->Performing single particle base measurement, recording measurement results according to a certain recording rule, and then, publishing specific position of d group GHZ state and specific measurement base information M by Trent i ={M 1 ,M 2 ,M 3 ...M d },M d ∈{X,Z};
(I3) Alice and Bob carry out corresponding single particle-based measurement on corresponding particles in respective hands according to information published by Trent, record and publish results according to the above record rules, and according to the information published by Alice and Bob, trent calculates a quantum transmission error rate according to an expression (2), if the error rate exceeds a certain specific threshold, the quantum channel is considered to be unsafe, all entangled particles are discarded at the moment, the protocol is terminated, conversely, a communication channel is considered to be safe, and three parties continue to finish the protocol by using the rest n groups of GHZ states;
B. signature stage
(S1) Alice prepares a signed quantum message as in expression (4):
Figure GDA0003891151850000031
wherein |a i | 2 +|b i | 2 =1, and Alice prepares three identical quantum messages +.>
Figure GDA0003891151850000032
At the same time randomly generating an n-bit binary parameter r, then encrypting |P>To quantum pseudorandom string |P ''>As expression (5): i P'>=E r (|P>);
(S2) Alice uses n sets of particle sequences A in GHZ state for three parts |P ''>Performs a control not gate (CNOT) operation as in expression (6):
Figure GDA0003891151850000033
(S3) Alice prepares enough decoy photon states |D>,|D>Randomly is in { |0>,|1>,|+>,|->One of four singlet states, then Alice will decoy photon state |d>Insertion |P'>Two other sets of particle sequences
Figure GDA0003891151850000034
To form two new sets of particle sequences { |P'>,|D>Sum } and->
Figure GDA0003891151850000035
Then the two groups of particle sequences are respectively sent to Trent and Bob;
C. verification stage
(V1) after the Trent receives the particle sequence sent by Alice, alice tells Trent to decoy detailed information of photon state |D >, so that Trent measures and calculates the error rate to finish eavesdropping detection, if the error rate is zero or the error rate is lower than a specific threshold, eavesdropping behavior can be considered to exist, trent removes decoy photon state |D > and declares that the protocol is continued, otherwise, the protocol is terminated;
(V2) when Bob receives the sequence of particles, he detects the presence or absence of eavesdropping on the communication channel in step (V1). If eavesdropping is found, the protocol is terminated. Otherwise, bob deletes the decoy photon state |d>Then, one of the particle sequences is selected by using the particle sequence B in the n groups of GHZ states held by the user
Figure GDA0003891151850000041
Performing a CNOT operation as expressed by expression (7):
Figure GDA0003891151850000042
(V3) Bob re-prepares the decoy photon state |D as shown in (S3)>Then randomly insert into
Figure GDA0003891151850000043
Formation of a novel particle sequence->
Figure GDA0003891151850000044
ThenBob sends this new particle sequence to Trent, leaving the other particle sequence in his own hand +.>
Figure GDA0003891151850000045
(V4) after the Trent receives the particle sequence from Bob, eavesdropping detection is performed in the same manner as before, and if eavesdropping is not detected, trent removes the decoy photon state |D>And uses the particle sequence T in the n groups of GHZ states in the hand to pair the particle sequence
Figure GDA0003891151850000046
Performing a CNOT operation as expressed by expression (8): />
Figure GDA0003891151850000047
And verified by quantum state comparison techniques, then Trent prepares decoy photon state |d in the same manner>And randomly insert->
Figure GDA0003891151850000048
Formation of a novel particle sequence->
Figure GDA0003891151850000049
And sends it to Bob;
(V5) Bob, upon receipt of the particle sequence, performs a channel security check and determines whether to continue the protocol and store Alice's quantum signature.
In a preferred embodiment, the unitary Hadamard operation H is:
Figure GDA00038911518500000410
expression (2) shows that under the measurement of single particle basis with z basis as measurement basis, the measurement result of GHZ state after H conversion is written into binary number, wherein '0' represents measurement result|0>"1" means measurement result |1>It is not difficult to find that the measurement results of three particles satisfy the classical exclusive or relationship.
In a preferred embodiment, in step a, the recording rule is as follows, "0" indicates measurement result { |0>, |+> }, and "1" indicates measurement result { |1>, |- >.
In a preferred embodiment, in step (S1), encryption method E r The method comprises the following steps: when r is i When=1, for |p i >Performing a unitary transform X transform, i.e., x= |0><1|+|1><0, when r i When=0, then pair |p i >Performing an I-identity transformation, i.e., I= |0><0|+|1><1, it can be seen very easily that the corresponding decryption method E' r =E r
In a preferred embodiment, in step (V4), the verification by quantum state comparison technique is:
Figure GDA0003891151850000051
if the equation is true, trent prepares |V T >=|1>Otherwise prepare |V T >=|0>If the equation is true, trent will again be +.>
Figure GDA0003891151850000052
Performing a CNOT operation as in expression (9):
Figure GDA0003891151850000053
in a preferred embodiment, in step (V5), the security detection is performed by Bob deleting decoy photon state |D if no eavesdropping is performed>And judges whether or not |V T >=|1>If so, bob uses the n group GHZ particle sequence B pair particle sequence in his hand
Figure GDA0003891151850000054
Performing a CNOT operation as expressed by expression (10): />
Figure GDA0003891151850000055
Later, bob uses quantum state comparison techniques to verify, as in expression (11): +.>
Figure GDA0003891151850000056
If they are equal, bob will publish |V B >=|0>Refusing the signature of Alice and terminating the protocol, otherwise, bob informs Alice to announce parameter r, and Bob will restore |P ' by Alice's announced parameter r '>To |P>=E' r |P'>Store +.>
Figure GDA0003891151850000057
As a quantum signature of Alice.
Compared with the prior art, the invention has the beneficial effects that: in the method, a signer Alice, a receiver Bob and an arbiter Trent share three-particle GHZ states and keep own particle information secret respectively, and the protocol adopts a quantum one-time pad encryption method or a chained CNOT encryption method, and is different from other protocols, the traditional XOR encryption and decryption method is adopted, quantum messages are encrypted and signed through sharing the GHZ states, the flow of a conventional arbitration quantum signature protocol is improved through introducing a decoy photon state, the requirements of non-counterfeitability and non-repudiation are realized, and finally, the encryption of the protocol does not involve a complex encryption method or complex quantum operation, so that the method is more practical than other protocols.
Drawings
FIG. 1 is a detailed process diagram of the initialization phase of the present invention;
FIG. 2 is a detailed process diagram of the signature stage of the present invention;
FIG. 3 is a detailed process diagram of the verification phase of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1-3, the present invention provides a technical solution: an arbitration quantum signature method based on XOR encryption comprises a signer Alice and a receiver Bob and arbiter Trent, and three-party shared three-particle GHZ state quantum key, the three-particle GHZ state being an entangled resource commonly used in quantum communication, as expressed in expression (1):
Figure GDA0003891151850000061
performing a unitary Hadamard operation (H operation) on all three particles can result in expression (2):
Figure GDA0003891151850000062
the unitary Hadamard operation H is: />
Figure GDA0003891151850000063
Figure GDA0003891151850000064
Expression (2) shows that under the measurement of single particle basis with z basis as measurement basis, the measurement result of GHZ state after H conversion is written into binary number, wherein '0' represents measurement result|0>"1" means measurement result |1>It is not difficult to find that the measurement results of the three particles meet the classical exclusive or relation, and the signature method according to the three-particle GHZ state quantum key is as follows:
A. initialization phase
(I1) Trent prepares the n+d group GHZ state and performs a Hadamard operation on each of the three particles in the GHZ state, expression (3) can be obtained:
Figure GDA0003891151850000065
for each GHZ particle, the Trent reserves one particle, and distributes the other two particles to Alice and Bob respectively;
(I2) Trent randomly uses d-group GHZ states of n+d-group GHZ states to verify the security of the transmission channel by: trent randomly selects a measurement group for particles reserved in the d group GHZ state selected randomly, wherein the Z group is { |0>Either, |1} or X-yl { |+>,|->Performing single particle-based measurement, and recording the measurement result according to a certain recording rule, wherein the recording rule is as follows, and 0 represents the measurement result { |0>,|+>"1" indicates measurementResults { |1>,|->Subsequently, trent publishes specific location of the d group GHZ state and specific measurement basis information M i ={M 1 ,M 2 ,M 3 ...M d },M d ∈{X,Z};
(I3) Alice and Bob perform corresponding single particle-based measurement on corresponding particles in respective hands according to information published by Trent, record and publish results according to the above record rules, and according to the information published by Alice and Bob, trent calculates a quantum transmission error rate according to an expression (2), if the error rate exceeds a certain specific threshold, the quantum channel is considered to be unsafe, all entangled particles are discarded at the moment, the protocol is terminated, conversely, the communication channel is considered to be safe, and three parties continue to complete the protocol by using the rest n groups of GHZ states;
B. signature stage
(S1) Alice prepares a signed quantum message as in expression (4):
Figure GDA0003891151850000071
wherein |a i | 2 +|b i | 2 =1, and Alice prepares three identical quantum messages +.>
Figure GDA0003891151850000072
At the same time randomly generating an n-bit binary parameter r, then encrypting |P>To quantum pseudorandom string |P ''>As expression (5): i P'>=E r (|P>) And encryption method E r The method comprises the following steps: when r is i When=1, for |p i >Performing a unitary transform X transform, i.e., x= |0><1|+|1><0, when r i When=0, then pair |p i >Performing an I-identity transformation, i.e., I= |0><0|+|1><1, it can be seen very easily that the corresponding decryption method E' r =E r
(S2) Alice uses n sets of particle sequences A in GHZ state for three parts |P ''>Performs a control not gate (CNOT) operation as in expression (6):
Figure GDA0003891151850000081
(S3) Alice prepares enough decoy photon states |D>,|D>Randomly is in { |0>,|1>,|+>,|->One of four singlet states, then Alice will decoy photon state |d>Insertion |P'>Two other sets of particle sequences
Figure GDA0003891151850000082
To form two new sets of particle sequences { |P'>,|D>Sum } and->
Figure GDA0003891151850000083
Then the two groups of particle sequences are respectively sent to Trent and Bob;
C. verification stage
(V1) after the Trent receives the particle sequence sent by Alice, alice tells Trent to decoy detailed information of photon state |D >, so that Trent measures and calculates the error rate to finish eavesdropping detection, if the error rate is zero or the error rate is lower than a specific threshold, eavesdropping behavior can be considered to exist, trent removes decoy photon state |D > and declares that the protocol is continued, otherwise, the protocol is terminated;
(V2) when Bob receives the sequence of particles, he detects in the same way the presence or absence of eavesdropping on the communication channel. If eavesdropping is found, the protocol is terminated. Otherwise, bob deletes the decoy photon state |d>Then, one of the particle sequences is selected by using the particle sequence B in the n groups of GHZ states held by the user
Figure GDA0003891151850000084
Performing a CNOT operation as expressed by expression (7):
Figure GDA0003891151850000085
(V3) Bob re-prepares the decoy photon state |D as shown in (S3)>Then randomly insert into
Figure GDA0003891151850000086
Formation of a novel particle sequence->
Figure GDA0003891151850000087
Then Bob sends this new particle sequence to Trent, leaving the other particle sequence in his own hand +.>
Figure GDA0003891151850000088
(V4) after the Trent receives the particle sequence from Bob, eavesdropping detection is performed in the same manner as before, and if eavesdropping is not detected, trent removes the decoy photon state |D>And uses the particle sequence T in the n groups of GHZ states in the hand to pair the particle sequence
Figure GDA0003891151850000089
Performing a CNOT operation as expressed by expression (8): />
Figure GDA00038911518500000810
And verified by quantum state comparison technology as: -j>
Figure GDA00038911518500000811
If the two are equal, trent prepares |V T >=|1>Otherwise prepare |V T >=|0>If the equation is true, trent will again be +.>
Figure GDA00038911518500000812
Performing a CNOT operation as in expression (9): />
Figure GDA0003891151850000091
Subsequently, trent prepares decoy photon state |d in the same manner>And randomly insert->
Figure GDA0003891151850000092
Formation of a novel particle sequence->
Figure GDA0003891151850000093
And sends it to Bob;
(V5) upon receipt of the particle sequence by Bob, the channel security detection is performed as before, and if there is no eavesdropping activity, bob will delete decoy photon state |D>And judgeWhether or not to break |V T >=|1>If so, bob uses the n group GHZ particle sequence B pair particle sequence in his hand
Figure GDA0003891151850000094
Performing a CNOT operation as expressed by expression (10):
Figure GDA0003891151850000095
later, bob uses quantum state comparison techniques to verify, as in expression (11): +.>
Figure GDA0003891151850000096
If they are equal, bob will publish |V B >=|0>Refusing the signature of Alice and terminating the protocol, otherwise, bob informs Alice to announce parameter r, and Bob will restore |P ' by Alice's announced parameter r '>To |P>=E' r |P'>Store +.>
Figure GDA0003891151850000097
As a quantum signature of Alice.
After signing, the method can be subjected to security analysis, and the secure quantum signature protocol should have two basic characteristics of (1) non-counterfeitability, which means that an attacker (including dishonest receiver Bob) cannot maliciously forge the signature. (2) Non-repudiation, i.e., the signer cannot reject the signature, and the recipient cannot reject the received signature. In this protocol, trent will act as an arbiter to resolve the divergence when Alice and Bob disagree on the signature, so Trent is absolutely safe and reliable in our protocol. In the following, we will analyze our protocol to satisfy non-counterfeitable and non-repudiatable, proving that it is safe under certain existing attack methods:
impersonation of
If an external eavesdropper Eve wants to forge Alice's signature, the only way is to obtain all state information of particles in the GHZ state that are shared by the three parties in the protocol initialization phase, but this is clearly not possible. There are typically three common eavesdropping methods, intercept-resend, measure-resend, and entangled measure attacks. Eve cannot steal messages using these three methods because she cannot know the specific location and specific measurement basis of the d-group GHZ state that was randomly used for authentication. Therefore, if there is eavesdropping, the error rate in the channel verification process in the initialization stage will be high, and eavesdropping will be checked.
It can be seen that absolute secure quantum key distribution based on the GHZ state is the basis of our proposed arbitration quantum signature. In addition, during the initialization, signature and verification phases of the protocol, a spoofed photon state is introduced to detect any eavesdropping in time, so that an external eavesdropper cannot eavesdrop on any useful information.
Consider now an internal attacker and dishonest recipient Bob. He cannot forge Alice's signature because of the encrypted message |p'>Is sent directly by Alice to the arbiter Trent. In the protocol process, a decoy photon state |D for channel security detection is also introduced>. This means that Bob cannot know |p 'before Trent sends the authentication information back to Bob'>Any information of (3). Therefore, bob is unlikely to forge
Figure GDA0003891151850000101
To make->
Figure GDA0003891151850000102
(X2) non-repudiation
Neither Alice nor Bob can deny the validity of the signature for non-repudiation, because the GHZ state in their respective hands is known only by themselves in particular state information.
Suppose Alice has signed an encrypted quantum message |p'>Corresponding quantum signature
Figure GDA0003891151850000103
She cannot deny her signature issued for Bob. In other words, alice except for the corresponding quantum signature +.>
Figure GDA0003891151850000104
Besides, other quantum message signatures cannot be forged +.>
Figure GDA0003891151850000105
This is because Alice cannot obtain any information of Bob's own GHZ-state particles on the premise of GHZ-state secure distribution, and thus it is impossible to forge another message signature in addition to the legal one
Figure GDA0003891151850000106
Replace->
Figure GDA0003891151850000107
Verification by Trent. This means +.>
Figure GDA0003891151850000108
Cannot be established.
Furthermore, in this protocol, the encrypted message |P'>Directly sending Alice to an arbiter Trent, and verifying corresponding mail signature in the Trent
Figure GDA0003891151850000109
And return->
Figure GDA00038911518500001010
Before Bob is given, bob is unable to obtain |P'>Any information of (3).
Once Alice attempts to reject her signature and dispute, bob only needs to send out
Figure GDA00038911518500001011
And sending the result to Trent to make judgment. Trent will determine that the signature must be signed by Alice. In addition, since the decoy photon state |D is introduced into the whole protocol>Thus Alice any attempt to alter the signature verification information +.>
Figure GDA0003891151850000111
And->
Figure GDA0003891151850000112
The behavior of (1) must be discovered.
The recipient repudiation means Bob repudiation that he received quantum information |p>Is a signature of (a). Based on the premise of GHZ state safety distribution, the three parties only know the information of GHZ state particles in the hands of the three parties, but not the particle information of other two parties, so Bob cannot know two groups of CNOT operations CNOTA and CNOTT. Thus, if Bob wants to obtain quantum message |p>And the corresponding quantum signature, he cannot deny that he received
Figure GDA0003891151850000113
And a parameter r. Especially when (I)>
Figure GDA0003891151850000114
Bob cannot claim->
Figure GDA0003891151850000115
Because he needs Alice to issue parameter r to recover quantum message |p>. Otherwise he will not get the correct quantum signature +.>
Figure GDA0003891151850000116
Bob cannot reject the quantum signature;
(X3) comparison of efficiency
In the field of quantum cryptography, research on quantum signatures is deepened gradually. So far, many quantum signature protocols have been proposed, and many good ideas have been proposed in the design of arbitrating quantum signatures. However, some security vulnerabilities still exist in such protocols. Particularly in the core part of the protocol, the quantum signature encryption algorithm uses relatively complex encryption operation, which clearly increases the implementation difficulty in practical application. Moreover, this approach is also not effective in preventing counterfeit signatures.
The quantum arbitration signature protocol provided herein does not adopt any form of quantum one-time pad encryption method, nor does it adopt encryption methods based on chained CNOT operation or the combination of chained CNOT operation and key control. In contrast, since the three-party shared GHZ-state key satisfies the classical exclusive-or relationship, the protocol encrypts and signs quantum messages using a CNOT operation (effectively XOR encryption).
Although the three parties keep secret the information of the own GHZ state particles, the particles owned by the three parties meet the XOR relationship, so that the quantum message and signature can be verified and decrypted. By introducing decoy photon states and improving the flow of conventional quantum signature protocols, we have found that the protocols can also meet the requirements of arbitrating the non-counterfeitability and non-repudiation of quantum signatures. Finally, the most basic requirement of the protocol is the secure distribution of the three-particle GHZ state, which is also ensured by the security detection during the whole protocol. Thus, the solution presented herein is safe and effective.
To sum up, in this protocol, the signer Alice, the receiver Bob and the arbiter Trent share the three-particle GHZ state and are each kept secret from their own particle information. Different from other protocols which adopt a quantum one-time pad encryption method or a chained CNOT encryption method. The protocol encrypts and signs quantum messages by sharing the GHZ state by using a traditional XOR encryption and decryption method. By introducing the decoy photon state, the flow of the conventional arbitration quantum signature protocol is improved, and the requirements of non-counterfeitability and non-repudiation are realized. Finally, it can be seen that encryption of this protocol does not involve complex encryption methods or complex quantum operations and is therefore more practical than other protocols.
Although embodiments of the present invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made therein without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (6)

1. An arbitration quantum signature method based on XOR encryption comprises a signer Alice, a receiver Bob, an arbiter Trent and a three-particle GHZ state quantum key shared by three parties, and is characterized in that: the three-particle GHZ state is an entanglement resource commonly used in quantum communication, as expressed in the following formula (1):
Figure FDA0004116542340000011
performing a unitary Hadamard operation on all three particles, resulting in expression (2):
Figure FDA0004116542340000012
the method for signing the quantum key according to the three-particle GHZ state is as follows:
A. initialization phase
(I1) Trent prepares the n+d set of GHZ states and performs Hadamard operations on each of the three particles in the GHZ state, resulting in expression (3):
Figure FDA0004116542340000013
for each GHZ particle, the Trent reserves one particle, and distributes the other two particles to Alice and Bob respectively;
(I2) Trent randomly uses d-group GHZ states of n+d-group GHZ states to verify the security of the transmission channel by: trent randomly selects a measurement group for particles reserved in the d group GHZ state selected randomly, wherein the Z group is { |0>,|1>Either X-base { | +>,|->Performing single particle base measurement, recording measurement results according to a certain recording rule, and then, publishing specific position of d group GHZ state and specific measurement base information M by Trent i ={M 1 ,M 2 ,M 3 ...M d },M d ∈{X,Z};
(I3) Alice and Bob carry out corresponding single particle-based measurement on corresponding particles in respective hands according to information published by Trent, record and publish results according to the above record rules, according to the information published by Alice and Bob, trent calculates a quantum transmission error rate according to an expression (2), if the error rate exceeds a certain specific threshold, eavesdropping exists, a quantum channel is unsafe, at the moment, all entangled particles are discarded, a protocol is terminated, and conversely, a communication channel is considered to be safe, and three parties continue to finish the protocol by using the rest n groups of GHZ states;
B. signature stage
(S1) Alice prepares a signed quantum message as in expression (4):
Figure FDA0004116542340000021
wherein |a i | 2 +|b i | 2 =1, and Alice prepares three identical quantum erasuresRest->
Figure FDA0004116542340000022
At the same time randomly generating an n-bit binary parameter r, then encrypting |P>To quantum pseudorandom string |P ''>As expression (5): i P'>=E r (|P>);
(S2) Alice uses n sets of particle sequences A in GHZ state for three parts |P ''>Performs a CNOT operation as in expression (6):
Figure FDA0004116542340000023
(S3) Alice prepares enough decoy photon states |D>,|D>Randomly is in { |0>,|1>,|+>,|->One of four singlet states, then Alice will decoy photon state |d>Insertion |P'>Two other sets of particle sequences
Figure FDA0004116542340000024
To form two new sets of particle sequences { |P'>,|D>Sum } and->
Figure FDA0004116542340000025
Then the two groups of particle sequences are respectively sent to Trent and Bob;
C. verification stage
(V1) after the Trent receives the particle sequence sent by Alice, alice tells Trent to decoy detailed information of photon state |D >, so that Trent measures and calculates the error rate to finish eavesdropping detection, if the error rate is zero or the error rate is lower than a specific threshold, eavesdropping behavior is considered to be absent, trent removes decoy photon state |D > and declares that the protocol is continued, otherwise, the protocol is terminated;
(V2) when Bob receives the sequence of particles, he detects the presence or absence of eavesdropping on the communication channel in step (V1), and if eavesdropping is found, the protocol is terminated; otherwise, bob deletes the decoy photon state |d>Then, one of the particle sequences is selected by using the particle sequence B in the n groups of GHZ states held by the user
Figure FDA0004116542340000026
Performing a CNOT operation as expressed by expression (7):
Figure FDA0004116542340000027
(V3) Bob re-prepares the decoy photon state |D as shown in (S3)>Then randomly insert into
Figure FDA0004116542340000031
Formation of a novel particle sequence->
Figure FDA0004116542340000032
Then Bob sends this new particle sequence to Trent, leaving the other particle sequence in his own hand +.>
Figure FDA0004116542340000033
(V4) after the Trent receives the particle sequence from Bob, performing eavesdropping detection, if eavesdropping is not detected, trent will remove the decoy photon state |D>And uses the particle sequence T in the n groups of GHZ states in the hand to pair the particle sequence
Figure FDA0004116542340000034
Performing a CNOT operation as expressed by expression (8): />
Figure FDA0004116542340000035
And verified by quantum state comparison techniques, then Trent prepares decoy photon state |d>And randomly insert
Figure FDA0004116542340000036
Formation of a novel particle sequence->
Figure FDA0004116542340000037
And sends it to Bob;
(V5) when Bob receives the particle sequence, executing channel security detection according to the method of the step (V2), and judging whether to continue the protocol and storing the quantum signature of Alice.
2. The arbitration quantum signature method based on XOR encryption as claimed in claim 1, wherein: the unitary Hadamard operation H is:
Figure FDA0004116542340000038
and->
Figure FDA0004116542340000039
Expression (2) shows that under the measurement of single particle basis with z basis as measurement basis, the measurement result of GHZ state after H conversion is written into binary number, wherein '0' represents measurement result|0>"1" means measurement result |1>The measurement results of the three particles satisfy the classical exclusive-or relationship.
3. The arbitration quantum signature method based on XOR encryption as claimed in claim 1, wherein: in step A, the recording rule is as follows, "0" represents measurement result { |0>, |+> }, and "1" represents measurement result { |1>, |- > }.
4. The arbitration quantum signature method based on XOR encryption as claimed in claim 1, wherein: in step (S1), encryption method E r The method comprises the following steps: when r is i When=1, for |p i >Performing a unitary transform X transform, i.e., x= |0><1|+|1><0, when r i When=0, then pair |p i >Performing an I-identity transformation, i.e., I= |0><0|+|1><1, the corresponding decryption method E 'is obtained' r =E r
5. The arbitration quantum signature method based on XOR encryption as claimed in claim 1, wherein: in step (V4), the verification by the quantum state comparison technique is:
Figure FDA0004116542340000041
if the equation is true, trent prepares |V T >=|1>Otherwise prepare |V T >=|0>If the equation is true, trent will again sequence the particles
Figure FDA0004116542340000042
Performing a CNOT operation as in expression (9):
Figure FDA0004116542340000043
6. the arbitration quantum signature method based on XOR encryption as claimed in claim 1, wherein: in step (V5), the security detection method is that if there is no eavesdropping, bob will delete decoy photon state |D>And judges whether or not |V T >=|1>If so, bob uses the n group GHZ particle sequence B pair particle sequence in his hand
Figure FDA0004116542340000044
Performing a CNOT operation as expressed by expression (10): />
Figure FDA0004116542340000045
Later, bob uses quantum state comparison techniques to verify, as in expression (11): +.>
Figure FDA0004116542340000046
If they are equal, bob will publish |V B >=|0>Refusing the signature of Alice and terminating the protocol, otherwise, bob informs Alice to announce parameter r, and Bob will restore |P ' by Alice's announced parameter r '>To |P>=E' r |P'>Store +.>
Figure FDA0004116542340000047
As a quantum signature of Alice.
CN202010196798.7A 2020-03-19 2020-03-19 Arbitration quantum signature method based on XOR encryption Active CN111224780B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010196798.7A CN111224780B (en) 2020-03-19 2020-03-19 Arbitration quantum signature method based on XOR encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010196798.7A CN111224780B (en) 2020-03-19 2020-03-19 Arbitration quantum signature method based on XOR encryption

Publications (2)

Publication Number Publication Date
CN111224780A CN111224780A (en) 2020-06-02
CN111224780B true CN111224780B (en) 2023-06-23

Family

ID=70828450

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010196798.7A Active CN111224780B (en) 2020-03-19 2020-03-19 Arbitration quantum signature method based on XOR encryption

Country Status (1)

Country Link
CN (1) CN111224780B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113242135B (en) * 2021-05-12 2022-05-31 华东交通大学 Arbitration quantum signature design method based on Grover iterative flexible tracking
CN114938282B (en) * 2022-07-22 2022-12-30 中国科学技术大学 Threshold group signature method and device based on multidimensional quantum system and electronic equipment

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107124275B (en) * 2017-06-13 2021-01-26 苏州大学 Dynamic serial key distribution method based on GHZ state
CN110635907B (en) * 2019-11-07 2022-12-27 广东水利电力职业技术学院(广东省水利电力技工学校) Controlled quantum conversation method with identity authentication function based on GHZ-like state

Also Published As

Publication number Publication date
CN111224780A (en) 2020-06-02

Similar Documents

Publication Publication Date Title
Wang et al. One-time proxy signature based on quantum cryptography
CN110213060B (en) Non-entanglement quantum blind signature method and system based on quantum walking
US8670563B2 (en) System and method for designing secure client-server communication protocols based on certificateless public key infrastructure
CN109327308B (en) Quantum key distribution method and system with bidirectional identity authentication function
CN108809644B (en) Disorder high-capacity multiparty quantum key negotiation method based on high-energy level bell state
CN110071814B (en) Quantum blind signature method and system based on Bell state entanglement exchange
Wang et al. A blind quantum signature protocol using the GHZ states
WO2021000329A1 (en) Multi-party quantum key agreement method, computer terminal and storage device
CN109787770B (en) Public key arbitration quantum signature protocol based on quantum block encryption
Shen et al. Quantum dialogue with authentication based on Bell states
CN111092733A (en) Quantum blind double signature method for resisting collective noise
Yu-Guang et al. Scalable arbitrated quantum signature of classical messages with multi-signers
CN111224780B (en) Arbitration quantum signature method based on XOR encryption
CN111082937B (en) Bidirectional identity authentication method based on single photon
Yu et al. Quantum secure direct communication with authentication using two nonorthogonal states
CN116318702A (en) Multi-particle GHZ state-based semi-quantum ring signature method and device
CN110932856B (en) Verifiable quantum key negotiation method
CN110635907B (en) Controlled quantum conversation method with identity authentication function based on GHZ-like state
Zheng et al. Arbitration quantum signature protocol based on XOR encryption
Huang et al. Authenticated quantum key distribution with collective detection using single photons
CN116388995A (en) Lightweight smart grid authentication method based on PUF
CN110912695B (en) Quantum arbitration signature method and system based on six-particle invisible transmission state
Wang et al. Authenticated quantum dialogue without information leakage
CN113938275A (en) Quantum homomorphism signature method based on d-dimensional Bell state
Liu et al. Authenticated quantum secure direct communication with qutrits

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant