Threshold Scheme of Multi-party Quantum Group Signature with ...

Int J Theor Phys (2012) 51:1038–1049 DOI 10.1007/s10773-011-0978-5

A (t, n)-Threshold Scheme of Multi-party Quantum Group Signature with Irregular Quantum Fourier Transform Jinjing Shi · Ronghua Shi · Ying Guo · Xiaoqi Peng · Moon Ho Lee · Dongsun Park

Received: 4 May 2011 / Accepted: 1 October 2011 / Published online: 12 October 2011 © Springer Science+Business Media, LLC 2011

Abstract A novel (t, n)-threshold scheme for the multi-party quantum group signature is proposed based on the irregular quantum Fourier transform, in which every t-qubit quantum message needs n participants to generate the quantum group signature. All the quantum operation gates in the quantum circuit can be distributed and arranged randomly in the irregular QFT algorithm, which can increase the von Neumann entropy of the signed quantum message and the randomicity of the quantum signature generation significantly. The generation and verification of the quantum group signature can be both performed in quantum circuits with the parallel algorithm. Security analysis shows that an available and legal quantum (t, n)-threshold group signature can be achieved. Keywords Quantum signature · Group signature · Threshold · Irregular QFT

1 Introduction The most spectacular discovery in quantum computing to date is that quantum computers can efficiently perform some tasks which are not feasible on a classical computer [1]. Quantum computers are also devices that information is processed in a way that preserves quantum coherence [2]. Thus more and more cryptographic schemes and communication J. Shi () · R. Shi · Y. Guo School of Information Science and Engineering, Central South University, Changsha 410083, China e-mail: [email protected] X. Peng Department of Information Science and Engineering, Hunan First Normal University, Changsha 410205, China e-mail: [email protected] J. Shi · M.H. Lee · D. Park Institute of Information and Communication, Chonbuk National University, Chonju 561-756, Korea M.H. Lee e-mail: [email protected]

Int J Theor Phys (2012) 51:1038–1049

1039

protocols [3, 4] are also designed with quantum computation and quantum information processing techniques, and quantum signature schemes can be included as well. A quantum digital signature (QDS) [5] refers to the quantum mechanical equivalent of either a classical digital signature or a handwritten signature on a paper document to protect a document against forgery by anyone [6]. A group signature scheme as first introduced by David Chaum [7] in the classical cryptography, is a method for allowing a member of a group to anonymously sign a message on behalf of the group [8], and it can be also implemented with quantum computation. Currently, Zeng et al. [9–13] introduced a quantum signature scheme based on the classical signature theory and quantum cryptography. Lee [14] also presented two quantum signature schemes with message recovery. Yang and Wen [15, 16] suggested a multi-proxy quantum group signature scheme with threshold shared verification in 2008. Li et al. proposed an arbitrated quantum signature scheme [17] using Bell states in 2009. Wen et al. [18] introduced a group signature scheme based on quantum teleportation and analyzed its application [19] in 2010. Xu et al. presented a quantum group blind signature scheme without entanglement in 2011 [20]. In addition, since the quantum Fourier transform (QFT) [1, 21] plays an important role in quantum operation [22] for the quantum information processing, the QFT has a large number of applications in many branches of science. Some quantum cryptographic schemes are also proposed based on QFT. For instance, Huang et al. applied QFT to present an (n, n)-threshold scheme [8] for the multiparty quantum secret sharing [23] in 2009, Shi et al. introduced a multiparty quantum proxy group signature scheme for the entangled-state message with QFT [24] in 2011, and Zhou et al. proposed a novel single-channel color image encryption algorithm based on chaos and fractional Fourier transform [25] in 2011. However, these quantum cryptographic schemes are based on the regular QFT algorithm, and the application of irregular QFT in quantum schemes has not been discussed yet. Thus a (t, n)-threshold scheme for the multi-party quantum group signature is proposed based on the irregular QFT, in which every t -qubit quantum message needs n participants to generate the quantum group signature. The irregular QFT (IQFT) algorithm, whose order of quantum gate operations is irregular and random, can increase the von Neumann entropy of the signed quantum message and the randomicity of the quantum signature generation significantly to improve the anti-attack performance of the quantum message. All the quantum operation gates in the quantum circuit can be distributed and arranged randomly in the IQFT algorithm and the generation and verification of the quantum group signature can be both performed in quantum circuits with the parallel algorithm to enhance operability of the quantum group signature scheme. The rest of this paper is organized as follows. Section 2 proposes the constructions of multi-party quantum group signature scheme. A security analysis is presented in Sect. 3. Finally, the discussion and conclusions are drawn in Sect. 4.

2 Multi-party Quantum Group Signature Scheme The presented scheme includes three phases: the initial phase, the quantum group signing phase and the verification phase. Now the details of each phase can be described as follows. 2.1 Initial Phase t can be created for the message which Step 1. Preparation of message. A qubit sequence |ψM t contains t qubits such as is expected to be signed by the signing group. Here |ψM t |ψM = {|m1 , |m2 , . . . , |mk , . . . , |mt }.

(1)

1040

Int J Theor Phys (2012) 51:1038–1049

Fig. 1 Quantum circuit structure for the IQFT on each register of size t . P1 , P2 , . . . , Pn respectively stands for different group participants who manage the corresponding operation gates t For each qubit |mk of |ψM ,

|mk = αk |0k + βk |1k ,

(2)

where αk and βk are complex number satisfying |αk |2 + |βk |2 = 1 (k = 1, 2, . . . t ). Step 2. Generation of quantum operation gates. A quantum message with t qubits needs n participants’ operations containing n controlled R (phase) gates where n = t (t − 1)/2 and t H (Hadamard) gate according the algorithm of QFT, i.e., ⎞ ⎛ 1 0 0 0 ⎜0 1 0 1 1 1 0 ⎟ ⎟ , μ ∈ (2, 3, . . . , t). (3) , Rμ = ⎜ H=√ ⎝ 0 0 1 0 ⎠ 1 −1 2 2π i/2μ 0 0 0 e Specifically, there are t − 1 controlled R2 gates, t − 2 controlled R3 gates, . . . t − (μ − 1) controlled Rμ gates and a controlled Rt gate. Step 3. Generation of a quantum circuit. The quantum circuit for the IQFT is presented in Fig. 1. According the QFT all the H gates are arranged in the appropriate position. However, all the positions of controlled R gates are vacant and which participant manage a controlled R gate in a determinate position is defined in Fig. 1. All the controlled R gates can be randomly distributed to the signing group participants at the very beginning of quantum group signature generation phase because the IQFT is introduced. 2.2 Quantum Group Signing Phase For simplifying the generation process of quantum group signature, the situation of signing 4 = {|m1 , |m2 , |m3 , |m4 } can be discussed firstly, on the 4-qubit quantum message |ψM t . and then it can be generalized to the t -qubit quantum message |ψM 2.2.1 Generation Phase of (4, 6)-Threshold Quantum Group Signature for the 4-Qubit Quantum Message 4 Each qubit of |ψM can be expressed as follows according to (1), i.e.,

|m1 = α1 |01 + β1 |11 ,

|m2 = α2 |02 + β2 |12 ,

|m3 = α3 |03 + β3 |13 ,

|m4 = α4 |04 + β4 |14 .

(4)

4 Then the IQFT algorithm acting on the 4-qubit quantum message |ψM needs 4 H gates, 3 controlled R2 gates, 2 controlled R3 gates and a controlled R4 gate and the signature

Int J Theor Phys (2012) 51:1038–1049

1041

Fig. 2 A random process for distribution these controlled R2 , R3 and R4 gates to the participants P1 ∼ P6 . Each participant manages an R gate and they have a one-to-one corresponding relationship

4 Fig. 3 The quantum circuit diagram for the IQFT acting on the 4-qubit quantum message |ψM

generation process needs 6 group participants P1 ∼ P6 . It is the (4, 6)-threshold scheme for the quantum group signature. Step 1. The total 6 controlled R gates can be randomly distributed to 6 signing group participants one to one. In this process the controlled-phase-gate commutation [26, 27] of QFT can be taken into consideration as well. For example, a random process for distribution these controlled R2 , R3 and R4 gates to the participants P1 ∼ P6 is presented in Fig. 2. Then we can determine that the participants P1 ∼ P6 manage the controlled R2 , R3 , R2 , R3 , R2 and R4 gates respectively. The quantum circuit for the IQFT acting on the 4-qubit quantum 4 is presented in Fig. 3. message |ψM Step 2. The participants manage their operation gates to generate a group signature for the 4 4 collectively. The 4 qubits {|m1 , |m2 , |m3 , |m4 } of |ψM 4-qubit quantum message |ψM can be operated by parallel computing according to the quantum circuit presented in Fig. 3. Thus the operation process can be described as follows. 4 to acquire the state 1. Firstly the H gate can be applied on the first qubit |m1 of |ψM

1 H |m1 −→ √ [(α1 + β1 )|01 + (α1 − β1 )|11 ]. 2

(5)

Then the participant P1 applies the controlled R2 gate (controlled by |m2 ) and the participants P2 and P3 continue apply the controlled R3 (controlled by |m3 ) and R2 (controlled by |m4 ) gates respectively to derive the final state |mI1QF T of |m1 , i.e., 1 |mI1QF T = √ [(α4 + β4 )(α3 + β3 )(α2 + β2 )(α1 + β1 )|01 2 πi

πi

πi

+ (α4 + β4 e 2 )(α3 + β3 e 4 )(α2 + β2 e 2 )(α1 − β1 )|11 ].

(6)

4 2. The qubits {|m2 , |m3 , |m4 } of |ψM can be operated in a similar way, i,e., applying the H gate and the participants P4 and P5 continue apply the controlled R3 (controlled

1042

Int J Theor Phys (2012) 51:1038–1049

by |m3 ) and R2 (controlled by |m4 ) gates on the second qubit |m2 respectively to get the final state |mI2QF T , applying H gate and the participant P6 applies the controlled R4 gate (controlled by |m4 ) on the third qubit |m3 to derive the final state |mI3QF T , and applying H gate on the fourth qubit |m4 derives the final state |mI4QF T . Then these final states can be expressed as follows: 1 |mI2QF T = √ [(α4 + β4 )(α3 + β3 )(α2 + β2 )|02 2 πi

πi

+ (α4 + β4 e 2 )(α3 + β3 e 4 )(α2 − β2 )|12 ],

(7)

1 πi |mI3QF T = √ [(α4 + β4 )(α3 + β3 )|03 + (α4 + β4 e 8 )(α3 − β3 )|13 ], 2

(8)

1 |mI4QF T = √ [(α4 + β4 )|04 + (α4 − β4 )|14 ]. 2

(9)

4 The signed quantum message can be expressed as |SψM = {|mI1QF T , |mI2QF T , 4 Then |SψM is a (4, 6) threshold quantum group signature of the 4-qubit quantum message generated by the six participants P1 ∼ P6 with the IQFT. Next the generation process of the (t, n)-threshold quantum group signature for the t -qubit quantum message can be introduced in the following section.

|mI3QF T , |mI4QF T }.

2.2.2 Generation Phase of (t, n)-Threshold Quantum Group Signature for the t -Qubit Quantum Message The expression of the t -qubit quantum message is presented in (1) and (2). The signing algorithm of IQFT acting on the t -qubit quantum message is very similar to that acting on the 4-qubit quantum message, thus the generation of the (t, n)-threshold quantum group signature can be summarized as the following steps. Step 1. The total n controlled R gates can be randomly distributed to n signing group participants one to one, where n = t (t − 1)/2. There are t − 1 controlled R2 gates, t − 2 controlled R3 gates, . . . t − (μ − 1) controlled Rμ gates and a controlled Rt gate. The random process for distributing these controlled R gates is similar to that presented in Fig. 2. When every participant’s managed controlled R gate is determined, the quantum circuit for the IQFT acting on t -qubit quantum message (shown in Fig. 1) can be completed. Step 2. These n signing group participants manage their operation gates to genert ate a group signature for the t -qubit quantum message |ψM collectively. The t qubits {|m1 , |m2 , . . . , |mk , . . . , |mt } can be operated by the parallel computation. 1. Applying an H gate to the first qubit |m1 and then it can be operated by the controlled R gates of participants {P1 , P2 , . . . , Pt−2 , Pt−1 } orderly to derive the final state |mI1QF T . 2. Applying an H gate to the second qubit |m2 and then it can be operated by the controlled R gates of participants {Pt , Pt+1 , . . . , P2t−4 , P2t−3 } orderly to derive the final state |mI2QF T . 3. Generally, applying an H gate to the k-th qubit |mk and then it can be operated by the controlled R gates of participants {P (2t−k)(k−1) +1 , P (2t−k)(k−1) +2 , . . . , P (2t−k)(k−1) +(t−k−1) , 2

2

2

Int J Theor Phys (2012) 51:1038–1049

1043

P (2t−k)(k−1) +(t−k) } orderly to obtain the final state |mIk QF T , i.e., 2

⎧ 1 t √ {[ ⎪ x=k (αx + βx )]|0k ⎪ ⎨ 2 πi I QF T = |mk + (αk − βk )[ tx=k+1 (αx + βx e 2γ )]|1k }, t ≥ k + 1; ⎪ ⎪ ⎩ √1 [(αk + βk )|0k + (αk − βk )|1k ], t = k. 2

(10)

where γ denotes random integers which depend on the random distribution process of controlled R gates and k = 1, 2, . . . , t . Thus the signed quantum message can be expressed as t |SψM = {|mI1QF T , |mI2QF T , . . . , |mIk QF T , . . . , |mIt QF T },

(11)

and it can be sent to the receive Bob. It is the (t, n)-threshold quantum group signature for the t -qubit quantum message generated by the n participants with the IQFT. 2.3 Verification Phase t and veriSome day, the signature receiver Bob restores the signed quantum message |SψM fies the legality and authenticity of the quantum group signature by making use of the inverse IQFT with the assistance of the n participants. The signing group prepares a quantum circuit t which is presented in Fig. 4 and packaged it diagram for the inverse IQFT acting on |SψM in a black box secretly. Then that packaged quantum circuit is shared by the legal receiver Bob and he utilizes it to restore the signed message and verify it. The specific algorithm is similar to that of the signature generation phase. The signed t introduced in (11) is inputted from left of the quantum circuit quantum message |SψM in Fig. 4. The k-th qubit |mIk QF T can be operated by the controlled R gates of participants {P (2t−k)(k−1) +(t−k) , P (2t−k)(k−1) +(t−k−1) , . . . , P (2t−k)(k−1) +2 , P (2t−k)(k−1) +1 } orderly and then 2 2 2 2 applying an H gate on it to derive the restored qubit |mk (k = 1, 2, . . . , t) of the t = quantum message. Thus the restored quantum message can be expressed as |ψM {|m1 , |m2 , . . . , |mk , . . . , |mt }, where |mk = αk |0k + βk |1k . Then we want to compare t t to the original quantum message |ψM to verify the legality and authenticity of the |ψM quantum group signature. A quantum comparison circuit can be derived by generalizing the qubit string comparator introduced in Ref. [28] to the situation for t qubits and that quantum comparison circuit is presented in Fig. 5. The comparison result is outputted from |O1 and t t = |ψM and the legality and au|O2 . Only if |O1 O2 = |00, we can determine that |ψM t t , that quantum group thenticity of the quantum group signature are verified. If |ψM = |ψM

Fig. 4 Quantum circuit structure for the inverse IQFT on each register of size t . It is packaged in a black box

1044

Int J Theor Phys (2012) 51:1038–1049

t to |ψ t Fig. 5 The quantum comparison circuit for comparing |ψM M

signature is invalid. It means there is some eavesdropper who has intercepted the whole or parts of the quantum message, because any measurement or operation may change the quantum states [1].

3 Security Analysis The security can be analyzed based on the von Neumann entropy firstly to demonstrate t t and the signed quantum message |SψM can resist that the original quantum message |ψM attacks themselves. Thus the von Neumann entropies of the original and the signed quantum message are calculated as follows. In (1), the von Neumann entropy of one qubit |mk can be expressed as S(ρmk ) = −tr(ρmk log2 ρmk ),

(12)

t can be derived where ρmk = αk2 |0 0| + βk2 |1 1|. Hence the von Neumann entropy of |ψM by Joint Entropy Theorem [1], i.e.,

S(ρψMt ) =

t k=1

S(ρmk ) =

t

−tr(ρmk log2 ρmk ).

(13)

k=1

According to Theorem 11.8 in Ref. [1], the entropy is at most log2 d in this d-dimensional Hilbert space, and only if the system is in the completely mixed state I /d. Similarly, the von Neumann entropy of one qubit |mIk QF T presented in (10) of the signed t can be calculated as quantum message |SψM S(ρmI QF T ) = −tr(ρmI QF T log2 ρmI QF T ), k

k

k

(14)

Int J Theor Phys (2012) 51:1038–1049

1045

where

ρmI QF T k

⎧ 1 t [ x=k (αx + βx )]2 |0 0| ⎪ ⎪ ⎨2 πi = + 12 {(αk − βk )[ tx=k+1 (αx + βx e 2γ )]}2 |1 1|, ⎪ ⎪ ⎩1 (αk + βk )2 |0 0| + 12 (αk − βk )2 |1 1|, 2

t ≥ k + 1; t = k.

t Thus the von Neumann entropy of the signed quantum message |SψM can be derived, i.e.,

S(ρSψMt ) =

t k=1

S(ρmI QF T ) = k

t k=1

−tr(ρmI QF T log2 ρmI QF T ). k

(15)

k

The von Neumann entropy introduced in (13) and (15) indicate the uncertainty degree of the original quantum message and the signed quantum message respectively, and the larger the von Neumann entropy the higher the uncertainty degree of the quantum states. When the √ parameters αk and βk (k = 1, 2, . . . , t) satisfy that ∀αk = βk = 1/ 2 (k = 1, 2, . . . , t), the maximum von Neumann entropy of the original quantum message is S(ρψMt )max = t · log2 2 = t,

(16)

and the maximum von Neumann entropy of the signed quantum message is S(ρSψMt )max = (t − 2) · 2t + 2.

(17)

If t → ∞, S(ρψMt )max → ∞ and S(ρSψMt )max → ∞, they are large enough to withstand attacks. It demonstrates that even if an attacker intercepts some qubits of the quantum message, the original state can not be achieved completely. Moreover, a comparison can be made based on the maximum von Neumann entropy between the original quantum message and the signed quantum message, which is presented in Fig. 6. We can observe that their maximum von Neumann entropies both increase with the growth of the qubit number t and the maximum von Neumann entropy of the signed quantum message S(ρSψMt )max increases more effectively than that of the original quantum message S(ρψMt )max . Then it can be indicated that the von Neumann entropy of the signed quantum message is larger than that of the original quantum message. Because the von Neumann entropy is as a measure for the uncertainty on the state of a quantum system [29], the quantum group signature makes the signed quantum message more available to withstand attacks with the higher uncertainty. Next we analyze the security of our scheme based on the signature characteristics which demand that the signature should not be forged by the attacker or disavowed by the signatary or the receiver either. 3.1 Impossibility of Forgery The forgery attack can be discussed as following two aspects: Individual forgery and n − 1 participants’ joint forgery. 3.1.1 Impossibility of Individual Forgery In the group signing phase, each qubit of the quantum message is operated by a different combination of quantum operation gates (an H gate and some controlled R gates) and these

1046

Int J Theor Phys (2012) 51:1038–1049

Fig. 6 A comparison for the maximum von Neumann entropy of the original quantum message and the signed quantum message (comparison between S(ρSψ t )max and S(ρψ t )max ) M

M

when the qubit number t changes from 2 to 5

quantum operation gates are managed by different signing participants. The quantum circuit diagram for the signing algorithm is introduced in Fig. 1, in which all the positions of controlled R gates are vacant and they can be just distributed randomly at the very beginning of the quantum group signing phase. Therefore, if there is an attacker Eve, she has to forge the quantum operation gates (introduced in (3)), the quantum circuit diagram for the signing algorithm and the gate distribution order. There are 4 elements and 16 elements in the matrix of each H gate and each controlled R gate, and the probability for Eve correctly 1 k−1 ) . forging the quantum operation gates which are acted on the k-th qubit |mk is 14 × ( 16 There are t − 1 kinds of controlled R gates and n vacant positions of n participants in Fig. 1 totally, thus the probability of Eve’s correct forgery for the gate distribution order is 1/Pnt−1 , where n = t (t − 1)/2. Even though Eve has ability to create the quantum signing circuit, the 1 k−1 1 ) × t−1 . It is almost impossible probability of Eve’s successful forgery tends to 14 × ( 16 Pn for her to forge the quantum group signature. 3.1.2 Impossibility of n − 1 participants’ joint forgery Suppose a dishonest participant Pd of the signing group aims to cooperate with other participants to make an n − 1 participants’ joint forgery with their quantum operation gates. Even if they have ability to create the quantum signing circuit, they have to conjecture the missing participant’s quantum operation gate (an H gate or a controlled R gate) and its position in the quantum signing circuit. Then the probability of their correct forgery is 1 5 ) · n1 = 32n , where n = t (t − 1)/2. Moreover, if they can determine the op( 12 × 14 + 12 × 16 eration gate is a controlled phase gate with some attack strategy and they forge it to be Rf , while the original correct controlled phase gate is R , where ⎛ 1 ⎜0 Rf = ⎜ ⎝0 0

0 1 0 0

0 0 1 0

0 0 0 e

2π i/2f

⎞ ⎟ ⎟ ⎠

and

⎛ 1 ⎜0 R = ⎜ ⎝0 0

0 1 0 0

⎞ 0 0 0 0 ⎟ ⎟. 1 0 ⎠ 0 e2π i/2

(18)

t Assume this forged phase gate is controlled by the c-th qubit |mc = αc |0c + βc |1c of |ψM t and this n − 1 participants’ joint forgery is acted on the k-th qubit |mk of |ψM . We can

Int J Theor Phys (2012) 51:1038–1049

1047

simplify the expression of the signed qubit |mIk QF T in (10), i.e., |mIk QF T = AIk QF T |0k + BkI QF T |1k ,

(19)

t √1 x=k (αx + βx ), 2 √1 (αk + βk ), 2

(20)

where

AIk QF T

and BkI QF T =

=

t ≥k+1 t =k

⎧ πi ⎨ √1 (αk − βk ) t 2γ ), x=k+1 (αx + βx e 2 ⎩ √1 (αk 2

− βk ),

t ≥k+1 t =k

(21)

according to (10). Then the forgery state of the signed qubit |mIk QF T can be indicated by performing one of t − 1 kinds of operations with equal probability, i.e., 1 f (βc e−2π i/2 · βc e2π i/2 · BkI QF T )|1k . t − 1 =2 t

F [|mIk QF T ] = AIk QF T |0k +

(22)

There are four uncertain random parameters γ , f , and c corresponding to BkI QF T , Rf , R and |mc in (22), which increases the random error probability of the forged signature. Therefore the n − 1 participants are almost impossible to forge the quantum group signature. 3.2 Impossibility of Disavowal by the Signatary or the Receiver In the proposed quantum group signature scheme, a t -qubit quantum message needs n participants’ operations and it is the (t, n)-threshold scheme, where n = t (t − 1)/2. Different participants manage varied quantum controlled phase gates and the signed quantum message introduced in (11) contains the signing information of every signatary of the n participants. Thus any participant can not disavow the signature with mutual supervision. t In the verification phase, the receiver Bob restores the signed quantum message |SψM and verify the legality and authenticity of the quantum group signature by making use of the inverse IQFT with the assistance of the n participants. The quantum circuit diagram for t which can be utilized by Bob is packaged in a black box the inverse IQFT acting on |SψM secretly. Then Bob verify the legality and authenticity of the quantum group signature with the quantum comparison circuit by himself. The verification result is outputted from the quantum comparison circuit directly, in which any body can not alter the result. Therefore, if the quantum group signature is proved to be legal and authentic by Bob, he is impossible to disavow the signature either.

4 Discussion and Conclusions It is worth mentioned that the generation and verification of the quantum group signature can be both performed in quantum circuits with the parallel algorithm according to Figs. 1 and 5, and the signing efficiency can be improved. Suppose the operation of an H gate takes the time interval TH and the operation of an R gate takes the time interval TR in Fig. 1. Then t is the time interval for processing the k-th qubit |mk of |ψM Tmk = TH + (t − k) · TR .

(23)

1048

Int J Theor Phys (2012) 51:1038–1049

The total time interval for all the operations can be expressed as follows when the traditional quantum signing algorithm (generating the signature one by one) is applied, i.e., Ttotal =

t k=1

Tmk = t · TH +

t (t − 1) · TR . 2

(24)

t can be operated simultaneously with the parallel IQFT algoWhile the t qubits of |ψM rithm in the proposed scheme, the time interval for generating the signature should be the maximum of Tmk , i.e., Ttotal = max{Tm1 , Tm2 , . . . , Tmk , . . . , Tmt } = TH + (t − 1) · TR .

(25)

It can be indicated that Ttotal

Ttotal and the signing efficiency is improved when compared with the traditional quantum signing algorithm. For instance, in Yang’s multi-proxy quantum group signature scheme with threshold shared verification [15, 16], the signature for each qubit needs t − 1 participants’ operations and the time interval for the signature generation is n(t − 1) · T for n qubits, where T is the average unit time interval for each participant.

n(t − 1) · T . Thus it is demonstrated that the parallel We can also discovery that Ttotal algorithm in IQFT can ameliorate the signing efficiency. In conclusion, we present a (t, n)-threshold scheme for the multi-party quantum group signature based on the irregular quantum Fourier transform in this paper. The irregular QFT algorithm can increase the von Neumann entropy of the signed quantum message and the randomicity of the quantum signature generation significantly. Thus the anti-attack performance of the quantum message can be improved. Moreover the generation and verification of the quantum group signature can be both implemented in quantum circuits with the parallel algorithm, which can enhance operability and efficiency of our scheme. Security analysis shows that this scheme can provide an available and legal multi-party quantum group signature with unconditional security.

Acknowledgements This work was supported by the National Natural Science Foundation of China (Grant Nos. 60902044), State Key Laboratory of Advanced Optical Communication Systems and Networks (2008SH01), the Hunan Provincial Innovation Foundation For Postgraduate (Grant Nos. CX2011B087), the State Scholarship Fund organized by the China Scholarship Council, Excellent Doctoral Dissertation Fund of Central South University (Grant Nos. 2011ybjz030) and WCU R32-2010-000-20014-0 (Fundamental Research2010-0020942NRF, Korea).

References 1. Nielsen, M., Chuang, I.: Quantum Computation and Quantum Information, pp. 171–180. Cambridge University Press, Cambridge (2000) 2. Weinstein, Y.S., Pravia, M.A., Fortunato, E.M., Lloyd, S., Cory, D.G.: Implementation of the quantum Fourier transform. Phys. Rev. Lett. 86(9), 1889–1891 (2001) 3. Zhou, N.R., Wang, L.J., Ding, J., Gong, L.H.: Quantum deterministic key distribution protocols based on the authenticated entanglement channel. Phys. Scr. 81(4), 045009 (2010) 4. Zhou, N.R., Wang, L.J., Ding, J., Gong, L.H.: Novel quantum deterministic key distribution protocols with entanglement. Int. J. Theor. Phys. 49(9), 2035–2044 (2010) 5. Gottesman, D., Chuang, I.: Quantum digital signatures. arXiv:quant-ph/0105032v2 (2001) 6. William, S.: Cryptography and Network Security: Principles and Practice, 2nd edn., pp. 67–70. PrenticeHall, New York (2003) 7. Chaum, D., Heyst, E.V.: Group signatures. In: Advances in Cryptography-EUROCRYPT’91. Lecture Notes in Computer Science, vol. 547, pp. 257–265 (1991) 8. Schneier, B.: Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd edn., pp. 79–80. Wiley, New York (1996)

Int J Theor Phys (2012) 51:1038–1049

1049

9. Zeng, G.H., Ma, W.P., Wang, X.M., Zhu, H.W.: Signature scheme based on quantum cryptography. Acta Electron. Sin. 29(8), 1–3 (2001) 10. Zeng, G.H., Keitel, C.H.: Arbitrated quantum signature scheme. Phys. Rev. A 65, 042312 (2002) 11. Curty, M., Lutkenhaus, N.: Comment on “Arbitrated quantum-signature scheme”. Phys. Rev. A 77, 046301 (2008) 12. Zeng, G.H.: Reply to “Comment on ‘Arbitrated quantum-signature scheme’ ”. Phys. Rev. A 78, 016301, (2008) 13. Zeng, G.H., Lee, M.H., Guo, Y., He, G.Q.: Continuous variable quantum signature algorithm. Int. J. Quantum Inf. 5(4), 553–573 (2007) 14. Lee, H., Hong, C.H., Kim, H.: Arbitrated quantum signature scheme with message recovery. Phys. Lett. A 32, 295–300 (2004) 15. Yang, Y.G.: Multi-proxy quantum group signature scheme with threshold shared verification. Chin. Phys. B 17(2), 415–418 (2008) 16. Yang, Y.G., Wen, Q.Y.: Quantum threshold group signature. SCICHINA 38(9), 1162–1170 (2008) 17. Li, Q., Chan, W.H., Long, D.Y.: Arbitrated quantum signature scheme using Bell states. Phys. Rev. A 79, 054307 (2009) 18. Wen, X.J., Yuan, Y., Ji, L.P., Niu, X.M.: A group signature scheme based on quantum teleportation. Phys. Scr. 81(5), 055001 (2010) 19. Wen, X.J.: An E-payment system based on quantum group signature. Phys. Scr. 82(6), 065403 (2010) 20. Xu, R., Sheng, L.S., Yang, W., He, L.B.: Quantum group blind signature scheme without entanglement, Quantum group blind signature scheme without entanglement. Opt. Commun. 1–5 (2011). doi:10.1016/j.optcom.2011.03.083 21. Hales, L., Hallgren, S.: An improved quantum Fourier transform algorithm and applications. In: 41st Annual Symposium on Foundations of Computer Science, vols. 12–14, pp. 515–525 (2000) 22. Duan, R.Y., Ji, Z.F., Feng, Y., Ying, M.S.: Quantum operation, quantum Fourier transform and semidefinite programming. Phys. Lett. A 323, 48–56 (2004) 23. Huang, D.Z., Chen, Z.G., Guo, Y.: Multiparty quantum secret sharing using quantum Fourier transform. Commun. Theor. Phys. 51(2), 221–226 (2009) 24. Shi, J.J., Shi, R.H., Tang, Y., Lee, M.H.: A multiparty quantum proxy group signature scheme for the entangled-state message with quantum Fourier transform. Quantum Inf. Process. 1–18 (2011). doi:10.1007/s11128-010-0225-7 25. Zhou, N.R., Wang, Y.X., Gong, L.H., He, H., Wu, J.H.: Novel single-channel color image encryption algorithm based on chaos and fractional Fourier transform. Opt. Commun. 284(12), 2789–2796 (2011) 26. Briegel, H.J., Raussendorf, R.: Persistent entanglement in arrays of interacting particles. Phys. Rev. Lett. 86(5), 910–913 (2001) 27. Nielsen, M.A.: Cluster-state quantum computation. Rep. Math. Phys. 57(1), 147–161 (2006) 28. Oliveira, D.S., Ramos, R.V.: Quantum bit string comparator: circuits and applications. Quantum Comput. Comput. 7(1), 17–26 (2007) 29. Renner, R.: Security of quantum key distribution. arXiv:quant-ph/0512258v2 (2006)