No Arabic abstract
Until now, there have been developed many arbitrated quantum signature schemes implemented with a help of a trusted third party. In order to guarantee the unconditional security, most of them take advantage of the optimal quantum one-time encryption method based on Pauli operators. However, we in this paper point out that the previous schemes only provides a security against total break and actually show that there exists a simple existential forgery attack to validly modify the transmitted pair of message and signature. In addition, we also provide a simple method to recover the security against the proposed attack.
Recently, the concept on `forgeable quantum messages in arbitrated quantum signature schemes was introduced by T. Kim et al. [Phys. Scr., 90, 025101 (2015)], and it has been shown that there always exists such a forgeable quantum message for every known arbitrated quantum signature scheme with four quantum encryption operators and the specific two rotation operators. We first extend the result to the case of any two unitary rotation operators, and then consider the forgeable quantum messages in the schemes with four quantum encryption operators and three or more rotation operators. We here present a necessary and sufficient condition for existence of a forgeable quantum message, and moreover, by employing the condition, show that there exists an arbitrated quantum signature scheme which contains no forgeable quantum message-signature pairs.
Even though a method to perfectly sign quantum messages has not been known, the arbitrated quantum signature scheme has been considered as one of good candidates. However, its forgery problem has been an obstacle to the scheme being a successful method. In this paper, we consider one situation, which is slightly different from the forgery problem, that we check whether at least one quantum message with signature can be forged in a given scheme, although all the messages cannot be forged. If there exist only a finite number of forgeable quantum messages in the scheme then the scheme can be secure against the forgery attack by not sending the forgeable quantum messages, and so our situation does not directly imply that we check whether the scheme is secure against the attack. But, if users run a given scheme without any consideration of forgeable quantum messages then a sender might transmit such forgeable messages to a receiver, and an attacker can forge the messages if the attacker knows them in such a case. Thus it is important and necessary to look into forgeable quantum messages. We here show that there always exists such a forgeable quantum message-signature pair for every known scheme with quantum encryption and rotation, and numerically show that any forgeable quantum message-signature pairs do not exist in an arbitrated quantum signature scheme.
In this paper, an efficient arbitrated quantum signature scheme is proposed by combining quantum cryptographic techniques and some ideas in classical cryptography. In the presented scheme, the signatory and the receiver can share a long-term secret key with the arbitrator by utilizing the key together with a random number. While in previous quantum signature schemes, the key shared between the signatory and the arbitrator or between the receiver and the arbitrator could be used only once, and thus each time when a signatory needs to sign, the signatory and the receiver have to obtain a new key shared with the arbitrator through a quantum key distribution protocol. Detailed theoretical analysis shows that the proposed scheme is efficient and provably secure.
Quantum-access security, where an attacker is granted superposition access to secret-keyed functionalities, is a fundamental security model and its study has inspired results in post-quantum security. We revisit, and fill a gap in, the quantum-access security analysis of the Lamport one-time signature scheme (OTS) in the quantum random oracle model (QROM) by Alagic et al.~(Eurocrypt 2020). We then go on to generalize the technique to the Winternitz OTS. Along the way, we develop a tool for the analysis of hash chains in the QROM based on the superposition oracle technique by Zhandry (Crypto 2019) which might be of independent interest.
Quantum key distribution (QKD) gradually has become a crucial element of practical secure communication. In different scenarios, the security analysis of genuine QKD systems is complicated. A universal secret key rate calculation method, used for realistic factors such as multiple degrees of freedom encoding, asymmetric protocol structures, equipment flaws, environmental noise, and so on, is still lacking. Based on the correlations of statistical data, we propose a security analysis method without restriction on encoding schemes. This method makes a trade-off between applicability and accuracy, which can effectively analyze various existing QKD systems. We illustrate its ability by analyzing source flaws and a high-dimensional asymmetric protocol. Results imply that our method can give tighter bounds than the Gottesman-Lo-Lutkenhaus-Preskill (GLLP) analysis and is beneficial to analyze protocols with complex encoding structures. Our work has the potential to become a reference standard for the security analysis of practical QKD.