Erika Andersson

Yoann Pelet, Ittoop Vergheese Puthoor, Natarajan Venkatachalam et al.

The ability to know and verifiably demonstrate the origins of messages can often be as important as encrypting the message itself. Here we present an experimental demonstration of an unconditionally secure digital signature (USS) protocol implemented for the first time, to the best of our knowledge, on a fully connected quantum network without trusted nodes. Our USS protocol is secure against forging, repudiation and messages are transferrable. We show the feasibility of unconditionally secure signatures using only bi-partite entangled states distributed throughout the network and experimentally evaluate the performance of the protocol in real world scenarios with varying message lengths.

Ryan Amiri, Erika Andersson

Signature schemes, proposed in 1976 by Diffie and Hellman, have become ubiquitous across modern communications. They allow for the exchange of messages from one sender to multiple recipients, with the guarantees that messages cannot be forged or tampered with and that messages also can be forwarded from one recipient to another without compromising their validity. Signatures are different from, but no less important than encryption, which ensures the privacy of a message. Commonly used signature protocols - signatures based on the Rivest-Adleman-Shamir (RSA) algorithm, the digital signature algorithm (DSA), and the elliptic curve digital signature algorithm (ECDSA) - are only computationally secure, similar to public key encryption methods. In fact, since these rely on the difficulty of finding discrete logarithms or factoring large primes, it is known that they will become completely insecure with the emergence of quantum computers. We may therefore see a shift towards signature protocols that will remain secure even in a post-quantum world. Ideally, such schemes would provide unconditional or information-theoretic security. In this paper, we aim to provide an accessible and comprehensive review of existing unconditionally secure signature schemes for signing classical messages, with a focus on unconditionally secure quantum signature schemes.

Juan Miguel Arrazola, Petros Wallden, Erika Andersson

Digital signatures are widely used in electronic communications to secure important tasks such as financial transactions, software updates, and legal contracts. The signature schemes that are in use today are based on public-key cryptography and derive their security from computational assumptions. However, it is possible to construct unconditionally secure signature protocols. In particular, using quantum communication, it is possible to construct signature schemes with security based on fundamental principles of quantum mechanics. Several quantum signature protocols have been proposed, but none of them has been explicitly generalized to more than three participants, and their security goals have not been formally defined. Here, we first extend the security definitions of Swanson and Stinson (2011) so that they can apply also to the quantum case, and introduce a formal definition of transferability based on different verification levels. We then prove several properties that multiparty signature protocols with information-theoretic security -- quantum or classical -- must satisfy in order to achieve their security goals. We also express two existing quantum signature protocols with three parties in the security framework we have introduced. Finally, we generalize a quantum signature protocol given in Wallden-Dunjko-Kent-Andersson (2015) to the multiparty case, proving its security against forging, repudiation and non-transferability. Notably, this protocol can be implemented using any point-to-point quantum key distribution network and therefore is ready to be experimentally demonstrated.