Unconditionally secure digital signatures implemented in an eight-user quantum network

The ability to know and verifiably demonstrate the origins of messages can often be as important as encrypting the message itself. Here we present an experimental demonstration of an unconditionally secure digital signature (USS) protocol implemented for the first time, to the best of our knowledge, on a fully connected quantum network without trusted nodes. We choose a USS protocol which is secure against forging, repudiation and messages are transferrable. We show the feasibility of unconditionally secure signatures using only bi-partite entangled states distributed throughout the network and experimentally evaluate the performance of the protocol in real world scenarios with varying message lengths

Unconditionally Secure Signatures

Digital signatures are one of the most important cryptographic primitives. In this work we construct an information-theoretically secure signature scheme which, unlike prior schemes, enjoys a number of advantageous properties such as short signature length and high generation efficiency, to name two. In particular, we extend symmetric-key message authentication codes (MACs) based on universal hashing to make them transferable, a property absent from traditional MAC schemes. Our main results are summarised as follows. - We construct an unconditionally secure signature scheme which, unlike prior schemes, does not rely on a trusted third party or anonymous channels. In our scheme, a sender shares with each of the remaining protocol participants (or recipients) a set of keys (or hash functions) from a family of universal hash functions. Also, the recipients share with each other a random portion of the keys that they share with the sender. A signature for a message is a vector of tags generated by applying the hash functions to the message. As such, our scheme can be viewed as an extension of MAC schemes, and therefore, the practical implementation of our scheme is straightforward. - We prove information-theoretic security of our scheme against forging, repudiation, and non-transferability. - We compare our schemes with existing both classical (not employing quantum mechanics) and quantum unconditionally secure signature schemes. The comparison shows that our new scheme has a number of unparalleled advantages over the previous schemes. - Finally, although our scheme does not rely on trusted third parties, we discuss this, showing that having a trusted third party makes our scheme even more attractive

Information-theoretically secure equality-testing protocol with dispute resolution

There are often situations where two remote users each have data, and wish to (i) verify the equality of their data, and (ii) whenever a discrepancy is found afterwards, determine which of the two modified his data. The most common example is where they want to authenticate messages they exchange. Another possible example is where they have a huge database and its mirror in remote places, and whenever a discrepancy is found between their data, they can determine which of the two users is to blame. Of course, if one is allowed to use computational assumptions, this function can be realized readily, e.g., by using digital signatures. However, if one needs information-theoretic security, there is no known method that realizes this function efficiently, i.e., with secret key, communication, and trusted third parties all being sufficiently small. In order to realize this function efficiently with information-theoretic security, we here define the ``equality-testing protocol with dispute resolution'' as a new framework. The most significant difference between our protocol and the previous methods with similar functions is that we allow the intervention of a trusted third party when checking the equality of the data. In this new framework, we also present an explicit protocol that is information-theoretically secure and efficient.Comment: 7 pages, 2 figure

Unconditionally Secure Cryptography: Signature Schemes, User-Private Information Retrieval, and the Generalized Russian Cards Problem

We focus on three different types of multi-party cryptographic protocols. The first is in the area of unconditionally secure signature schemes, the goal of which is to provide users the ability to electronically sign documents without the reliance on computational assumptions needed in traditional digital signatures. The second is on cooperative protocols in which users help each other maintain privacy while querying a database, called user-private information retrieval protocols. The third is concerned with the generalized Russian cards problem, in which two card players wish to communicate their hands to each other via public announcements without the third player learning the card deal. The latter two problems have close ties to the field of combinatorial designs, and properly fit within the field of combinatorial cryptography. All of these problems have a common thread, in that they are grounded in the information-theoretically secure or unconditionally secure setting

Quantum digital signatures with quantum-key-distribution components

Digital signatures guarantee the authenticity and transferability of messages and are widely used in modern communication. The security of currently used classical digital signature schemes, however, relies on computational assumptions. In contrast, quantum digital signature (QDS) schemes offer information- theoretic security guaranteed by the laws of quantum mechanics. We present two QDS protocols which have the same experimental requirements as quantum key distribution, which is already commercially available. We also give a security proof for the presented QDS schemes against coherent forging attacks

Practical Quantum Communication

Current communication networks are based on classical physics and classical information-processing. However, for nearly a century, we have known that at its most fundamental level, the universe is governed by the laws of quantum mechanics. With quantum communication, new possibilities arise in our capabilities to transmit and process information which, in many cases, lead to advantages compared to what is classically possible. The entire scope of tasks for which quantum communication can offer improvements has not yet been fully explored, but several quantum protocols are known that can either perform tasks which are impossible with classical resources or can outperform classical protocols. These quantum protocols are well understood from a theoretical point of view, but many of them have never been demonstrated in practice. Thus, in the context of quantum communication, there is a significant gap between theory and experiment that must be removed in order to harness the advantages provided by quantum mechanics in a practical setting. In this thesis, we develop a series of tools for developing and testing practical quantum communication protocols. Our main technique is a theoretical reformulation of existing quantum communication protocols that converts them into a form in which they can be demonstrated with existing experimental techniques. More precisely, they can be implemented using only coherent states of light and linear optics circuits while still retaining the crucial properties of the original abstract protocols. We use this result to construct practical protocols for the Hidden Matching problem and quantum fingerprinting. In the case of quantum fingerprinting, we make a thorough analysis of the role played by experimental errors and show that our practical protocol can still be implemented in the presence of these imperfections. In fact, we report a proof of concept experimental demonstration of a quantum fingerprinting system that is capable of transmitting less information than the best known classical protocol for this problem. Our implementation is based on a modified version of a commercial quantum key distribution system using off-the-shelf optical components over telecom wavelengths, and is practical for messages as large as 100 Mbits, even in the presence of experimental imperfections. Similarly, in the context of cryptography, we propose a multiparty quantum signature protocol that can be implemented from any point-to-point quantum key distribution network, proving its security against forging, repudiation and non-transferability. Crucially, since quantum key distribution is already a practical technology, so is this protocol. However, unlike other tasks in quantum communication, there has not been significant theoretical work on establishing a security model for quantum signature schemes. Consequently, we also constructed a security framework for these schemes and proved several properties that these protocols must satisfy in order to achieve their security goals. Finally, in addition to proposing new practical protocols, we provide a reliable data analysis technique to verify an important property of many quantum communication protocols: the presence of entanglement. Our technique is based on entanglement witnesses and it does not require the specification of a prior distribution nor the assumption of independent measurements. The technique is suitable to be used with nonlinear entanglement witnesses, which we show can be constructed from any linear witness and evaluated from the same experimental data. We also develop numerical tools necessary to employ this approach in practice, rendering the procedure ready to be applied to current experiments. We demonstrate this by analyzing the data of a photonic experiment generating two-photon states whose entanglement is verified with the use of an accessible nonlinear witness

Complete Characterization of Broadcast and Pseudo-Signatures from Correlations

Unconditionally secure broadcast is feasible among parties connected by pairwise secure links only if there is a strict two-thirds majority of honest parties when no additional resources are available. This limitation may be circumvented when the parties have recourse to additional resources such as correlated randomness. Fitzi, Wolf, and Wullschleger (CRYPTO 2004) attempted to characterize the conditions on correlated randomness shared among three parties which would enable them to realize broadcast. Due to a gap in their impossibility argument, it turns out that their characterization is incorrect. Using a novel construction we show that broadcast is feasible under a considerably larger class of correlations. In fact, we realize pseudo-signatures, which are information theoretic counterparts of digital signatures using which unconditionally secure broadcast may be obtained. We also obtain a matching impossibility result thereby characterizing the class of correlations on which three-party broadcast (and pseudo-signatures) can be based. Our impossibility proof, which extends the well-know argument of Fischer, Lynch and Merritt (Distr. Comp., 1986) to the case where parties observe correlated randomness, maybe of independent interest

Agile quantum cryptography and non-classical state generation

In the first half of this Thesis, we introduce a framework of “quantum cryptographic agility,” which allows for a resource-efficient swap of an underlying cryptographic protocol. Specifically, we introduce several schemes which perform the tasks of Digital Signatures and Secret Sharing. Our first achievement is an investigation of Quantum Digital Signatures (QDS) over a continuous-variables platform, consisting of phase-encoded coherent states and heterodyne phase detection. QDS allows for secure authentication of a classical message, while guaranteeing message transferability. For the first time, we prove security of CV QDS in the presence of an eavesdropper on the quantum channels. We then introduce a continuous variable (CV) Quantum Secret Sharing (QSS) protocol. Our security proof allows for classical information to be split and shared between multiple potentially dishonest recipients, while retaining security against collective beamsplitter and entangling-cloner attacks. In the last chapter of this half, we introduce another QDS scheme which runs over identical hardware setup to our QSS protocol. We analyse experimental data in which quantum coherent states were distributed at a rate of 1 GHz, which for QDS allows us to securely sign a message in less than 0.05 ms. In the second half of this Thesis we suggest and discuss a deterministic source of nonclassical light, which we call “PhoG”. Our source is based on the coherent diffusive photonics, relying on both coherent and dissipative evolution of the quantum state, and may be realised in an array of dissipatively-coupled laser-inscribed waveguides in a χ⁽³⁾ glass. We analyse the PhoG device with several analytical and numerical models and demonstrate that a coherent state input leads to a bright output state with strong photon-number squeezing. With minor reconfiguration our system can generate entanglement between spatially separated modes via a process analogous to four-wave mixing