Paper 2018/1164

Can you sign a quantum state

Gorjan Alagic, Tommaso Gagliardoni, and Christian Majenz

Abstract

Cryptography with quantum states exhibits a number of surprising and counterintuitive features. In a 2002 work, Barnum et al. argued informally that these strange features should imply that digital signatures for quantum states are impossible (Barnum et al., FOCS 2002). In this work, we perform the first rigorous study of the problem of signing quantum states. We first show that the intuition of Barnum et al. was correct, by proving an impossibility result which rules out even very weak forms of signing quantum states. Essentially, we show that any non-trivial combination of correctness and security requirements results in negligible security. This rules out all quantum signature schemes except those which simply measure the state and then sign the outcome using a classical scheme. In other words, only classical signature schemes exist. We then show a positive result: it is possible to sign quantum states, provided that they are also encrypted with the public key of the intended recipient. Following classical nomenclature, we call this notion quantum signcryption. Classically, signcryption is only interesting if it provides superior efficiency to simultaneous encryption and signing. Our results imply that, quantumly, it is far more interesting: by the laws of quantum mechanics, it is the only signing method available. We develop security definitions for quantum signcryption, ranging from a simple one-time two-user setting, to a chosen-ciphertext-secure many-time multi-user setting. We also give secure constructions based on post-quantum public-key primitives. Along the way, we show that a natural hybrid method of combining classical and quantum schemes can be used to "upgrade" a secure classical scheme to the fully-quantum setting, in a wide range of cryptographic settings including signcryption, authenticated encryption, and chosen-ciphertext security.

Note: 19+16 pages, 1 figure

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
quantum cryptographydigital signaturessigncryption
Contact author(s)
c majenz @ uva nl
History
2018-12-03: received
Short URL
https://ia.cr/2018/1164
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/1164,
      author = {Gorjan Alagic and Tommaso Gagliardoni and Christian Majenz},
      title = {Can you sign a quantum state},
      howpublished = {Cryptology ePrint Archive, Paper 2018/1164},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/1164}},
      url = {https://eprint.iacr.org/2018/1164}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.