Franchised Quantum Money
This addresses the challenge of creating practical quantum money schemes for secure digital transactions, though it is incremental as it modifies the model rather than solving the original problem directly.
The paper tackles the open problem of constructing public key quantum money by introducing franchised quantum money, an easier-to-build alternative that retains unforgeability and local verification, and provides a construction with security proven under one-way function assumptions.
The construction of public key quantum money based on standard cryptographic assumptions is a longstanding open question. Here we introduce franchised quantum money, an alternative form of quantum money that is easier to construct. Franchised quantum money retains the features of a useful quantum money scheme, namely unforgeability and local verification: anyone can verify banknotes without communicating with the bank. In franchised quantum money, every user gets a unique secret verification key, and the scheme is secure against counterfeiting and sabotage, a new security notion that appears in the franchised model. Finally, we construct franchised quantum money and prove security assuming one-way functions.