CN113242135B - Arbitration quantum signature design method based on Grover iterative flexible tracking - Google Patents

Arbitration quantum signature design method based on Grover iterative flexible tracking Download PDF

Info

Publication number
CN113242135B
CN113242135B CN202110517913.0A CN202110517913A CN113242135B CN 113242135 B CN113242135 B CN 113242135B CN 202110517913 A CN202110517913 A CN 202110517913A CN 113242135 B CN113242135 B CN 113242135B
Authority
CN
China
Prior art keywords
sequence
arbitration
signature
quantum
arbitration manager
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110517913.0A
Other languages
Chinese (zh)
Other versions
CN113242135A (en
Inventor
殷爱菡
熊梓豪
范萍
林伟彬
艾自建
徐鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
East China Jiaotong University
Original Assignee
East China Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by East China Jiaotong University filed Critical East China Jiaotong University
Priority to CN202110517913.0A priority Critical patent/CN113242135B/en
Publication of CN113242135A publication Critical patent/CN113242135A/en
Application granted granted Critical
Publication of CN113242135B publication Critical patent/CN113242135B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an arbitration quantum signature design method based on Grover iterative flexible tracking, which utilizes a Grover search algorithm to realize that an arbitration manager can find a signer of a problem signature when the signature has disputes. In the arbitration process, the arbitration management system negotiates with each signature participant so as to obtain a final key and find a signer of a problem signature, thereby avoiding a mechanism of directly disclosing the arbitration group signature. The invention is characterized in that a complete arbitration signature verification system is established, and the arbitration management system can select whether to disclose the identity of a problem signature signer or not, thereby having flexible traceability and fairness.

Description

Arbitration quantum signature design method based on Grover iterative flexible tracking
Technical Field
The invention relates to the field of quantum cryptography and quantum signatures, in particular to an arbitration quantum signature design method based on Grover iterative flexible tracking.
Background
Quantum cryptography is a novel cryptography, and based on cryptography and quantum mechanics, quantum physical methods are used to realize cryptography ideas. The quantum cryptography is applied to the digital signature, and the combination of the quantum signature and the quantum computation is the current leading-edge field, and has important theoretical significance and application value for the future development of the quantum cryptography.
The defects and deficiencies of classical calculations in information processing have prompted the rapid development of quantum calculations. The appearance of the Shor algorithm and the Grover search algorithm proves that quantum computing has strong parallel processing capacity, so that students design related quantum communication schemes by utilizing the advantages of quantum computing. The Grover algorithm with the secondary acceleration function for key search can adapt to different search requirements, and has some research achievements in the aspects of design and application of quantum communication protocols, including a controlled quantum conversation protocol (CQD), a quantum key agreement protocol (QKA), a quantum signature protocol (QKA) and the like based on the Grover algorithm, so that the feasibility of using the quantum search algorithm to construct a secure communication scheme is proved.
Currently, there are two main methods for constructing arbitration quantum signatures, one is a bit-by-bit signature scheme based on single-bit unitary operation, and the other is a multi-bit signature scheme based on inter-bit controlled operation. There have been some research efforts on the design analysis of the former signature scheme, while the latter signature scheme based on inter-bit controlled operations is rarely and insufficiently studied. Especially, a rigorous dispute resolution mechanism is lacked aiming at the problem of signature traceability, and a uniform evaluation standard is not existed aiming at the security, so that the application of arbitration quantum signatures in various fields lacks corresponding flexibility.
Disclosure of Invention
The invention aims to provide a Grover search algorithm-based semi-quantum arbitration signature design, which utilizes the Grover search algorithm to realize that an arbitration manager can find a signer of a problem signature when the signature is in dispute.
The technical scheme of the invention is as follows:
a method for designing an arbitration quantum signature based on Grover iterative flexible tracking comprises the following steps:
step A: in the proposed semi-quantum arbitration signature system, one is a trusted party arbitrating a manager, administrator P1,P2,P3,...,PN-1Signing participants for N-1 bits; each participant (legal user) can generate a random sequence with the length of 2n as a secret key of the participant
Figure 767628DEST_PATH_IMAGE001
Wherein, in the step (A),
Figure 892578DEST_PATH_IMAGE002
is a secret key of the arbitration manager;
and B: each signing participant is prepared with a random sequence
Figure 829310DEST_PATH_IMAGE003
And sequence
Figure 471644DEST_PATH_IMAGE004
The sequence lengths are all 2 n; according to
Figure 75801DEST_PATH_IMAGE005
The value of (1), signature participant
Figure 247019DEST_PATH_IMAGE006
To the sequence
Figure 671048DEST_PATH_IMAGE007
Performing unitary operations
Figure 710548DEST_PATH_IMAGE008
To obtain a new sequence
Figure 903632DEST_PATH_IMAGE009
(ii) a Simultaneous signing of participants
Figure 511330DEST_PATH_IMAGE010
Random preparation
Figure 422655DEST_PATH_IMAGE011
Bait particles randomly inserted into the sequence
Figure 141212DEST_PATH_IMAGE012
To obtain a sequence
Figure 454382DEST_PATH_IMAGE013
Figure 357616DEST_PATH_IMAGE014
Marking the respective status of each bait particleState value of
Figure 897181DEST_PATH_IMAGE015
And a location; then the sequences are combined
Figure 12905DEST_PATH_IMAGE016
Sending the data to an arbitration manager;
and C: received sequence
Figure 446160DEST_PATH_IMAGE016
Then, the arbitration manager directly reflects the bait particles back; thus, the arbitration manager can slave the sequence
Figure 395662DEST_PATH_IMAGE016
To obtain
Figure 15999DEST_PATH_IMAGE012
Then measuring the same according to a classical basis
Figure 935413DEST_PATH_IMAGE012
Sequence to obtain measurement results
Figure 98541DEST_PATH_IMAGE017
(ii) a Next, the arbitration manager prepares a random sequence
Figure 77999DEST_PATH_IMAGE018
And the arbitration manager itself holds a secret key of 2n bit length
Figure 451211DEST_PATH_IMAGE019
Can be based on
Figure 174317DEST_PATH_IMAGE019
And
Figure 191951DEST_PATH_IMAGE020
preparing a new sequence of qubits
Figure 873468DEST_PATH_IMAGE021
(ii) a Rearranging all qubits to form a sequence
Figure 609343DEST_PATH_IMAGE022
Are prepared in the same way
Figure 136139DEST_PATH_IMAGE023
Bait particles and inserting them randomly into the sequence
Figure 8280DEST_PATH_IMAGE022
To obtain new sequences
Figure 860699DEST_PATH_IMAGE024
(ii) a Finally, the arbitration manager handles the sequence
Figure 942924DEST_PATH_IMAGE024
Send to the next signed participant
Figure 148778DEST_PATH_IMAGE025
Step D:
Figure 59DEST_PATH_IMAGE014
measuring the reflected bait particles with corresponding classical basis to obtain a measurement
Figure 898745DEST_PATH_IMAGE026
And with previously marked state values
Figure 468267DEST_PATH_IMAGE015
By comparison, the process of the first and second steps,
Figure 336865DEST_PATH_IMAGE014
the value of the phase difference can be calculated; if the calculated difference does not exceed the threshold value,
Figure 449178DEST_PATH_IMAGE014
publicly informing the arbitration manager that the quantum channel is secure; on the contrary, the present invention is not limited to the above-described embodiments,
Figure 112240DEST_PATH_IMAGE014
declaring that the communication is invalid, immediately switching to a temporary channel and continuously executing the protocol, and then repeating the steps B to D by each manager to enable the arbitration manager T to obtain a final key K (owner secret key collection);
step E: in the proposed half-quantum arbitration signature system, one party is also a verifier, and an arbitration manager distributes distributed keys according to a final key K and a quantum key
Figure 169058DEST_PATH_IMAGE027
And resolving the identity of the signer from the question signature information fed back by the verifier and searching the corresponding signature key, thereby finding the question signature
Figure 716714DEST_PATH_IMAGE028
The signer of (1).
Further, the step B includes the steps of:
b1: first, each signature participant prepares a random sequence
Figure 831604DEST_PATH_IMAGE029
And sequence
Figure 540934DEST_PATH_IMAGE030
The sequence lengths are all 2 n; then, at
Figure 350627DEST_PATH_IMAGE031
Further prepares a double-particle quantum sequence in a quantum state
Figure 701974DEST_PATH_IMAGE032
In which
Figure 382354DEST_PATH_IMAGE033
Figure 652799DEST_PATH_IMAGE034
,
Figure 559575DEST_PATH_IMAGE035
B2: according to
Figure 573667DEST_PATH_IMAGE036
Value of (A)
Figure 374133DEST_PATH_IMAGE037
Signing participants
Figure 425266DEST_PATH_IMAGE038
To the sequence
Figure 943972DEST_PATH_IMAGE039
Performing unitary operations
Figure 637121DEST_PATH_IMAGE040
To obtain a new sequence
Figure 292093DEST_PATH_IMAGE041
B3: at the same time, the user can select the desired position,
Figure 169920DEST_PATH_IMAGE042
from four states
Figure 785709DEST_PATH_IMAGE043
In preparation of
Figure 141604DEST_PATH_IMAGE044
Bait particles (a)
Figure 792028DEST_PATH_IMAGE045
Is the error detection rate) and is randomly inserted into the sequence
Figure 575176DEST_PATH_IMAGE046
In (b) obtaining the sequence
Figure 68474DEST_PATH_IMAGE047
(ii) a In particular, these bait particles are sufficiently resistant to the mathematical statistics of an eavesdropperSeparating out; in addition, the air conditioner is provided with a fan,
Figure 103426DEST_PATH_IMAGE042
marking the respective status, status value, of each bait particle
Figure 467412DEST_PATH_IMAGE048
And a location; finally, the process is carried out in a closed loop,
Figure 155882DEST_PATH_IMAGE042
will be sequenced
Figure 870897DEST_PATH_IMAGE049
And sending the data to an arbitration manager.
Further, the step C includes the steps of:
c1: received sequence
Figure 443961DEST_PATH_IMAGE050
Thereafter, the arbitration manager reflects these bait particles back directly, i.e., from the sequence
Figure 928032DEST_PATH_IMAGE051
Removing the bait particles and returning the bait particles to
Figure 193928DEST_PATH_IMAGE052
(ii) a Thus, the arbitration manager can slave the sequence
Figure 130660DEST_PATH_IMAGE053
To obtain
Figure 897628DEST_PATH_IMAGE054
C2: then measuring the
Figure 111571DEST_PATH_IMAGE055
Sequence to obtain measurement results
Figure 673003DEST_PATH_IMAGE056
(ii) a Although the arbitration manager onlyPartial quantum capability, but each quantum administrator can derive the code exchange rule
Figure 97031DEST_PATH_IMAGE057
C3: next, the arbitration manager prepares a random sequence
Figure 11897DEST_PATH_IMAGE058
The arbitration manager itself holds a 2n bit length key
Figure 736140DEST_PATH_IMAGE059
Can be based on
Figure 78259DEST_PATH_IMAGE060
And
Figure 255163DEST_PATH_IMAGE061
preparing a new sequence of qubits
Figure 36037DEST_PATH_IMAGE062
Wherein
Figure 349207DEST_PATH_IMAGE063
,
Figure 252441DEST_PATH_IMAGE064
(ii) a In addition, the arbitration manager rearranges all the qubits to form a sequence
Figure 526427DEST_PATH_IMAGE065
To prepare again
Figure 173309DEST_PATH_IMAGE066
Bait particles and inserting the bait particles randomly into the sequence
Figure 340985DEST_PATH_IMAGE067
To obtain new sequences
Figure 290487DEST_PATH_IMAGE068
(ii) a Finally, the arbitration manager handles the sequence
Figure 910824DEST_PATH_IMAGE069
Send to the next signed participant
Figure 236763DEST_PATH_IMAGE070
Further, the step D includes the steps of:
d1: when the bait particles are received in a reflected back,
Figure 258946DEST_PATH_IMAGE071
measuring each bait particle with a corresponding classical basis to obtain a measurement
Figure 503982DEST_PATH_IMAGE072
(ii) a Subsequently, by comparing the state values
Figure 752561DEST_PATH_IMAGE073
And measurement results
Figure 741246DEST_PATH_IMAGE074
Figure 758880DEST_PATH_IMAGE071
Can calculate out
Figure 174818DEST_PATH_IMAGE073
And with
Figure 769747DEST_PATH_IMAGE072
The difference between them; if the calculated difference does not exceed the threshold value,
Figure 171910DEST_PATH_IMAGE071
publicly informing the arbitration manager that the quantum channel is secure; instead, once the calculated difference exceeds the threshold, indicating detection of an eavesdropper,
Figure 168685DEST_PATH_IMAGE071
declaring the communication invalid; in addition, the next signature participant is also notified
Figure 755524DEST_PATH_IMAGE070
Discarding the message and standing by; if the quantum channels are secure, they will continue to step D2;
d2: confirmation
Figure 713116DEST_PATH_IMAGE070
Received sequence
Figure 43603DEST_PATH_IMAGE075
Thereafter, the arbitration manager announces the status and location of each bait particle within the signature system for use in detecting the presence of an eavesdropper, and communicates with
Figure 160463DEST_PATH_IMAGE076
Performing a similar eavesdropping detection procedure as step D1; if the difference between the status value and the measured value of the bait particles exceeds a predetermined threshold, the arbitration manager declares the communication invalid and the communication channel will be closed immediately; otherwise, declaring that the communication is safe and the encoding operation can be continuously executed;
Figure 527991DEST_PATH_IMAGE077
by passing from
Figure 97512DEST_PATH_IMAGE078
Removing the bait particles to obtain
Figure 231690DEST_PATH_IMAGE079
(ii) a Then, the user can use the device to perform the operation,
Figure 78424DEST_PATH_IMAGE080
according to its own secret key
Figure 7065DEST_PATH_IMAGE081
To the sequence
Figure 939249DEST_PATH_IMAGE082
Performing unitary operations
Figure 611539DEST_PATH_IMAGE083
To obtain
Figure 702992DEST_PATH_IMAGE084
And by random preparation of
Figure 412322DEST_PATH_IMAGE085
Reinsertion of individual bait particles
Figure 222015DEST_PATH_IMAGE086
To obtain
Figure 432416DEST_PATH_IMAGE087
And similar to the step B, finally sending the data to an arbitration manager;
d3: received sequence
Figure 253742DEST_PATH_IMAGE088
Thereafter, the arbitration manager reflects these bait particles back directly, i.e., from the sequence
Figure 524186DEST_PATH_IMAGE089
Removing the bait particles and returning the bait particles to
Figure 430962DEST_PATH_IMAGE090
(ii) a Thus, the arbitration manager can be selected from
Figure 445055DEST_PATH_IMAGE091
To obtain a sequence
Figure 979941DEST_PATH_IMAGE092
(ii) a By the arbitration manager preparing it at random
Figure 562232DEST_PATH_IMAGE093
Bait particle reinsertion
Figure 815359DEST_PATH_IMAGE094
Can be obtained in
Figure 508509DEST_PATH_IMAGE095
(ii) a Finally sending it to the next signature participant
Figure 163481DEST_PATH_IMAGE096
D4: when the bait particles are received in a reflected back,
Figure 41307DEST_PATH_IMAGE097
the same operation as step D1 will be performed by the arbitration manager; if the quantum channels are confirmed to be safe, they will continue to execute step D5, otherwise, immediately switch to the temporary channel;
d5: confirmation sequence
Figure 657096DEST_PATH_IMAGE095
Has been already covered
Figure 278570DEST_PATH_IMAGE096
After the reception of the message, the message is sent to the receiver,
Figure 928995DEST_PATH_IMAGE096
the interception checking process will be discussed publicly with the arbitration manager; if the calculated error rate exceeds the threshold, the arbitration manager declares the communication invalid and immediately switches to the temporary channel to continue the protocol, and then notifies
Figure 446564DEST_PATH_IMAGE098
Discarding the message and standing by; otherwise, the encoding operation will continue to be performed;
Figure 674283DEST_PATH_IMAGE096
performing an operation similar to step D2, i.e. unitary operation
Figure 709235DEST_PATH_IMAGE099
And sequences can be obtained
Figure 807641DEST_PATH_IMAGE100
And is combined withAnd by random preparation
Figure 761690DEST_PATH_IMAGE101
Reinsertion of individual bait particles
Figure 476705DEST_PATH_IMAGE102
To obtain
Figure 49769DEST_PATH_IMAGE103
And similar to the step B, finally sending the data to the arbitration manager;
then, arbitrating the manager and
Figure 533840DEST_PATH_IMAGE104
the process of detecting eavesdropping mentioned in step D3, D4, and encoding operations similar to those in step D5 are continued.
Further, the step E includes the steps of:
e1: receiving sequences from arbitration manager
Figure 658791DEST_PATH_IMAGE105
After that, the air conditioner is started to work,
Figure 736468DEST_PATH_IMAGE106
first a detection tap is performed with the arbitration manager. After the security of the communication is confirmed,
Figure 237857DEST_PATH_IMAGE106
slave sequence
Figure 576434DEST_PATH_IMAGE105
In order to remove the bait particles, and then
Figure 13232DEST_PATH_IMAGE106
Will obtain a sequence
Figure 437260DEST_PATH_IMAGE102
. Next, the process of the present invention is described,
Figure 476760DEST_PATH_IMAGE106
performing a unitary operation on the sequence
Figure 810790DEST_PATH_IMAGE107
Can obtain
Figure 543122DEST_PATH_IMAGE108
. When N-1 is odd, (i.e. is
Figure 188867DEST_PATH_IMAGE106
For odd-bit signature participants), performing a Z-basis measurement on the sequence of quantum states for each result; and when N-1 is an even number, (i.e., the number of the N-1 is an even number)
Figure 173004DEST_PATH_IMAGE106
Even-numbered signed participants), X-base measurements are performed.
(1) When N-1 is an odd number, the calculation result is
Figure 509611DEST_PATH_IMAGE109
Figure 147266DEST_PATH_IMAGE110
I.e. by
Figure 421252DEST_PATH_IMAGE111
Wherein
Figure 802555DEST_PATH_IMAGE112
The result is that
Figure 111176DEST_PATH_IMAGE113
(2) When N-1 is an even number, the calculation result is
Figure 919732DEST_PATH_IMAGE114
Figure 71228DEST_PATH_IMAGE115
I.e. by
Figure 866009DEST_PATH_IMAGE116
(ii) a Wherein
Figure 419350DEST_PATH_IMAGE117
The result is that
Figure 398807DEST_PATH_IMAGE118
E2: however, because
Figure 381807DEST_PATH_IMAGE119
Presence of (2)
Figure 104912DEST_PATH_IMAGE120
Not the final key K, signing the participant
Figure 512760DEST_PATH_IMAGE121
Has to negotiate with the arbitration manager. Due to the fact that
Figure 538484DEST_PATH_IMAGE121
Has obtained the secret key
Figure 133414DEST_PATH_IMAGE122
Figure 925789DEST_PATH_IMAGE123
Representing modulo-2 addition. However, because
Figure 797930DEST_PATH_IMAGE119
In the presence of a gas, or a liquid,
Figure 119190DEST_PATH_IMAGE121
the final key is not known, so this protocol flow is not over. Subsequently, the process of the present invention,
Figure 466995DEST_PATH_IMAGE121
announcing his (her) key currently available, i.e.
Figure 938428DEST_PATH_IMAGE124
. At the same time, arbitration manager publishes notifications
Figure 55288DEST_PATH_IMAGE121
Sequence of
Figure 422816DEST_PATH_IMAGE125
Finally, the process is carried out in a batch,
Figure 992337DEST_PATH_IMAGE121
the final key can be obtained
Figure 126515DEST_PATH_IMAGE126
In this way, the arbitration manager can also obtain the final key
Figure 973249DEST_PATH_IMAGE127
E3: arbitration manager shares secret key with verifier
Figure 636311DEST_PATH_IMAGE128
Arbitration manager and signed participant shared secret key
Figure 693129DEST_PATH_IMAGE129
E.g. sharing a secret key with one of the signing participants Bob
Figure 240785DEST_PATH_IMAGE130
(ii) a All keys in the system
Figure 801079DEST_PATH_IMAGE129
Are distributed based on the quantum key distribution protocol. The verifier prepares the set of signing keys and a set of authentication sequences corresponding thereto, i.e.
Figure 900622DEST_PATH_IMAGE131
And
Figure 320102DEST_PATH_IMAGE132
wherein
Figure 530504DEST_PATH_IMAGE133
Figure 210884DEST_PATH_IMAGE134
In order to be a hash function of the received signal,
Figure 622274DEST_PATH_IMAGE135
it is mainly used for encrypting the signature of the message,
Figure 388104DEST_PATH_IMAGE136
the method is mainly used for identifying and authenticating the problem signer when disputes occur;
e4: signing participants Bob use a shared key
Figure 667776DEST_PATH_IMAGE137
The encryption sequence set is
Figure 343608DEST_PATH_IMAGE138
Other signature participants perform operations similar to Bob to encrypt the sequence group, and then each signature participant stores the encrypted sequence group in a database and records the sequence group in a table form
Figure 784953DEST_PATH_IMAGE139
(ii) a Final key negotiated by arbitration manager and signature participant in database
Figure 38080DEST_PATH_IMAGE140
(i.e. the final key K obtained in step D), i.e. encryption
Figure 465651DEST_PATH_IMAGE141
E5: if disputes occur, the verifier provides an authentication sequence of the problem signature
Figure 386202DEST_PATH_IMAGE142
Giving the arbitration manager; d, the arbitration manager performs arbitration according to the final secret key K obtained from the step D,Secret key distributed by quantum secret key distribution
Figure 732870DEST_PATH_IMAGE129
And problem signature information fed back from the verifier
Figure 614238DEST_PATH_IMAGE143
Then the problem signature can be found
Figure 970133DEST_PATH_IMAGE144
The signer of (1); suppose Bob is the problem signer and its signing key is
Figure 479612DEST_PATH_IMAGE145
The authentication sequence is
Figure 138126DEST_PATH_IMAGE146
(ii) a First, the arbitration manager decrypts the key according to the final key K obtained from step D
Figure 365845DEST_PATH_IMAGE139
To obtain
Figure 259852DEST_PATH_IMAGE147
(ii) a Distributed keys are then distributed according to quantum key distribution
Figure 30362DEST_PATH_IMAGE148
Decryption
Figure 984411DEST_PATH_IMAGE149
,
Figure 574793DEST_PATH_IMAGE150
To obtain
Figure 538069DEST_PATH_IMAGE151
And
Figure 22140DEST_PATH_IMAGE152
(ii) a Finally, the arbitration management party can sign information according to the problems fed back from the verifier
Figure 288037DEST_PATH_IMAGE152
And the corresponding problem signer Bob is found.
The invention has the advantages that: the arbitration manager can find the problem signature
Figure 959189DEST_PATH_IMAGE153
The signer of (1). In the arbitration process, the arbitration management party negotiates with the signature participants to obtain the final key, so that a direct 'public' mechanism without flexible traceability of the arbitration quantum group signature is avoided, the system has the right of selecting whether to disclose the identity of the signature signer with a problem, and the system has better fairness. In addition, the invention adopts the half-quantum secret sharing, and the half-quantum secret sharing occupies less quantum resources, thereby not only being applied in practice, but also enhancing the operability. Therefore, compared with the conventional quantum secret sharing protocol, both communication sides are not required to have full quantum capacity, and quantum resources are saved.
Aiming at the fact that a direct 'public' mechanism for arbitrating quantum group signatures does not have flexible traceability, the invention designs a complete arbitrating quantum signature verification system, an arbitrating manager can select a mechanism for disclosing the identity of a problem signature signer according to different scenes, and a negotiation mode is adopted with signature participants when the signatures have disputes, so that the information security of each participant is guaranteed, and the system has good fairness and flexibility.
Aiming at the high cost of the current quantum state preparation, the invention adopts a classic measurement base execution scheme and a semi-quantum secret sharing protocol for converting quantum information into digital information, thereby not only occupying less quantum resources, but also enhancing the operability in practice. By combining a quantum Grover iterative search algorithm, the database problem can be optimized, the complexity is reduced, and higher efficiency is embodied in the aspect of accelerating the key search of a signature system.
Drawings
In order to make the objects, technical means and advantages of the present invention more apparent, the present invention is illustrated by the following drawings.
Fig. 1 is a general flowchart of an arbitration quantum signature design method based on Grover iterative flexible tracking according to the present invention.
Fig. 2 is a random schematic of bait particles inserted after encoding.
FIG. 3 is a target state flip diagram of the Grover algorithm.
FIG. 4 is a Grover algorithm mean iteration flip chart.
FIG. 5 is a flow chart of the participant mutually-adding decoy particle blinding sequence work of the arbitration quantum signature design method based on Grover iterative flexible tracking.
Detailed Description
The arbitration quantum signature design method based on the Grover iterative flexible tracking specifically comprises the following steps A to E.
Step A: in the proposed semi-quantum arbitration signature system, one is a trusted party arbitrating a manager, P1,P2,P3,...,PN-1Signing participants for N-1 bits; each participant (legal user) can generate a random sequence with the length of 2n as a secret key of the participant
Figure 460578DEST_PATH_IMAGE154
Wherein, in the step (A),
Figure 674522DEST_PATH_IMAGE155
Figure 970374DEST_PATH_IMAGE156
is a secret key of the arbitration manager.
The step B comprises the following steps:
b1: first, each signature participant prepares a random sequence
Figure 659981DEST_PATH_IMAGE157
And sequence
Figure 574847DEST_PATH_IMAGE158
The sequence lengths are all 2 n; then, at
Figure 33511DEST_PATH_IMAGE159
Further prepares a double-particle quantum sequence in a quantum state
Figure 500264DEST_PATH_IMAGE160
Wherein
Figure 286954DEST_PATH_IMAGE161
Figure 395725DEST_PATH_IMAGE162
Figure 443315DEST_PATH_IMAGE163
B2: according to
Figure 221915DEST_PATH_IMAGE164
Value of (A)
Figure 886115DEST_PATH_IMAGE165
Signing participants
Figure 142784DEST_PATH_IMAGE166
To the sequence
Figure 576039DEST_PATH_IMAGE167
Performing unitary operations
Figure 853437DEST_PATH_IMAGE168
To obtain a new sequence
Figure 4932DEST_PATH_IMAGE169
B3: at the same time, the user can select the desired position,
Figure 799713DEST_PATH_IMAGE170
from four states
Figure 821896DEST_PATH_IMAGE171
In preparation of
Figure 332512DEST_PATH_IMAGE172
Bait particles (a)
Figure 315511DEST_PATH_IMAGE173
Is the error detection rate) and is randomly inserted into the sequence
Figure 304196DEST_PATH_IMAGE174
In (b) obtaining a sequence
Figure 446464DEST_PATH_IMAGE175
(ii) a In particular, these bait particles are sufficiently resistant to mathematical statistical analysis by eavesdroppers; in addition, the first and second substrates are,
Figure 737768DEST_PATH_IMAGE176
marking the respective status, status value, of each bait particle
Figure 332697DEST_PATH_IMAGE177
And a location; finally, the process is carried out in a batch,
Figure 859494DEST_PATH_IMAGE178
will be sequenced
Figure 997214DEST_PATH_IMAGE179
And sending the data to an arbitration manager.
The step C comprises the following steps:
c1: received sequence
Figure 318474DEST_PATH_IMAGE180
Thereafter, the arbitration manager reflects these bait particles back directly, i.e., from the sequence
Figure 400699DEST_PATH_IMAGE181
Removing the bait particles and returning the bait particles to
Figure 340974DEST_PATH_IMAGE182
(ii) a Thus, the arbitration manager can slave the sequence
Figure 457834DEST_PATH_IMAGE183
To obtain
Figure 215575DEST_PATH_IMAGE184
C2: then measuring the
Figure 660462DEST_PATH_IMAGE184
Sequence to obtain measurement results
Figure 529061DEST_PATH_IMAGE185
(ii) a Although the arbitration manager has only partial quantum capability, each quantum manager can obtain the result under the condition of knowing the code exchange rule
Figure 641374DEST_PATH_IMAGE186
C3: next, the arbitration manager prepares a random sequence
Figure 304436DEST_PATH_IMAGE187
The arbitration manager itself holds a 2n bit length key
Figure 361254DEST_PATH_IMAGE188
Can be based on
Figure 908910DEST_PATH_IMAGE189
And
Figure 363DEST_PATH_IMAGE190
preparing a new sequence of qubits
Figure 240851DEST_PATH_IMAGE191
Wherein
Figure 519386DEST_PATH_IMAGE192
Figure 995367DEST_PATH_IMAGE193
(ii) a In addition, the arbitration manager rearranges all the qubits to form a sequence
Figure 816692DEST_PATH_IMAGE194
And then prepare again
Figure 87136DEST_PATH_IMAGE195
Bait particles and inserting the bait particles randomly into the sequence
Figure 993913DEST_PATH_IMAGE196
To obtain new sequences
Figure 765863DEST_PATH_IMAGE197
(ii) a Finally, the arbitration manager handles the sequence
Figure 831908DEST_PATH_IMAGE197
Send to the next signed participant
Figure 148620DEST_PATH_IMAGE198
The step D comprises the following steps:
d1: when the bait particles are received in a reflected back,
Figure 401747DEST_PATH_IMAGE199
measuring each bait particle with a corresponding classical basis to obtain a measurement
Figure 219530DEST_PATH_IMAGE200
(ii) a Subsequently, by comparing the state values
Figure 484289DEST_PATH_IMAGE201
And measurement results
Figure 362116DEST_PATH_IMAGE200
Figure 243484DEST_PATH_IMAGE202
Can calculate out
Figure 864958DEST_PATH_IMAGE201
And
Figure 374437DEST_PATH_IMAGE200
the difference between them; if the calculated difference does not exceed the threshold value,
Figure 32951DEST_PATH_IMAGE199
publicly informing the arbitration manager that the quantum channel is secure; instead, once the calculated difference exceeds the threshold, indicating detection of an eavesdropper,
Figure 526249DEST_PATH_IMAGE199
declaring the communication invalid; in addition, the next signature participant is also notified
Figure 561202DEST_PATH_IMAGE203
Discarding the message and standing by; if the quantum channels are secure, they will continue to step D2;
d2: confirmation
Figure 190766DEST_PATH_IMAGE204
Received sequence
Figure 20182DEST_PATH_IMAGE205
Thereafter, the arbitration manager announces the status and location of each bait particle within the signature system for use in detecting the presence of an eavesdropper, and communicates with
Figure 776DEST_PATH_IMAGE204
Performing a similar eavesdropping detection procedure as step D1; if the difference between the status value and the measured value of the bait particles exceeds a predetermined threshold, the arbitration manager declares the communication invalid and the communication channel will be closed immediately; otherwise, declaring that the communication is safe and the encoding operation can be continuously executed;
Figure 698474DEST_PATH_IMAGE204
by passing from
Figure 57911DEST_PATH_IMAGE205
Removing the bait particles to obtain
Figure 182862DEST_PATH_IMAGE206
(ii) a Then, the user can use the device to perform the operation,
Figure 260539DEST_PATH_IMAGE204
according to its own secret key
Figure 761928DEST_PATH_IMAGE207
To the sequence
Figure 366084DEST_PATH_IMAGE208
Performing unitary operations
Figure 537303DEST_PATH_IMAGE209
To obtain
Figure 226910DEST_PATH_IMAGE210
And by random preparation
Figure 266410DEST_PATH_IMAGE211
Reinsertion of individual bait particles
Figure 600439DEST_PATH_IMAGE212
To obtain
Figure 332772DEST_PATH_IMAGE213
And similar to the step B, finally sending the data to the arbitration manager;
d3: received sequence
Figure 385042DEST_PATH_IMAGE214
Thereafter, the arbitration manager reflects these bait particles back directly, i.e., from the sequence
Figure 228233DEST_PATH_IMAGE214
Removing the bait particles and returning the bait particles to
Figure 682348DEST_PATH_IMAGE204
(ii) a Thus, the arbitration manager can be selected from
Figure 320003DEST_PATH_IMAGE214
To obtain a sequence
Figure 859568DEST_PATH_IMAGE215
(ii) a By making the arbitration manager prepare it at random
Figure 240871DEST_PATH_IMAGE216
Bait particle reinsertion
Figure 408547DEST_PATH_IMAGE217
Can be obtained
Figure 685945DEST_PATH_IMAGE218
(ii) a Finally sending it to the next signature participant
Figure 571861DEST_PATH_IMAGE219
D4: when the bait particles are received in a reflected back,
Figure 897800DEST_PATH_IMAGE220
the same operation as step D1 will be performed by the arbitration manager; if the quantum channels are confirmed to be safe, they will continue to execute step D5, otherwise, immediately switch to the temporary channel;
d5: confirmation sequence
Figure 919983DEST_PATH_IMAGE221
Has been already covered
Figure 40386DEST_PATH_IMAGE219
After the reception of the message, the message is sent to the receiver,
Figure 413598DEST_PATH_IMAGE219
the interception checking process will be discussed publicly with the arbitration manager; if the calculated error rate exceeds the threshold, the arbitration manager declares communication invalid and immediately switches to the temporary channel to continue the protocol, and then notifies
Figure 871125DEST_PATH_IMAGE222
Discarding the message and standing by; otherwise, the encoding operation will continue to be performed;
Figure 747814DEST_PATH_IMAGE219
performing an operation similar to step D2, i.e. unitary operation
Figure 163751DEST_PATH_IMAGE223
And sequences can be obtained
Figure 899626DEST_PATH_IMAGE224
And by random preparation of
Figure 692002DEST_PATH_IMAGE225
Reinsertion of individual bait particles
Figure 298564DEST_PATH_IMAGE226
To obtain
Figure 885403DEST_PATH_IMAGE227
And similar to the step B, finally sending the data to an arbitration manager;
then, arbitrating the manager and
Figure 233208DEST_PATH_IMAGE228
the process of detecting eavesdropping mentioned in step D3, D4, and encoding operations similar to those in step D5 are continued.
The step E comprises the following steps:
e1: receiving sequences from arbitration manager
Figure 439061DEST_PATH_IMAGE229
After that, the air conditioner is started to work,
Figure 24763DEST_PATH_IMAGE230
first a detection tap is performed with the arbitration manager. After the security of the communication is confirmed,
Figure 48083DEST_PATH_IMAGE230
slave sequence
Figure 227391DEST_PATH_IMAGE231
In which the bait particles are removed in sequence, and then
Figure 95990DEST_PATH_IMAGE230
Will obtain a sequence
Figure 67357DEST_PATH_IMAGE232
. Next, the process of the present invention is described,
Figure 464841DEST_PATH_IMAGE230
performing a unitary operation on the sequence
Figure 256079DEST_PATH_IMAGE233
Can obtain
Figure 662790DEST_PATH_IMAGE234
. When N-1 is odd, (i.e. is
Figure 223084DEST_PATH_IMAGE230
For odd-bit signature participants), performing a Z-basis measurement on the sequence of quantum states for each result; and when N-1 is an even number (
Figure 791469DEST_PATH_IMAGE230
Even-numbered signed participants), X-base measurements are performed.
(1) When N-1 is an odd number, the calculation result is
Figure 210949DEST_PATH_IMAGE235
,
Figure 14825DEST_PATH_IMAGE236
I.e. by
Figure 429626DEST_PATH_IMAGE237
In which
Figure 168912DEST_PATH_IMAGE238
The result is that
Figure 934743DEST_PATH_IMAGE239
(2) When N-1 is an even number, the calculation result is
Figure 417677DEST_PATH_IMAGE240
,
Figure 952563DEST_PATH_IMAGE241
I.e. by
Figure 3696DEST_PATH_IMAGE242
(ii) a Wherein
Figure 584719DEST_PATH_IMAGE243
The result is that
Figure 340185DEST_PATH_IMAGE244
E2: however, because
Figure 323054DEST_PATH_IMAGE245
Presence of (2)
Figure 669721DEST_PATH_IMAGE246
Not the final key K, signing the participant
Figure 551090DEST_PATH_IMAGE247
Have to negotiate with the arbitration manager. Due to the fact that
Figure 375826DEST_PATH_IMAGE247
Has obtained the secret key
Figure 885305DEST_PATH_IMAGE248
Figure 668453DEST_PATH_IMAGE123
Representing modulo-2 addition. However, because
Figure 630593DEST_PATH_IMAGE245
In the presence of a gas, or a liquid,
Figure 524600DEST_PATH_IMAGE247
the final key is not known, so this protocol flow is not over. Subsequently, the process of the present invention,
Figure 623006DEST_PATH_IMAGE247
announcing his (her) key currently available, i.e.
Figure 311476DEST_PATH_IMAGE249
. At the same time, arbitration manager publishes notifications
Figure 901857DEST_PATH_IMAGE247
Sequence of
Figure 333976DEST_PATH_IMAGE250
Finally, the process is carried out in a batch,
Figure 552467DEST_PATH_IMAGE247
the final key can be obtained
Figure 411839DEST_PATH_IMAGE251
In this way, the arbitration manager can also obtain the final key
Figure 348571DEST_PATH_IMAGE252
E3: arbitration manager and verifier share secret key
Figure 420318DEST_PATH_IMAGE253
Arbitration manager and signed participant shared secret key
Figure 758895DEST_PATH_IMAGE254
E.g. sharing a secret key with one of the signing participants Bob
Figure 930113DEST_PATH_IMAGE255
(ii) a All keys in the system
Figure 354142DEST_PATH_IMAGE254
Are distributed based on the quantum key distribution protocol. The verifier prepares the set of signing keys and a set of authentication sequences corresponding thereto, i.e.
Figure 128062DEST_PATH_IMAGE256
And
Figure 727671DEST_PATH_IMAGE257
wherein
Figure 928845DEST_PATH_IMAGE258
Figure 840169DEST_PATH_IMAGE259
In order to be a hash function of the received signal,
Figure 683361DEST_PATH_IMAGE260
it is mainly used for encrypting the signature of the message,
Figure 871896DEST_PATH_IMAGE261
the method is mainly used for identifying and authenticating the problem signer when disputes occur;
e4: signing participants Bob use a shared key
Figure 775130DEST_PATH_IMAGE262
The encryption sequence set is
Figure 908171DEST_PATH_IMAGE263
Other signature participants perform operations similar to Bob to encrypt the sequence group, and then each signature participant stores the encrypted sequence group in a database and records the sequence group in a table form
Figure 289474DEST_PATH_IMAGE264
(ii) a Final key negotiated by arbitration manager and signature participant in database
Figure 332517DEST_PATH_IMAGE265
(i.e. the final key K obtained in step D), i.e. encryption
Figure 406652DEST_PATH_IMAGE266
E5: if disputes occur, the verifier provides an authentication sequence of the problem signature
Figure 761410DEST_PATH_IMAGE267
Giving the arbitration manager; d, distributing distributed keys according to the final key K and the quantum key obtained from the step D by the arbitration manager
Figure 680824DEST_PATH_IMAGE268
And problem signature information fed back from the verifier
Figure 703007DEST_PATH_IMAGE269
Then the problem signature can be found
Figure 823410DEST_PATH_IMAGE270
The signer of (1); suppose Bob is the problem signer and its signing key is
Figure 196622DEST_PATH_IMAGE271
The authentication sequence is
Figure 60673DEST_PATH_IMAGE272
(ii) a First, the arbitration manager decrypts the key according to the final key K obtained from step D
Figure 202941DEST_PATH_IMAGE273
To obtain
Figure 618879DEST_PATH_IMAGE274
(ii) a Distributed keys are then distributed according to quantum key distribution
Figure 89175DEST_PATH_IMAGE275
Decryption
Figure 615971DEST_PATH_IMAGE276
To obtain
Figure 753691DEST_PATH_IMAGE277
And
Figure 340531DEST_PATH_IMAGE278
(ii) a Finally, the arbitration management party can sign information according to the problems fed back from the verifier
Figure 157177DEST_PATH_IMAGE279
And the corresponding problem signer Bob is found.
Table 1 signature key and authentication sequence database
Figure 628609DEST_PATH_IMAGE280
Figure 479891DEST_PATH_IMAGE281
The specific implementation of the arbitration quantum signature design method based on the flexible Grover iteration tracking is as follows.
Arbitration quantum signature design overall framework based on Grover iterative flexible tracking
The arbitration quantum signature design method based on Grover iterative flexible tracking is shown in FIG. 1.
The participants involved are as follows:
(a) the signature participant is a representative administrator in the administrator group and is responsible for managing the organization where the legal voter is located, and can perform electronic signature on the vote of the legal voter to enable the vote to be effective.
(b) The arbitration manager is also a uniquely assigned and trusted supervisor, whose primary responsibility is to supervise the group of all administrators, and not attempt to forge the signatures of any administrators in the group.
(c) The system uniquely specifies and trusted validators who do not collude with either party, the main responsibility being to verify validity based on signature information on the ballot. After the votes are validated, the voter discloses the legal votes.
When a dispute occurs, the arbitration manager cannot directly "disclose" the identity of the signer because the key and the corresponding receiver are not recorded. Moreover, the key is a false signature key and authentication sequence for the arbitration manager, and the problem signature cannot be found
Figure 237631DEST_PATH_IMAGE282
The corresponding signer. The verifier will have an authentication sequence and signature
Figure 948098DEST_PATH_IMAGE283
And sending the data to an arbitration manager. In the arbitration process, the arbitration management party negotiates with managers to obtain a final key K, and decrypts the key K in the initial stage step
Figure 82276DEST_PATH_IMAGE284
To obtain
Figure 522485DEST_PATH_IMAGE285
Then distributing the distributed keys using quantum keys
Figure 592072DEST_PATH_IMAGE286
(e.g., shared secret keys of signed participants and arbitration managers)
Figure 648890DEST_PATH_IMAGE287
) And received from the ticket checker
Figure 196546DEST_PATH_IMAGE288
Resolving the signer identity and looking up the corresponding signature key to find the problematic signature
Figure 287999DEST_PATH_IMAGE289
The signer of (1). In particular, the ticket checker and the arbitration manager verify that the respective management owns
Figure 121962DEST_PATH_IMAGE290
And
Figure 807022DEST_PATH_IMAGE291
whether or not to satisfy
Figure 17423DEST_PATH_IMAGE292
Wherein
Figure 697803DEST_PATH_IMAGE293
Is a hash function. If the equality is not satisfied, the ticket checker and the arbitration manager publish that the signature is invalid, otherwise, the signature is accepted.
Application of bait particle blinding
In order to prevent some participants (signing participants or arbitration managers) from obtaining the final key in advance, the proposed scheme provides that all participants start to execute the protocol and detect the eavesdropping process at the same time. Information exchange between participants will only take place if all transmitted quantum states are confirmed to be secure. Otherwise, the channel will close immediately, as shown in FIG. 2, where for ease of description, let
Figure 843614DEST_PATH_IMAGE294
Is composed of
Figure 875024DEST_PATH_IMAGE295
The bits sign the participants. Signing participants from four states
Figure 30061DEST_PATH_IMAGE296
In preparation of
Figure 830527DEST_PATH_IMAGE297
Bait particles (a)
Figure 147239DEST_PATH_IMAGE298
Is the error detection rate) and is randomly inserted into the sequence
Figure 665945DEST_PATH_IMAGE299
In (b) obtaining a sequence
Figure 218149DEST_PATH_IMAGE300
. Signing participant markRecording the corresponding state and state value of each bait particle
Figure 14067DEST_PATH_IMAGE301
And a location. Finally, the signature participants will sequence
Figure 626314DEST_PATH_IMAGE302
And sending the data to an arbitration manager. The arbitration management party returns the bait particles to the signing participant after receiving the bait particles, and when the signing participant receives the returned bait particles, each bait particle is measured by using the corresponding classical base to obtain a measurement result
Figure 242103DEST_PATH_IMAGE303
. Subsequently, by comparing the state values
Figure 597998DEST_PATH_IMAGE304
And measurement results
Figure 373056DEST_PATH_IMAGE303
The signature participant can calculate the value of the phase difference. If the calculated difference does not exceed the threshold, the signing participant publicly informs the arbitration manager that the quantum channel is secure.
Application of the semi-Quantum concept
Semi-quantum secret sharing is the crystallization of classical and quantum domains that can reduce the use of quantum states and the cost of purchasing quantum devices, the concept of which was proposed by Li et al on the basis of the Boyer protocol. Half-quantum secret sharing limits the quantum capability of either the sender or the receiver, so only partial quantum operations can be performed, while an unrestricted party has full quantum capability. The limited party (classical party) can only do the following four operations:
(1) in the classical group (
Figure 297150DEST_PATH_IMAGE305
) Preparing a quantum state;
(2) measuring the particles under a classical basis;
(3) returning or sending the particles without any interference;
(4) the particles are reordered by different delay cases.
In the secret sharing process, a single party cannot obtain the secret key, and the secret key can be obtained only through the cooperation of the two parties of the receiver and the sender. At present, the quantum state is difficult to prepare, and the half quantum secret sharing occupies less quantum resources, so that the quantum state can be applied in practice and the operability is enhanced. Therefore, compared to the conventional quantum secret sharing protocol, the half quantum secret sharing technology, which does not require both communication parties to have full quantum capability, is more valuable to practical research.
In the present invention, the arbitration manager can obtain the measurement result R according to the classical base measurement sequence S. The arbitration manager can also prepare a sequence of quantum bits based on the measurement results, combining the key K and the random sequence V
Figure 524869DEST_PATH_IMAGE306
. She then rearranges all the qubits of sequence B to form a new sequence of qubits C. The flexible tracking subsystem based on the arbitration quantum group signature is designed according to the semi-quantum secret sharing, so that the quantum resource consumption can be reduced, and the aim of message secret communication can be fulfilled.
Quantum search algorithm
(1) Grover search algorithm principle
And searching the target state in the unordered database, wherein the successful searching times of the classical algorithm are N. However, if the Grover search algorithm is performed, the number of search successes will be reduced to
Figure 559821DEST_PATH_IMAGE307
Second, about
Figure 658227DEST_PATH_IMAGE308
The advantage is more pronounced, especially for larger databases, i.e. the larger N. The Grover algorithm can effectively find elements meeting specific requirements from a huge unordered database. The principle of the Grover search algorithm is described as follows:
in quantum computing, a set of N disordered elements may be represented by 2N quantum ground states of a quantum register, one element for each quantum ground state, and the quantum states of the system may be viewed as a superposition of these quantum ground states. Because the elements in a set are unordered, that is, each element has equal probability, the set of unordered elements can be represented by quantum superposition states of equal probability magnitude. Assume the initial state of the system is
Figure 877855DEST_PATH_IMAGE309
Then to
Figure 468237DEST_PATH_IMAGE310
Performing H-gate operations
Figure 165934DEST_PATH_IMAGE311
The later equal probability amplitude quantum superposition state is:
Figure 915585DEST_PATH_IMAGE312
here, the first and second liquid crystal display panels are,
Figure 181481DEST_PATH_IMAGE313
is the probability magnitude corresponding to each quantum ground state,
Figure 383792DEST_PATH_IMAGE314
is the measured sub-state of the system
Figure 760547DEST_PATH_IMAGE315
The probability of (c). Unitary operations acting on the system quantum states can be simultaneously performed on each quantum ground state, which is not only the parallelism of quantum computation, but also the basis of the Grover algorithm for improving search efficiency. The basic idea of the Grover algorithm is to repeatedly execute the iteration G of the Grover operator, namely to repeatedly execute two specific unitary operations to change the original probability amplitude of each quantum basic state, finally to maximize the probability amplitude of the corresponding target quantum basic state and approach 1, and then to measure the changed quantum stateTo obtain a high probability of correct solutions.
Two unitary operations are shown below (
Figure 364703DEST_PATH_IMAGE316
And
Figure 801501DEST_PATH_IMAGE317
representing different unitary operations in the Grover algorithm, wherein
Figure 225529DEST_PATH_IMAGE318
The state of the target is marked,
Figure 405975DEST_PATH_IMAGE319
and searching for a target state. )
Figure 130217DEST_PATH_IMAGE320
Figure 737916DEST_PATH_IMAGE321
Wherein
Figure 383661DEST_PATH_IMAGE322
Which is representative of the value of the target state,
Figure 226852DEST_PATH_IMAGE323
represents a database, is unordered, and
Figure 680967DEST_PATH_IMAGE324
Figure 584201DEST_PATH_IMAGE325
grover iterations are further described below by FIG. 3 and FIG. 4
Figure 858187DEST_PATH_IMAGE326
The method comprises the following specific steps:
to pair
Figure 505069DEST_PATH_IMAGE327
Execute oracle operation (O for short), check
Figure 813691DEST_PATH_IMAGE327
Element (1) of
Figure 887826DEST_PATH_IMAGE328
Whether the search problem is met or not, the executed operation is as follows: if it is
Figure 914688DEST_PATH_IMAGE329
Then to the target state
Figure 99682DEST_PATH_IMAGE328
(black part) by
Figure 387444DEST_PATH_IMAGE330
Phase inversion
Figure 507846DEST_PATH_IMAGE331
(ii) a If it is
Figure 881059DEST_PATH_IMAGE332
Then, then
Figure 745110DEST_PATH_IMAGE333
Not flipped over. At this time, the amplitude of the target state is negative, and the amplitudes of the remaining quantum states are positive. Note:
Figure 887378DEST_PATH_IMAGE334
i.e. by
Figure 178682DEST_PATH_IMAGE335
Wherein
Figure 39191DEST_PATH_IMAGE336
And
Figure 565987DEST_PATH_IMAGE337
the same is the value of the target state,
Figure 703707DEST_PATH_IMAGE338
the operation is constant.
Performing H-door operation
Figure 24967DEST_PATH_IMAGE339
Flipping the probability magnitudes of all states around the average magnitude axis (
Figure 248138DEST_PATH_IMAGE340
) I.e. the unitary operation used is:
Figure 844205DEST_PATH_IMAGE341
as shown in FIG. 4, wherein
Figure 836431DEST_PATH_IMAGE342
The amplitude is significantly increased and the non-target state (white portion) amplitude is significantly decreased.
H-gate operation on the above results
Figure 594172DEST_PATH_IMAGE339
Finally, repeating the above steps to approximately
Figure 304639DEST_PATH_IMAGE343
And secondly, if the probability is infinitely close to 1, performing measurement operation to achieve the aim of searching a target state with the maximum probability, otherwise, executing the algorithm again.
(2) Nature and theorem of the Grover algorithm
The invention applies the Grover algorithm to the design of the arbitration quantum group blind signature, and fully utilizes the advantage of unitary operation of the Grover algorithm to complete the design of a specific scheme. The scheme assumes the existence of a disordered database of two-particle quantum states
Figure 438817DEST_PATH_IMAGE344
Is shown in which
Figure 285550DEST_PATH_IMAGE345
Is a search target and
Figure 479771DEST_PATH_IMAGE346
. Thus, can be in
Figure 411955DEST_PATH_IMAGE347
Two specific unitary operations are repeatedly executed to find out the corresponding target.
Figure 84245DEST_PATH_IMAGE347
Is defined as: if it is
Figure 910119DEST_PATH_IMAGE348
Then, then
Figure 150607DEST_PATH_IMAGE349
(ii) a If it is
Figure 429142DEST_PATH_IMAGE350
Then, then
Figure 780488DEST_PATH_IMAGE351
(ii) a If it is
Figure 749885DEST_PATH_IMAGE352
Then, then
Figure 161275DEST_PATH_IMAGE353
(ii) a If it is
Figure 192685DEST_PATH_IMAGE354
Then, then
Figure 347723DEST_PATH_IMAGE355
The Grover algorithm can play a role in secondary acceleration on searching a target key, so that quantum computing resources are saved. The main properties and theorem thereof are described below, below
Figure 882609DEST_PATH_IMAGE123
Both modulo-2 addition operations:
properties 1: is provided with
Figure 589534DEST_PATH_IMAGE356
Then there is an equation
Figure 983606DEST_PATH_IMAGE357
In that
Figure 801390DEST_PATH_IMAGE358
The case (2) is true.
Properties 2: is provided with
Figure 597307DEST_PATH_IMAGE359
Then there is an equation
Figure 209554DEST_PATH_IMAGE360
In that
Figure 90923DEST_PATH_IMAGE361
The case (2) is true.
The following theorems 1 to 3 are to be based on Property 1 and Property 2
Figure 712397DEST_PATH_IMAGE362
Is promoted to
Figure 362821DEST_PATH_IMAGE363
In the case of (c).
Theorem 1: is provided with
Figure 411548DEST_PATH_IMAGE364
Figure 249054DEST_PATH_IMAGE365
Figure 408640DEST_PATH_IMAGE366
And
Figure 179150DEST_PATH_IMAGE367
in which
Figure 398779DEST_PATH_IMAGE368
If, if
Figure 848215DEST_PATH_IMAGE369
Then, then
Figure 686858DEST_PATH_IMAGE370
Theorem 2: is provided with
Figure 436508DEST_PATH_IMAGE371
Figure 702404DEST_PATH_IMAGE372
Figure 639136DEST_PATH_IMAGE373
And
Figure 874946DEST_PATH_IMAGE374
Figure 354469DEST_PATH_IMAGE375
if, if
Figure 915900DEST_PATH_IMAGE376
Then, then
Figure 480873DEST_PATH_IMAGE377
Theorem 3: is provided with
Figure 785953DEST_PATH_IMAGE378
Figure 119982DEST_PATH_IMAGE379
Figure 852315DEST_PATH_IMAGE380
Figure 904584DEST_PATH_IMAGE381
Figure 747776DEST_PATH_IMAGE382
Figure 936311DEST_PATH_IMAGE383
Figure 839545DEST_PATH_IMAGE384
Figure 238166DEST_PATH_IMAGE385
Wherein
Figure 760414DEST_PATH_IMAGE386
. First to each other
Figure 193669DEST_PATH_IMAGE387
Performing two special unitary operations separately
Figure 143171DEST_PATH_IMAGE388
And
Figure 29087DEST_PATH_IMAGE389
and then the result is obtained
Figure 89447DEST_PATH_IMAGE390
Performing measurement based on the calculation base, and setting the measured result as
Figure 377209DEST_PATH_IMAGE391
Then, then
Figure 763191DEST_PATH_IMAGE392
Figure 136403DEST_PATH_IMAGE393
And R is satisfied
Figure 859509DEST_PATH_IMAGE394
From theorems 1 and 2, theorems 4 and 5 can be derived, as follows:
theorem 4: let n be an odd number and also a positive integer, an
Figure 142723DEST_PATH_IMAGE395
Wherein
Figure 558660DEST_PATH_IMAGE396
. If it is
Figure 28956DEST_PATH_IMAGE397
Then, then
Figure 821332DEST_PATH_IMAGE398
Theorem 5: let n be an even number, also a positive integer, an
Figure 818106DEST_PATH_IMAGE399
Wherein
Figure 280312DEST_PATH_IMAGE400
. If it is
Figure 628116DEST_PATH_IMAGE401
Then, then
Figure 833970DEST_PATH_IMAGE402
Procedure for the preparation of the
Receiving sequences from arbitration manager
Figure 685251DEST_PATH_IMAGE403
After that, the air conditioner is started to work,
Figure 583937DEST_PATH_IMAGE404
first a detection tap is performed with the arbitration manager. After the security of the communication is confirmed,
Figure 419038DEST_PATH_IMAGE404
slave sequence
Figure 22058DEST_PATH_IMAGE405
In order to remove the bait particles, and then
Figure 134370DEST_PATH_IMAGE406
Will obtain a sequence
Figure 797433DEST_PATH_IMAGE407
. In the following, the step of,
Figure 995196DEST_PATH_IMAGE406
performing a unitary operation on the sequence
Figure 667485DEST_PATH_IMAGE408
Can obtain
Figure 634304DEST_PATH_IMAGE409
. When N-1 is odd, (i.e. is
Figure 999427DEST_PATH_IMAGE410
For odd-numbered signed participants), performing a Z-basis measurement on the sequence of quantum states for each result; and when N-1 is an even number (i.e., the
Figure 418907DEST_PATH_IMAGE410
Even signed participants) X-base measurements are performed.
(1) When N-1 is an odd number, the calculation result is
Figure 894887DEST_PATH_IMAGE411
Figure 575267DEST_PATH_IMAGE412
I.e. by
Figure 986657DEST_PATH_IMAGE413
(2) When N-1 is an even number, the calculation result is
Figure 18067DEST_PATH_IMAGE414
Figure 641947DEST_PATH_IMAGE415
I.e. by
Figure 707992DEST_PATH_IMAGE416
Wherein
Figure 149337DEST_PATH_IMAGE417
Is the measurement result after performing the Z-base measurement or the X-base measurement,
Figure 543409DEST_PATH_IMAGE418
Figure 361193DEST_PATH_IMAGE419
k is the final key of the N participants.
Figure 625952DEST_PATH_IMAGE420
The sequence can be obtained by using theorem 4 or theorem 5 described above, respectively.
Figure 503778DEST_PATH_IMAGE421
To the sequence
Figure 385146DEST_PATH_IMAGE422
Performing unitary operations for each of two particle states
Figure 6621DEST_PATH_IMAGE423
After that, the final sequence can be obtained
Figure 516099DEST_PATH_IMAGE424
. Thus, the t-th group of second particles of the sequence S can be described as
Figure 174614DEST_PATH_IMAGE425
Figure 667912DEST_PATH_IMAGE426
Wherein
Figure 702864DEST_PATH_IMAGE427
(1) Assuming N-1 is an odd number, the t-th set of two-particle states can utilize the Z radical
Figure 598008DEST_PATH_IMAGE428
For explanation. According to theorem 4, the calculation result is
Figure 427424DEST_PATH_IMAGE429
Can be expressed as
Figure 142439DEST_PATH_IMAGE430
Figure 981082DEST_PATH_IMAGE431
Next, the arbitration quantum signature design method according to the present invention is referred to in step C
Figure 465153DEST_PATH_IMAGE432
And
Figure 731049DEST_PATH_IMAGE433
wherein, in the step (A),
Figure 667781DEST_PATH_IMAGE434
and
Figure 434749DEST_PATH_IMAGE435
can be changed in another way to be expressed as
Figure 914272DEST_PATH_IMAGE436
And
Figure 210124DEST_PATH_IMAGE437
the above formula can be replaced by
Figure 775097DEST_PATH_IMAGE438
Figure 80177DEST_PATH_IMAGE439
Further simplified into
Figure 414206DEST_PATH_IMAGE440
The result is that
Figure 880959DEST_PATH_IMAGE441
However, because
Figure 57863DEST_PATH_IMAGE442
In the presence of a gas, or a liquid,
Figure 776420DEST_PATH_IMAGE443
and not the final key. The signing participant needs to negotiate further with the arbitration manager.
(2) Assuming N-1 is an even number, the t-th group of two-particle states can be represented by X
Figure 355169DEST_PATH_IMAGE444
For explanation. According to theorem 5, the calculation result is
Figure 133769DEST_PATH_IMAGE445
Can be expressed as
Figure 797969DEST_PATH_IMAGE446
Figure 54638DEST_PATH_IMAGE447
Then the arbitration quantum signature design method according to the invention is as mentioned in step C
Figure 222314DEST_PATH_IMAGE448
And
Figure 296449DEST_PATH_IMAGE449
wherein the content of the first and second substances,
Figure 57732DEST_PATH_IMAGE450
and
Figure 508305DEST_PATH_IMAGE451
can be changed in another way to be expressed as
Figure 671433DEST_PATH_IMAGE452
And
Figure 650890DEST_PATH_IMAGE453
the above formula can be replaced by
Figure 165048DEST_PATH_IMAGE454
Figure 153733DEST_PATH_IMAGE455
Further simplified into
Figure 171367DEST_PATH_IMAGE456
The result is that
Figure 587305DEST_PATH_IMAGE457
However, because
Figure 447814DEST_PATH_IMAGE458
Presence of (2)
Figure 115555DEST_PATH_IMAGE459
Not the final key K, signing the participant
Figure 112330DEST_PATH_IMAGE460
Have to negotiate with the arbitration manager. Due to the fact that
Figure 840115DEST_PATH_IMAGE460
Has obtained the secret key
Figure 945778DEST_PATH_IMAGE461
Figure 151631DEST_PATH_IMAGE123
Representing modulo-2 addition. However, because
Figure 268492DEST_PATH_IMAGE462
In the presence of a gas, or a liquid,
Figure 26232DEST_PATH_IMAGE463
the final key is not known, so this protocol flow is not over. Subsequently, the process of the present invention,
Figure 471120DEST_PATH_IMAGE463
announcing his (her) key currently available, i.e.
Figure 605298DEST_PATH_IMAGE464
. At the same time, arbitration manager publishes
Figure 452031DEST_PATH_IMAGE465
Sequence of
Figure 380673DEST_PATH_IMAGE466
Finally, the process is carried out in a batch,
Figure 578436DEST_PATH_IMAGE467
the final key can be obtained
Figure 250726DEST_PATH_IMAGE468
In this way, the arbitration manager can also obtain the maximumTerminal key
Figure 217545DEST_PATH_IMAGE469
. In this way, the arbitration manager and the signature participant successfully complete flexible negotiations and also embody the fairness of the protocol. The negotiation between the other quantum administrators and the arbitration manager is the same as the process performed between the signing participants and the arbitration manager. At this time, if the sequence S can be decoded into a sequence
Figure 317088DEST_PATH_IMAGE470
And the signing participant wants to know the key of the arbitration manager, i.e.
Figure 861202DEST_PATH_IMAGE471
. Signing participants will measure the sequence
Figure 212549DEST_PATH_IMAGE472
And can obtain the results
Figure 158508DEST_PATH_IMAGE473
. In addition, the signature participant can also be based on
Figure 569898DEST_PATH_IMAGE474
And
Figure 601308DEST_PATH_IMAGE475
the result of (2) obtaining a key, i.e.
Figure 490766DEST_PATH_IMAGE476
. Finally, the signed participant can get the key of the arbitration manager
Figure 556811DEST_PATH_IMAGE477
Here, the
Figure 873523DEST_PATH_IMAGE478

Claims (6)

1. A method for designing an arbitration quantum signature based on Grover iterative flexible tracking comprises the following steps:
s1: in the proposed semi-quantum-arbitrated signature system, each signature participant P1,P2,P3,...,PN-1And the arbitration manager generates a random sequence with the length of 2n as a secret key of the arbitration manager
Figure 903673DEST_PATH_IMAGE001
Figure 787315DEST_PATH_IMAGE002
Is a secret key of the arbitration manager;
s2: each signature participant newly generates two different 2 n-length random sequences
Figure 621541DEST_PATH_IMAGE003
And sequence
Figure 590634DEST_PATH_IMAGE004
Wherein the participants are signed
Figure 214514DEST_PATH_IMAGE005
According to a sequence
Figure 874034DEST_PATH_IMAGE003
Value pair sequence of middle element
Figure 394008DEST_PATH_IMAGE004
Carrying out Grover algorithm encryption; signing participants
Figure 584818DEST_PATH_IMAGE005
Inserting the encrypted sequences into bait particles to obtain sequences
Figure 963453DEST_PATH_IMAGE006
Sending the information to an arbitration manager;
s3: arbitration manager receive sequence
Figure 493792DEST_PATH_IMAGE007
Then returning the bait particles to the signature participant
Figure 778143DEST_PATH_IMAGE005
(ii) a The arbitration manager measures the sequence using the classical basis
Figure 846462DEST_PATH_IMAGE008
And the measurement result and the secret key of the measurement result are used
Figure 405619DEST_PATH_IMAGE009
And generating a random sequence of 2n length
Figure 790464DEST_PATH_IMAGE010
Mixing to form a new qubit sequence
Figure 402973DEST_PATH_IMAGE011
(ii) a The arbitration manager then inserts the new qubit sequence into the bait particle to obtain
Figure 568375DEST_PATH_IMAGE012
To the next signed participant
Figure 275431DEST_PATH_IMAGE013
S4: signing participants
Figure 29629DEST_PATH_IMAGE014
Receiving the bait particles returned by the arbitration management party, measuring the difference value between the inserted bait particles and the bait particles returned by the arbitration management party, if the difference value does not exceed the threshold value, declaring that the communication is safe, otherwise, declaring that the communication is invalid; the latter signature participant
Figure 186941DEST_PATH_IMAGE015
Executing and signing participants
Figure 715006DEST_PATH_IMAGE014
The same detection operation removes the bait particles to obtain
Figure 615966DEST_PATH_IMAGE016
Then, then
Figure 660889DEST_PATH_IMAGE017
And in S2
Figure 989102DEST_PATH_IMAGE018
The same operation pair
Figure 4462DEST_PATH_IMAGE019
Encrypted inserted bait particles are sent to the arbitration manager, and then the arbitration manager performs the same operation as S3, and all the rest signed participants repeat the steps to obtain the sequence
Figure 364905DEST_PATH_IMAGE016
Insertion of bait particles to obtain sequences
Figure 906745DEST_PATH_IMAGE020
Sending to signed participants
Figure 15647DEST_PATH_IMAGE018
S5: signing participants
Figure 642937DEST_PATH_IMAGE018
And Trent executes detection interception, removes bait particles to obtain a sequence
Figure 511798DEST_PATH_IMAGE021
Figure 580248DEST_PATH_IMAGE018
Performing Grove on the sequencer unitary operation to obtain quantum state sequence
Figure 906056DEST_PATH_IMAGE022
When N-1 is an odd number, for the sequence of quantum states
Figure 755064DEST_PATH_IMAGE022
Performing a Z-basis measurement; when N-1 is an even number, for the sequence of quantum states
Figure 208042DEST_PATH_IMAGE022
Performing X-based measurements to obtain
Figure 878801DEST_PATH_IMAGE023
Wherein
Figure 329505DEST_PATH_IMAGE024
Generating a random sequence in S3 for the arbitration manager
Figure 852759DEST_PATH_IMAGE025
When the signature is disputed, the arbitration manager will open the sequence
Figure 437324DEST_PATH_IMAGE025
At this time
Figure 418050DEST_PATH_IMAGE018
According to
Figure 852704DEST_PATH_IMAGE025
And
Figure 348408DEST_PATH_IMAGE026
get the final key
Figure 205505DEST_PATH_IMAGE027
The arbitration manager obtains the final key in the same way
Figure 555584DEST_PATH_IMAGE028
The arbitration manager can base on the final key
Figure 675987DEST_PATH_IMAGE028
And the dispute existence signature information fed back by the verification party is used for finding out the signature participants signing the dispute existence signature.
2. The method for designing an arbitrated quantum signature based on Grover iterative flexible tracking according to claim 1, wherein step S1 specifically includes: each signature participant prepared a random sequence
Figure 721303DEST_PATH_IMAGE029
And a secret key
Figure 270840DEST_PATH_IMAGE030
The lengths are all 2 n; then, at
Figure 22895DEST_PATH_IMAGE031
Further prepares a double-particle quantum sequence in a quantum state
Figure 297888DEST_PATH_IMAGE032
Wherein
Figure 96079DEST_PATH_IMAGE033
Figure 435925DEST_PATH_IMAGE034
3. The method for designing an arbitrated quantum signature based on Grover iterative flexible tracking as claimed in claim 1, wherein step S2 specifically includes: according to random sequences
Figure 58798DEST_PATH_IMAGE035
Value of, signing the participant
Figure 317742DEST_PATH_IMAGE036
To the sequence
Figure 275333DEST_PATH_IMAGE037
Performing Grover unitary operation
Figure 668137DEST_PATH_IMAGE038
To obtain a blinded sequence
Figure 129206DEST_PATH_IMAGE039
(ii) a At the same time
Figure 824629DEST_PATH_IMAGE040
From four states
Figure 40757DEST_PATH_IMAGE041
In preparation of
Figure 722405DEST_PATH_IMAGE042
Bait particles (a)
Figure 631456DEST_PATH_IMAGE043
Is error detection rate) is inserted into the blinded sequence
Figure 419152DEST_PATH_IMAGE044
To obtain a new sequence
Figure 289019DEST_PATH_IMAGE045
And sending the data to an arbitration manager.
4. The method of claim 3, wherein the new sequence is a new sequence in the design of arbitration quantum signatures based on Grover iterative flexible pursuit
Figure 898992DEST_PATH_IMAGE046
Must be signed by the signing participant
Figure 350964DEST_PATH_IMAGE047
Marking the respective status value of each bait particle
Figure 263556DEST_PATH_IMAGE048
And a location.
5. The method for designing an arbitrated quantum signature based on Grover iterative flexible tracking as claimed in claim 1, wherein step S3 specifically includes: arbitration manager receive sequence
Figure 666725DEST_PATH_IMAGE049
Thereafter, the bait particles are returned directly to the signing participant, thus arbitrating the manager from the sequence
Figure 80389DEST_PATH_IMAGE049
To obtain
Figure 839397DEST_PATH_IMAGE050
(ii) a The arbitration manager then measures the sequence based on the classical basis to obtain a measurement result
Figure 47525DEST_PATH_IMAGE051
(ii) a Then the arbitrator prepares random sequence with length of 2n
Figure 436524DEST_PATH_IMAGE052
And secret key of itself
Figure 998087DEST_PATH_IMAGE053
And measurement results
Figure 1815DEST_PATH_IMAGE051
Mixing to make a sequence
Figure 567794DEST_PATH_IMAGE054
Rearranging all the qubits to finally form a new sequence of qubits
Figure 633970DEST_PATH_IMAGE055
(ii) a The arbitration manager also prepares
Figure 812273DEST_PATH_IMAGE056
Bait particles and inserting the bait particles randomly into the sequence
Figure 139349DEST_PATH_IMAGE057
To obtain new sequences
Figure 626962DEST_PATH_IMAGE058
To the next signed participant
Figure 695281DEST_PATH_IMAGE059
6. The method for designing an arbitrated quantum signature based on Grover iterative flexible tracking according to claim 1, wherein step S4 specifically includes: signing participants
Figure 254439DEST_PATH_IMAGE060
Receiving the bait particles returned by the arbitration manager,
Figure 576967DEST_PATH_IMAGE060
measuring each bait particle with a corresponding classical basis to obtain a measurement
Figure 297798DEST_PATH_IMAGE061
(ii) a Subsequently, by comparing the state values
Figure 883107DEST_PATH_IMAGE062
And measurement results
Figure 855742DEST_PATH_IMAGE063
Figure 609940DEST_PATH_IMAGE064
Calculate out
Figure 236094DEST_PATH_IMAGE062
And with
Figure 826475DEST_PATH_IMAGE061
The difference between them; if the difference value does not exceed the threshold value, declaring that the communication is safe, otherwise declaring that the communication is invalid; the latter signature participant
Figure 87954DEST_PATH_IMAGE065
Executing and signing participants
Figure 181812DEST_PATH_IMAGE060
The same detection operation removes the bait particles to obtain
Figure 244446DEST_PATH_IMAGE066
Then, then
Figure 305812DEST_PATH_IMAGE067
According to its own private key
Figure 620250DEST_PATH_IMAGE068
To the sequence
Figure 581996DEST_PATH_IMAGE069
Performing unitary operations
Figure 81111DEST_PATH_IMAGE070
To obtain
Figure 318188DEST_PATH_IMAGE071
And by random preparation of
Figure 482322DEST_PATH_IMAGE072
Reinsertion of individual bait particles
Figure 878668DEST_PATH_IMAGE073
To obtain
Figure 158471DEST_PATH_IMAGE074
Sending to the arbitration manager, then the arbitration manager performs the same operation as S3, and all the remaining signed participants repeat the steps to obtain the sequence
Figure 695894DEST_PATH_IMAGE075
Insertion of bait particles to obtain sequences
Figure 476768DEST_PATH_IMAGE076
To signed participants
Figure 602987DEST_PATH_IMAGE077
CN202110517913.0A 2021-05-12 2021-05-12 Arbitration quantum signature design method based on Grover iterative flexible tracking Active CN113242135B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110517913.0A CN113242135B (en) 2021-05-12 2021-05-12 Arbitration quantum signature design method based on Grover iterative flexible tracking

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110517913.0A CN113242135B (en) 2021-05-12 2021-05-12 Arbitration quantum signature design method based on Grover iterative flexible tracking

Publications (2)

Publication Number Publication Date
CN113242135A CN113242135A (en) 2021-08-10
CN113242135B true CN113242135B (en) 2022-05-31

Family

ID=77133949

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110517913.0A Active CN113242135B (en) 2021-05-12 2021-05-12 Arbitration quantum signature design method based on Grover iterative flexible tracking

Country Status (1)

Country Link
CN (1) CN113242135B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113691374B (en) * 2021-09-02 2022-08-02 中国电信股份有限公司 Data encryption method and device, storage medium and electronic equipment
CN114938282B (en) * 2022-07-22 2022-12-30 中国科学技术大学 Threshold group signature method and device based on multidimensional quantum system and electronic equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111224780B (en) * 2020-03-19 2023-06-23 广东水利电力职业技术学院(广东省水利电力技工学校) Arbitration quantum signature method based on XOR encryption

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
《Quantum signature scheme based on a quantum search algorithm》;Chun Seok Yoon等;《Physica Scripta》;20141230;全文 *
《Quantum-assisted QD-CFS signatures》;RafaelTrapaniPossignolo等;《Journal of Computer and System Sciences》;20141016;全文 *
《多相位Grover量子搜索算法研究》;马博文;《中国优秀硕士学位论文全文数据库信息科技辑》;20190115;全文 *

Also Published As

Publication number Publication date
CN113242135A (en) 2021-08-10

Similar Documents

Publication Publication Date Title
RU2376651C2 (en) Using isogenies to design cryptosystems
CN111162913B (en) Arbitration quantum signature method based on glass color sampling random unitary operation
CN113242135B (en) Arbitration quantum signature design method based on Grover iterative flexible tracking
CN110574058A (en) Computer-implemented system and method for performing transaction blending on blockchains
CN107615285A (en) The Verification System and device encrypted including the unclonable function of physics and threshold value
CN108737116B (en) Voting protocol method based on d-dimensional three-quantum entangled state
CN112511307A (en) Quantum secret voting method based on single particle
Lai et al. An efficient quantum blind digital signature scheme
Fehr Quantum cryptography
Xia et al. A secure and efficient authenticated key exchange scheme for smart grid
Lai et al. Efficient k-out-of-n oblivious transfer scheme with the ideal communication cost
CN116743395A (en) Grid password-based threshold ring signature method
CN110912695B (en) Quantum arbitration signature method and system based on six-particle invisible transmission state
Lou et al. Sequential quantum multiparty signature based on quantum fourier transform and chaotic system
Jiang Timed encryption with application to deniable key exchange
Wei et al. A general compiler for password-authenticated group key exchange protocol in the standard model
Xin et al. Identity-based quantum signature based on Bell states
CN112019335A (en) Multi-party cooperative encryption and decryption method, device, system and medium based on SM2 algorithm
Liu et al. An improved protocol for optimistic multi-party fair exchange
Wang et al. A Quantum Concurrent Signature Scheme Based on the Quantum Finite Automata Signature Scheme
Debnath et al. Efficient post-quantum private set-intersection protocol
Atashpendar From information theory puzzles in deletion channels to deniability in quantum cryptography
Grigoriev et al. Secrecy without one-way functions
Li et al. An efficient quantum-resistant undeniable signature protocol for the E-voting system
Yang et al. Strongly authenticated key exchange protocol from bilinear groups without random oracles

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant