Digital signatures are widely used in electronic communications to secure important tasks such as financial transactions, software updates, and legal contracts. The signature schemes that are in use today are based on public-key cryptography and derive their security from computational assumptions. However, it is possible to construct unconditionally secure signature protocols. In particular, using quantum communication, it is possible to construct signature schemes with security based on fundamental principles of quantum mechanics. Several quantum signature protocols have been proposed, but none of them has been explicitly generalised to more than three participants, and their security goals have not been formally defined. Here, we first extend the security definitions of Swanson and Stinson [1] so that they can apply also to the quantum case, and introduce a formal definition of transferability based on different verification levels. We then prove several properties that multiparty signature protocols with informationtheoretic security – quantum or classical – must satisfy in order to achieve their security goals. We also express two existing quantum signature protocols with three parties in the security framework we have introduced. Finally, we generalize a quantum signature protocol given in [2] to the multiparty case, proving its security against forging, repudiation and non-transferability. Notably, this protocol can be implemented using any pointto-point quantum key distribution network and therefore is ready to be experimentally demonstrated.
Read full abstract