CN114745129A - Reference system independent quantum digital signature method - Google Patents
Reference system independent quantum digital signature method Download PDFInfo
- Publication number
- CN114745129A CN114745129A CN202210344383.9A CN202210344383A CN114745129A CN 114745129 A CN114745129 A CN 114745129A CN 202210344383 A CN202210344383 A CN 202210344383A CN 114745129 A CN114745129 A CN 114745129A
- Authority
- CN
- China
- Prior art keywords
- bob
- charlie
- alice
- probability
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Optical Communication System (AREA)
Abstract
The invention provides a reference system independent quantum digital signature method, which is applied to a quantum signature system. The quantum digital signature system comprises three participants of Alice, Bob and Charlie at a user end, wherein Alice belongs to a signer, and Bob and Charlie belong to a signee. The method comprises a key distribution stage and a message stage, wherein a key is generated by using a reference frame independent quantum key distribution protocol in the key distribution stage, and then quantum digital signature is completed by using the key generated by the above process in the message stage. The protocol can still keep a higher signature rate under the condition of a larger deflection angle between user reference frames, and the performance of the protocol is superior to that of the existing BB84 quantum digital signature protocol.
Description
Technical Field
The invention belongs to the field of quantum digital signature in quantum communication, and particularly relates to a reference system independent quantum digital signature method.
Background
Digital signatures are an important cryptographic protocol and are widely used in modern telecommunications, such as in the context of distributing mail and electronic finance. Most classical Digital signatures, such as RSA, DSA (Digital Signature Algorithm) and ecdsa (explicit customer Digital Signature Algorithm), rely on computational complexity for security. Unfortunately, with the advent of quantum computing, classical digital signatures have been compromised. In the quantum computing era, secure digital signatures are urgently needed. Compared with the classical Digital Signature, the Quantum Digital Signature (QDS) is based on the Quantum mechanics theory, and can ensure the security of communication in the aspect of information theory. The first quantum protocol was proposed by both d.gottesman and i.chuang. In this protocol, quantum storage and non-destructive behavior alignment techniques for long periods of time and quantum channels without eavesdropping are required to be satisfied. These requirements are difficult to achieve experimentally. Following this protocol, a number of quantum digital signature protocols have been proposed and implemented experimentally. Amiri et al, among others, proposes a quantum digital signature protocol that does not require a secure quantum channel, allowing the quantum channel to be eavesdropped by a third party. In this protocol, the sender and receiver prepare the key during KGP. However, in the quantum key distribution process, the reference systems of the two communicating parties need to be aligned to be consistent. They need to be polarization-consistent or interference-stable, which requires a large amount of resources, for example, it is impractical to implement a common polarization reference frame in terrestrial and satellite quantum communications.
Disclosure of Invention
The invention aims to provide a reference system independent quantum digital signature method aiming at the defects of the prior art, which is applied to a quantum digital signature system, adopts a reference system independent quantum key distribution method in a key generation stage, does not need to calibrate the reference systems of both communication sides, reduces unnecessary communication cost loss and reduces technical difficulty.
The technical scheme adopted by the invention for solving the technical problem is to adopt a Reference-Frame-Independent Quantum Digital Signature method (Reference-Frame-Independent Quantum Digital Signature), and in the Quantum key distribution process, two communication parties are respectively a sender and a receiver. And the sender and the receiver randomly select from the Z base, the X base and the Y base to perform projection measurement, and publish measurement results. Assuming that the total number of pulses sent by the sender is N, the gain obtained according to the reference system independent protocolAnd bit error rateThe number of pulses and the number of bit errors under different bases can be obtained. And then, by parameter estimation, vacuum state and single photon response counts under different bases can be obtained, and single photon error rates under different bases can be calculated. The information amount intercepted by Eve uses I under a reference system independent protocolEMeasurement, so minimum entropy of Quantum digital signature protocol independent of reference frameComprises the following steps:
the method comprises a sending phase and a message phase. Wherein Alice is the sender and Bob/Charlie is the receiver. In the key distribution stage, Alice and Bob, Alice and Charlie generate bit strings according to a key generation protocol. Wherein Alice sends the quantum state to Bob and Charlie respectively, and Bob (Charlie) quantum state carries out projection measurement. In the message phase, the sender Alice sends Bob and Charlie the message to be signed and the signature. Bob and Charlie match the signature with their own secret key, and determine whether to receive the signature and message according to whether they meet the corresponding threshold conditions.
The method is applied to a Quantum Digital Signature (QDS) transmission system, wherein the QDS transmission system comprises a user side Alice, Bob and Charlie; the method comprises a key distribution stage and a message stage;
in the key distribution stage, Alice serves as a sender and sends N pulses, and Bob and Charlie serve as receivers, and the specific steps are as follows:
(1) in the key generation process, for a quantum key distribution protocol independent of a reference frame, a sender Alice random selection base Z is definedARadical XARadical YATo prepare a send state; receiver random selection base ZB(C)Radical XB(C)Radical YB(C)To measure the received state, where β represents the deflection angle and varies with time。
ZB(C)=ZA
XB(C)=cosβXA+sinβYA
YB(C)=cosβYA-sinβXA
Wherein each of the Z, X and Y groups has two states, one being a positive state, using Z0,X0,Y0One is negative, expressed by Z1,X1,Y1To indicate. In the case of Alice, the code may,
(2) the sender Alice randomly prepares BB84 state and decoy state sequences for signing a single-bit message m to be sent, and sends the single-bit message m to Bob or Charlie. Because two single photon detectors exist at the receiving end, the probability of effective response event under the condition of j-photon transmission isWhere d represents the dark count rate.
(3) Bob and Charlie then randomly select X or Z or Y basis for projection measurements and publish the measurement results. For weak coherent state, when the signal state intensity u or decoy state intensity v is lambda, the sending base is xiAThe measuring base is xiB(C)Gain of time isQBER isThe following equation is given:
wherein lambda belongs to (u, v) and xiAξB(C)∈{ZAZB(C),XAXB(C),XAYB(C),YAXB(C),YAYB(C)};Means that the transmitting side transmits under the condition of the strength of lambdaFor the receiving partyProbability of measurement (others) The same thing);representing the Poisson distribution, eta represents the total transmittance of a single photon signal, etadFor detection efficiency, α represents loss rate, S represents transmission distance, edIs the background error code.
(4) Alice and Bob or Charlie carry out base pairing through a public channel, and the result of Z base matching is reserved as an original key, and the X base and the Y base are used for estimating the information content of the eavesdropper.
Definition IEAmount of information obtained by eavesdropping for an eavesdropper:
whereinIs xiAξB(C)The maximum upper bound of the fundamental single-photon error rate,andas an intermediate parameter, CEThe eavesdropper acquires the relevant information statistics. H is a binary Shannon entropy function and satisfies H (x) -xlog2(x)-(1-x)log2(1-x)。
(5) And Alice and Bob or Charlie randomly select a part of bits k from the original pulse number N for estimating the error code during channel transmission, and if the error code is too large, the protocol is terminated. Defining the space between Alice and Bob, and the rest n bits after Bob selects part of bits areAlice selects a part of bits and then the remaining n bits areDefining the bit length between Alice and Charlie, and the remaining n bits after Alice selects part of bits areCharlie selects a part of bits and then the remaining n bits are
(6) Bob divides the rest n bits of the key into two parts with equal length as the key, and the two parts are respectively recorded asAndand will beSending the information to Charlie through a safe classical channel; in the same way, Charlie divides the rest n bits as keys into two parts with equal length, and respectively records the two parts as the keysAndand will beSending the information to Bob through a secure channel; after the exchange, Bob holds a symmetric key ofCharlie holds a symmetric key of
In the message phase, the sender Alice signs and the message m to be signedSent to Bob and Charlie. The message phase includes the steps of:
(7) alice signs and messages (m, Sig)m) Sent to the receiver Bob, SigmRepresents a signature on a message m, wherein
(8) Signature sent by Bob through AliceSymmetric key held with itselfComparing the corresponding positions respectively, and recording the number of mismatches; if the number of mismatches of both parts is less than sa(n/2), Bob receives the signed message and proceeds to step (9), otherwise rejects the signed message and terminates the signature. saIs a set safety threshold which causes the maximum bit error rate under the condition that the deflection angle is 45 DEGAnd minimum bit error rate p introduced by eavesdroppereIn connection with this, the present invention is,whereinIs the upper bound of the bit error rate estimated using the Serfling inequality.
(9) Bob will receive the signed message (m, Sig) from Alicem) And sending the information to Charlie.
(10) Charlie will receiveSymmetric key held with itselfComparing the corresponding positions respectively, and recording the number of mismatches; if the number of mismatches of both parts is less than sv(n/2), Charlie receives the signature message, otherwise rejects the signature message and terminates the signature. Wherein s isvIs a set safety threshold which is set by the user,
(11) the security parameters of the given protocol are respectively:
P(robust)≤2∈PE
P(forge)≤a+∈F+8∈PE
where P (robust) is the robustness probability, ∈PEIs the failure probability of the error rate between Alice-Bob and Alice-Charlie estimated by the Serfling inequality; p (forge) represents the probability of forgery, i.e., the probability of forged Alice signature being received by Bob and Charlie at the same time, a is a preset constant probability, and belongs toFThat Bob found an error rate less than svA parameter related to the probability of (d); p(repudiation) denotes the probability of repudiation, i.e. the probability that Alice's signature is received by Bob but rejected by Charlie.
Further, in the presence of an eavesdropper Eve, the minimum entropy in the quantum Key Generation Process (KGP)Comprises the following steps:
whereinIs a binary shannon function and satisfies H (x) -xlog2(x)-(1-x)log2(1-x), ε is the probability of failure for parameter estimation, Z denotes the Z-base, E denotes the eavesdropper Eve,lower bound of the single photon response count representing the Z radical, IERepresenting the amount of information that Eve steals.
Further, in the case of an eavesdropper Eve, the minimum bit error rate p caused by Eve stealing informationeSatisfies the following conditions:H(x)=-xlog2(x)-(1-x)log2(1-x)。
the invention has the beneficial effects that: compared with a general quantum number signature scheme, the quantum key distribution method which is irrelevant to the reference system is adopted in the key generation stage, the reference systems of both communication parties do not need to be calibrated, unnecessary communication cost loss is reduced, and the technical difficulty is reduced. For worst case deflection angleThen, the signature performance is studied using the optimized parameters. Simulation results prove that the reference frame independent quantum digital signature can deal with the worst reference frame deflection angle situationWhile obtaining reasonably good performance, this clearly demonstrates the possibility that a reference deflection with free drift can be used in a quantum digital signature.
Description of the drawings:
FIG. 1 is a schematic diagram of a reference frame independent quantum digital signature of the method of the present invention.
FIG. 2 is a comparison graph of the simulation of the signature rate of BB84 quantum digital signatures at no deflection angle (0) and at worst deflection angle (45) for the method of the present invention at no deflection angle (0) and at worst deflection angle (45).
Detailed Description
The technical solution of the present invention is further described in detail below with reference to the accompanying drawings.
The invention relates to a reference system independent quantum digital signature method, which specifically comprises a key distribution stage and a message stage.
And a key distribution stage: the sender is Alice, and the receivers are Bob and Charlie.
(1) The sender randomly selects the base Z by a reference frame independent quantum key distribution protocolAGroup XARadical YAPreparing a sending state, the receiver randomly selecting a base ZB(C)Group XB(C)Radical YB(C)And measuring the received state projection.
(2) Alice sends N pulses and randomly selects BB84 state and decoy state preparation, and sends to Bob or Charlie.
(3) Receiver Bob and Charlie randomly select X, Y, Z-based projection measurements and publish the measurement results.
(4) Alice and Bob or Charlie perform base pairing through a public channel, and retain the result of Z base matching as the original key.
(5) And Alice and Bob or Charlie randomly select a part of bits k from the original pulse number N for estimating the error code during channel transmission, and if the error code is too large, the protocol is terminated. Defining the space between Alice and Bob, and the rest n bits after Bob selects part of bits areAlice selects part of the bits and then the remaining n bits areDefining the space between Alice and Charlie, wherein the rest n bits after Alice selects partial bits areCharlie selects partial bits and then the remaining n bits are
(6) Bob divides the rest n bits of the key into two parts with equal length as the key, and the two parts are respectively recorded asAndand will beSending the information to Charlie through a safe classical channel; in the same way, Charlie divides the rest n bits as keys into two parts with equal length, and respectively records the two parts as the keysAndand will beSent to Bob over a secure classical channel; after exchange Bob holds a key ofCharlie holds a key of
(7) Alice signs and messages (m, Sig)m) Sent to the receiver Bob, SigmRepresents a signature on a message m, wherein
(8) Bob willAnd itselfComparing the corresponding positions respectively, and recording the number of mismatches; if the number of mismatches of both parts is less than sa(n/2), Bob receives the signed message and proceeds to step (9), otherwise rejects the signed message and terminates the signature. s isaIs a set safety threshold which, together with the worst case, results in a maximum bit error rateAnd minimum bit error rate p introduced by eavesdroppereIt is relevant.
(9) Bob will receive the signed message (m, Sig) from Alicem) And sending the information to Charlie.
(10) Charlie will receiveAnd itselfComparing the corresponding positions respectively, and recording the number of mismatches; if the number of mismatches of both parts is less than sv(n/2), Charlie receives the signature message, otherwise rejects the signature message and terminates the signature.
In the key generation phase, assuming that the number of transmission pulses of a sender is N, a receiver uses two single photon detectors, and the probability of an effective response event under the condition of j-photons is as follows:
where d is the dark count rate.
note the bookIn the signal state or the decoy state, the transmission base isThe measurement base isProbability of time (others)As such),can be described as:
definition ofIn the signal state (decoy state), the transmission basis is xiAThe measurement base is xiB(C)The gain of (a) is obtained,for the qubit error rate, there are:
wherein lambda belongs to (u, v) and xiAξB(C)∈{ZAZB(C),XAXB(C),XAYB(C),YAXB(C),YAYB(C)}; total transmission of single photon signal ofηdFor detection efficiency, α represents loss rate, S represents transmission distance, edIs the background error code.
Using gainAnd a quantum bit error rateThe number of pulses and the number of bit errors under the corresponding basis can be calculated.
The number of pulses when the transmission base is Z base and the measurement base is also Z base is as follows:
whereinPu,Pv,PwRespectively representing the probability of selecting the Z base by the sender Alice, the probability of selecting the Z base by the receiver Bob (Charlie), the probability of selecting a signal state, the probability of selecting a decoy state and the probability of selecting a vacuum state by optimizing parameters, wherein Pw=1-Pu-Pv。Respectively representing the gains of signal state, decoy state and vacuum state under the corresponding Z base,indicates the total number of pulses corresponding to the Z base, andthe pulse numbers of the signal state, the decoy state and the vacuum state under the corresponding Z base are shown. In the same way, X can also be obtainedAXB(C),XAYB(C),YAXB(C),YAYB(C)The number of pulses below.
Correspondingly, the number of bit errors when the transmission base is the Z base and the measurement base is also the Z base is
WhereinPu,Pv,PwRespectively representing the probability of selecting the Z base by the sender Alice, the probability of selecting the Z base by the receiver Bob (Charlie), the probability of selecting a signal state, the probability of selecting a decoy state and the probability of selecting a vacuum state for optimizing parameters, whereinPw=1-Pu-Pv。Respectively representing the gains of signal state, decoy state and vacuum state under the corresponding Z base,respectively representing the quantum bit error rate under the corresponding Z-base signal state, the decoy state and the vacuum state.Represents the total error number under the corresponding Z base,respectively representing the number of error codes in a signal state, a decoy state and a vacuum state under the Z base. In the same way, X can also be obtainedAXB(C),XAYB(C),YAXB(C),YAYB(C)The number of error codes.
By using the Hough inequality, the upper and lower bounds of the pulse number and the error code number under the corresponding basis can be obtained, and for ZAZBBase:
where k is within the range of (u, v, w) and is within the range ofPEIs a security parameter of the system.
The vacuum state count and single photon state count at the corresponding basis can then be calculated. For ZAZBFor the basis, the vacuum state count is:
the single photon state counts were:
whereinτnRepresenting the probability of preparing an n-photon state; by the same token, X can be calculatedAXB(C),XAYB(C),YAXB(C),YAYB(C)Vacuum state counting and single photon state counting.
And then calculating the single photon error rate under the corresponding basis. For ZAZBBasically, the single photon phase error rate is:
by the same token, X can be calculatedAXB(C),XAYB(C),YAXB(C),YAYB(C)The maximum upper bound of the lower single photon error rate.
Definition IEAmount of information obtained by eavesdropping for an eavesdropper:
whereinIs xiAξB(C)The maximum upper bound of the fundamental single-photon error rate,andis a parameter, CEStatistics on the information are obtained for the eavesdropper. H is a binary Shannon entropy function and satisfies H (x) -xlog2(x)-(1-x)log2(1-x)。
For a reference system independent quantum digital signature, the minimum entropy in the KGP process exists when an eavesdropper Eve existsAnd can determine the minimum rate P at which errors are introduced in the KGP process in the presence of an eavesdropper EveeThe value of (c):
where n is the length to be signed.
In the send phase, Alice signs the message and the signature (m, Sig)m) Sent to receivers Bob and Charlie, SigmRepresents a signature on a message m, whereinTransmitted by Bob from AliceAnd itselfComparing the corresponding positions respectively, and recording the number of mismatches; if the number of mismatches of both parts is less than sa(n/2) Then Bob receives the signed message and will receive the signed message (m, Sig) from Alicem) Sending to Charlie, otherwise rejecting signature message and terminating signature. Charlie will receiveAnd itselfComparing the corresponding positions respectively, and recording the number of mismatches; if the number of mismatches of both parts is less than sv(n/2), Bob receives the signed message, otherwise rejects the signed message and terminates the signature. s isa、svIs a set safety threshold which causes the maximum bit error rate with the worst case (deflection angle of 45 DEG)And minimum bit error rate p introduced by eavesdroppereIt is related.WhereinThe upper bound of the bit error rate is estimated by using a Serfling inequality (n is the length to be signed, and k is the bit error rate part bit used for estimating channel transmission):
aiming at the security analysis of a reference system independent quantum digital signature, the scheme of the invention comprehensively considers the robustness probability, the forgery probability and the repudiation probability. The robustness probability is the failure probability of the protocol when the system normally operates, and meets the following conditions:
P(robust)≤2∈PE, (22)
wherein ePEIs to estimate the failure probability of the error rate between Alice-Bob and Alice-Charlie using the Serfling inequality. The denial probability is a measure of the probability that Alice's signature is accepted by Bob but rejected by Charlie, which satisfies:
the forgery probability is a measure of the probability that the signature of forged Alice can be accepted by Bob and Charlie at the same time, and satisfies the following conditions:
P(forge)≤a+∈F+8∈PE, (24)
a is a preset constant probability and belongs toFThat Bob found an error rate less than svThe relevant parameter of the probability of (a) is,
In summary, the security of the protocol needs to satisfy:
ε≥P(robust)=P(repudiation)=P(forge)。 (26)
in order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the accompanying drawings in combination with the specific simulation results.
The system parameters used in the simulation of the scheme of the invention are shown in table 1: alpha is the loss coefficient of the quantum channel; e.g. of the typedThe background bit error rate of the optical system; pdcIs the dark count rate; etadIs the detection effect of the detectorRate; e is aPEIs the probability of failure of the error rate estimation. In addition, under the given security level, the signature rate is optimized in full parameters, the optimized parameters comprise signal state and deceptive state strength { u, v }, and the probability { P) of selecting the signal state and the deceptive stateu,Pv}, probability of Alice selecting the Z basisProbability of Bob (Charlie) selecting Z base
Fig. 1 shows the principle architecture of the present solution, which applies reference frame independent key distribution to quantum digital signatures.
FIG. 2 shows that the initial pulse number is N-106Safety is 10-5The signature rate of the reference-system-independent quantum digital signature (RFI-QDS) and BB84 quantum digital signature (BB84-QDS) at deflection angles of 0 DEG and 45 DEG, respectively, are plotted in comparison. For fair comparison, the parameters in table 1 are also used for the signature rate of BB84 quantum digital signature in simulation. It can be seen from the figures that for both protocols, the signature rate is higher for a 0 ° yaw angle than for a worst 45 ° yaw angle, but RFI-QDS is less affected by the yaw angle. For RFI-QDS, with a larger deflection angle, a higher signature rate can still be maintained, and the performance is better than BB84 quantum digital signature protocol under the same deflection angle.
TABLE 1
α | ed | Pdc | ηd | ∈PE |
0.2dB/km | 0.015 | 3.0×10-6 | 14.5% | 10-5 |
The above description is only a preferred embodiment of the present invention, and the scope of the present invention is not limited to the above embodiment, but equivalent modifications or changes made by those skilled in the art according to the present disclosure should be included in the scope of the present invention as set forth in the appended claims.
Claims (3)
1. A reference system independent quantum digital signature method is applied to a quantum digital signature transmission system, the quantum digital signature system comprises a user end Alice, Bob and Charlie, and is characterized by comprising a key distribution stage and a message stage;
in the key distribution stage, Alice serves as a sender and sends N pulses, and Bob and Charlie serve as receivers, and the specific steps are as follows:
(1) in the key generation process, according to a quantum key distribution protocol independent of a reference system, a sender Alice random selection base Z is definedA,XA,YATo prepare a send state; receiver random selection base ZB(C),XB(C),YB(C)To measure the received states, where β represents the deflection angle and varies over time:
ZB(C)=ZA
XB(C)=cosβXA+sinβYA
YB(C)=cosβYA-sinβXA
wherein each of the Z, X and Y groups has two states, one being a positive state, using Z0,X0,Y0One is negative state, represented by Z1,X1,Y1To represent; in the case of Alice, the code may,
(2) a sender Alice randomly prepares BB84 state and decoy state sequences, signs a single-bit message m to be sent, and sends the single-bit message m to Bob or Charlie; the probability of effective response event under the condition of j-photon transmission is that two single photon detectors exist at the receiving endWherein d represents a dark count rate;
(3) then Bob and Charlie randomly select X base, Z base or Y base to carry out projection measurement and publish the measurement result; for weak coherent state, when the signal state intensity u or decoy state intensity v is lambda, the sending base is xiAThe measurement base is xiB(C)Gain of time isQBER isWherein QBER is the quantum bit error rate, and is obtained by the following formula:
wherein lambda belongs to (u, v) and xiAξB(C)∈{ZAZB(C),XAXB(C),XAYB(C),YAXB(C),YAYB(C)};Indicating that the sending end sends under the condition of the strength of lambdaFor receiving endProbability of measurement, others The same process is carried out;representing a poisson distribution; eta represents the total transmittance of single photon signals, etadFor detection efficiency, α represents the loss rate, S is the transmission distance, edA background error code;
(4) alice and Bob or Charlie carry out base pairing through a public channel, and a Z base matching result is reserved as an original key, and an X base and a Y base are used for estimating the information content of an eavesdropper;
definition IEAmount of information acquired by eavesdropping for the eavesdropper:
whereinIs xiAξB(C)The maximum upper bound of the fundamental single-photon error rate,andas an intermediate parameter, CEObtaining relevant information statistics for the eavesdropper; h is a binary Shannon entropy function and satisfies H (x) -xlog2(x)-(1-x)log2(1-x);
(5) Randomly selecting a part of bits k from the original pulse number N by Alice and Bob or Charlie for estimating the error code during channel transmission, and terminating the protocol if the error code is larger than a certain value;
defining the space between Alice and Bob, and the rest n bits after Bob selects part of bits areAlice selects a part of bits and then the remaining n bits areDefining the bit length between Alice and Charlie, and the remaining n bits after Alice selects part of bits areCharlie selects n bits left after partial bits are selected as
(6) Bob divides the rest n bits of the key into two parts with equal length as the key, and the two parts are respectively recorded asAndand will beBy passingSending the safe classical channel to Charlie; in the same way, Charlie divides the rest n bits as keys into two parts with equal length, and respectively records the two parts as the keysAndand will beSent to Bob over a secure classical channel;
In the message phase, a message m to be signed and a signature are signed by a sender Alice Sending to Bob and Charlie; the message phase includes:
(7) alice signs and messages (m, Sig)m) Sent to the receiver Bob, SigmRepresents a signature on a message m, wherein
(8) Bob will signSymmetric key held with itselfComparing the corresponding positions respectively, and recording the number of mismatching; if the number of mismatches of both parts is less than sa(n/2), Bob receives the signed message and performs step (9), otherwise, refuses to sign the message and terminates the signature; saIs a set safety threshold which causes the maximum bit error rate under the condition that the deflection angle is 45 degreesAnd minimum bit error rate p introduced by eavesdropperseIn connection with this, the present invention is,
(9) bob will receive the signed message (m, Sig) from Alicem) Sending the information to Charlie;
(10) charlie will signSymmetric key held with itselfComparing the corresponding positions respectively, and recording the number of mismatching; if the number of mismatches of both parts is less than sv(n/2), receiving the signature message by Charlie, otherwise rejecting the signature message and terminating the signature; wherein s isvIs a set safety margin that is set for,
(11) the security parameters of the given protocol are:
P(robust)≤2∈PE,
P(forge)≤a+∈F+8∈PE,
where P (robust) is the robustness probability, ∈PEIs the failure probability of the error rate between Alice-Bob and Alice-Charlie estimated by the Serfling inequality; p (forge) represents the probability of forgery, i.e., the probability of forged Alice signature being received by Bob and Charlie at the same time, a is a preset constant probability, and belongs toFThat Bob found an error rate less than svA parameter related to the probability of (d); p (repudiation) represents the probability of repudiation, i.e., the probability that Alice's signature is received by Bob but rejected by Charlie.
2. A reference frame independent quantum digital signature method as claimed in claim 1 wherein the minimum entropy in KGP process in the presence of eavesdropper EveComprises the following steps:
wherein the KGP process is a quantum key generation process,is a binary shannon function and satisfies H (x) -xlog2(x)-(1-x)log2(1-x), ε is the probability of failure for parameter estimation, Z denotes the Z-base, E denotes the eavesdropper Eve,lower bound of the single photon response count representing the Z radical, IERepresenting the amount of information that Eve steals.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210344383.9A CN114745129B (en) | 2022-03-31 | 2022-03-31 | Reference system independent quantum digital signature method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210344383.9A CN114745129B (en) | 2022-03-31 | 2022-03-31 | Reference system independent quantum digital signature method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114745129A true CN114745129A (en) | 2022-07-12 |
CN114745129B CN114745129B (en) | 2023-09-26 |
Family
ID=82278451
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210344383.9A Active CN114745129B (en) | 2022-03-31 | 2022-03-31 | Reference system independent quantum digital signature method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114745129B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115361118A (en) * | 2022-08-03 | 2022-11-18 | 国网福建省电力有限公司 | Loss tolerant reference frame and measuring device independent quantum key distribution method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109039604A (en) * | 2018-08-07 | 2018-12-18 | 南京邮电大学 | A kind of passive type trick state Quantum Digital Signature Research method |
AU2020100261A4 (en) * | 2020-01-10 | 2020-03-26 | Chengdu University Of Information Technology | The quantum secret information direct communication method with mutual authentication |
CN111541544A (en) * | 2020-03-20 | 2020-08-14 | 南京邮电大学 | Quantum digital signature method based on double-field protocol |
CN111865599A (en) * | 2020-02-15 | 2020-10-30 | 南京邮电大学 | Single-decoy-state quantum digital signature method |
-
2022
- 2022-03-31 CN CN202210344383.9A patent/CN114745129B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109039604A (en) * | 2018-08-07 | 2018-12-18 | 南京邮电大学 | A kind of passive type trick state Quantum Digital Signature Research method |
AU2020100261A4 (en) * | 2020-01-10 | 2020-03-26 | Chengdu University Of Information Technology | The quantum secret information direct communication method with mutual authentication |
CN111865599A (en) * | 2020-02-15 | 2020-10-30 | 南京邮电大学 | Single-decoy-state quantum digital signature method |
CN111541544A (en) * | 2020-03-20 | 2020-08-14 | 南京邮电大学 | Quantum digital signature method based on double-field protocol |
Non-Patent Citations (2)
Title |
---|
CHUNMEI ZHANG, ET AL.: "Practical reference-frame-independent quantum key distribution systems against the worst relative rotation of reference frames", JOURNAL OF PHYSICS COMMUNICATIONS * |
施荣华;冯艳艳;石金晶;: "基于正则图上量子游走的仲裁量子签名方案", 电子与信息学报, no. 01 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115361118A (en) * | 2022-08-03 | 2022-11-18 | 国网福建省电力有限公司 | Loss tolerant reference frame and measuring device independent quantum key distribution method |
Also Published As
Publication number | Publication date |
---|---|
CN114745129B (en) | 2023-09-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Amiri et al. | Secure quantum signatures using insecure quantum channels | |
Croal et al. | Free-space quantum signatures using heterodyne measurements | |
JP4862159B2 (en) | Quantum key distribution method, communication system, and communication apparatus | |
CN111541544B (en) | Quantum digital signature method based on double-field protocol | |
CN111447056B (en) | Configurable decoy state quantum digital signature method | |
CN113300762B (en) | Passive light source monitoring method suitable for double-field protocol | |
CN111200493B (en) | Post-processing system and method for phase polarization joint modulation QKD | |
Niemiec et al. | Management of security in quantum cryptography | |
CN111865599B (en) | Single-decoy-state quantum digital signature method | |
CN110086614B (en) | Quantum digital signature method using marked single photon source | |
Cederlof et al. | Security aspects of the authentication used in quantum cryptography | |
CN110086599B (en) | Hash calculation method and signcryption method based on homomorphic chameleon Hash function | |
CN110493010A (en) | Mailing system and receiving/transmission method based on Quantum Digital Signature Research | |
Niemiec et al. | The measure of security in quantum cryptography | |
CN114745129B (en) | Reference system independent quantum digital signature method | |
Cerf et al. | Cloning and cryptography with quantum continuous variables | |
CN115834046A (en) | Reference system independent quantum key distribution method with light source monitoring function | |
Bratzik et al. | Min-entropy and quantum key distribution: Nonzero key rates for “small” numbers of signals | |
CN115001704B (en) | Four-intensity decoy state quantum digital signature method | |
CN115643024A (en) | Loss tolerance reference system independent quantum digital signature method | |
Sych et al. | Critical error rate of quantum-key-distribution protocols versus the size and dimensionality of the quantum alphabet | |
CN115276988B (en) | Four-strength measuring equipment independent key distribution method | |
CN114531227B (en) | Compression-state-based wide signal-to-noise ratio continuous variable QKD data coordination method and system | |
CN115021941A (en) | Quantum digital signature method with state preparation error tolerance function | |
CN109039477B (en) | Fault-tolerant quantum conversation method based on decoherence-free subspace |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |