Digital Signature Based on Quantum Key Exchange Algorithm

Digital signatures are growing in importance as a legal standing with traditional handwritten signatures, most secure web transactions today are already dependent on digital signatures, which are included as part of the digital certificates a server presents to a client identify. The digital certificates bind a key exchange algorithm with an identity and enable a receiver to verify the sender's digital signature, or as case when setting up a secure connection with a web server, enable a client to encrypt information. This paper, describes the quantum computing with the representation of quantum bit, then this paper explain the proposal algorithm which is serve digital signature under unsecure communication channel by applying the quantum key exchange algorithm which is more complex in degree of computational complexity in data security of client than the classical key exchange algorithm


INTRODUCTION
ublic key cryptography has evolved from a mathematical curiosity to an indispensable part of our information technology infrastructure. It has been used to verify the authenticity of software and legal records, to protect financial transactions, and to protect the transactions of millions of Internet users on a daily basis. Through most of its history, including present day, public key cryptography has been dominated by two major families of cryptographic primitives: primitives whose security is believed to be contingent on the difficulty of the integer factorization problem, such as RSA and Rabin-Williams, and primitives whose security is believed to be contingent on the difficulty of the discrete logarithm problem, such as the Diffie-Hellman key exchange, and the Digital Signature Algorithm (DSA). While both the integer factorization problem and the general discrete logarithm problem are believed to be hard in classical computation models, it has been shown that neither problem is hard in the quantum computation model. It has been suggested by Feynman and demonstrated by Deutsch and Jozsa that certain computations can be physically realized by quantum mechanical systems with an exponentially lower time complexity than would be required in the classical model of computation. A scalable system capable of reliably performing the extra quantum operations necessary for these computations is known as a quantum computer. [1] A Quantum Computer is a computer that harnesses the power of atoms and molecules to perform memory and processing tasks. It has the potential to perform certain calculations billions of times faster than any silicon-based computer.
The classical desktop computer works by manipulating bits, digits that are binary, which can either represent a zero or a one. Everything from numbers and letters to the status of your modem or mouse are all represented by a collection of bits in combinations of ones and zeros. These bits correspond very nicely with the way classical physics represents the world. Electrical switches can be on or off, objects are in one place or they're not, etc. Quantum computers aren't limited by the binary nature of the classical physical world, however they depend on observing the state of quantum bits or qubits that might represent a one or a zero, might represent a combination of the two or might represent a number expressing that the state of the qubit is somewhere between 1 and 0. [2] Signatures are commonly used to authenticate documents. When you sign a physical document, you are authenticating its contents. Similarly, digital signatures are used to authenticate the contents of electronic documents. They can be used with PDF, e-mail messages, and word processing documents. To digitally sign a document, you must have a digital ID. This unique identifier can obtained from various certification authorities on the Web, such as VeriSign and Echo Sign. Once you have a digital ID, you can add register it with programs that support digital. The digital signature is simply a small block of data that is attached to documents you sign. It is generated from your digital ID, which includes both a private and public key. The private key is used to apply the signature to the document, while the public key is sent with the file. The public key contains encrypted code, also called a "hash," that verifies your identity. Digital signatures can be used to certify or approve documents. Certifying signatures verify the document's creator and show that the document has not been altered since it was signed. Therefore, only the original creator of a document can add a certifying signature. Approval signatures can be added by anyone with a digital ID and are used to approve documents, track changes, and accept terms stated with a document. [3] Public key cryptography (PKC) signatures have a greater degree of verifiability than signature dynamics signatures. PKC allows for a third party verification of the signature, while signature dynamics signatures require additional steps (including handwriting analysis) to verify the signer of a document. PKC signatures are designed to be immediately verifiable. Signatures using signature dynamics technology are designed to allow future verification of the signature (similar to a non-notarized, paper-based signature).
Public key cryptography (PKC) signatures are affixed to documents using software enhancements to existing applications and web browsers. Signature dynamics signatures require additional hardware to create the signatures. Signature dynamics signatures are easier for the average user to understand, but they do not provide the level of security that is inherent in PKC signatures, which are immediately verifiable with a third-party issued certificate. [4] Digital Signature [5] A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file, etc.) is authentic. Authentic means: know who created the document and know that it has not been altered in any way since that person created it. Digital signatures rely on certain types of encryption to ensure authentication. Encryption is the process of taking all the data that one computer is sending to another and encoding it into a form that only the other computer will be able to decode. Authentication is the process of verifying that information is coming from a trusted source. These two processes work hand in hand for digital signatures.
There are several ways to authenticate a person or information on a computer: • Password -The use of a user name and password provide the most common form of authentication. Enter the username and password when prompted by the computer. It checks the pair against a secure file to confirm. If either the name or passwords do not match, then you are not allowed further access.
• Checksum -Probably one of the oldest methods of ensuring that data is correct, checksums also provide a form of authentication since an invalid checksum suggests that the data has been compromised in some fashion. A checksum is determined in one of two ways. Let's say the checksum of a packet is 1 byte long, which means it can have a maximum value of 255. If the sum of the other bytes in the packet is 255 or less, then the checksum contains that exact value. However, if the sum of the other bytes is more than 255, then the checksum is the remainder of the total value after it has been divided by 256. For example: sum the number of bits for each byte as see in  • Private Key Encryption -Private Key means that each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer. Private Key requires that know which computers will talk to each other and install the key on each one. Private key encryption is essentially the same as a secret code that the two computers must each know in order to decode the information. The code would provide the key to decoding the message. Think of it like this.
• Public Key Encryption -Public key encryption uses a combination of a private key and a public key. The private key is known only to your computer while the public key is given by your computer to any computer that wants to communicate securely with it. To decode an encrypted message, a computer must use the public key provided by the originating computer and it's own private key. The key is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. The important thing about a hash value is that it is nearly impossible to derive the original input number without knowing the data used to create the hash value.
Classical Key Exchange Cryptosystem [6] In asymmetric or two-key cryptosystems the enciphering and deciphering keys differ in such a way that at least one key is computationally infeasible to determine from the other. Thus one of the transformations (Encryption operation by using Key (E k )) or (Decryption operation by using Key (D k )) can be revealed without endangering the other.
Secrecy and authenticity are provided by protecting the separate transformations, D k for secrecy and E k for authenticity. This principle can be applied to databases, where some users have read-writer authority to the database, while other users have read authority only. Users with read-write authority are given both D k and E k , so they can decipher data stored in the data base or encipher new data to update the database. If E k cannot be determined from D k users with read-only authority can be given D k so they can decipher the data but cannot update it. Thus D k is like a read-key, while E k is like a write-key (more precisely the deciphering key describing D k is the readkey and the enciphering key describing E k the write-key).
In a public-key system each user A has a public enciphering transformation E A which may be registered with a public directory, and a private deciphering transformation D A , which is known only to that user. The private transformation D A is described by a private key, and the public transformation D A is described by a private key, and the public transformation E A by a public key derived from the private key by a one-way transformation. It must be computationally infeasible to determine D A from E A (or even to find a transformation equivalent to D A ).
In a public-key system secrecy and authenticity are provided by the separate transformations. Suppose user A wishes to send a message M to another user B.

Quantum Computer
A quantum computer is a computation device that makes direct use of quantum mechanical phenomena, as superposition and entanglement, to perform operations on data. Quantum computers are different from digital computers based on transistors. Whereas digital computers require data to be encoded into binary digits (bits), quantum computation uses quantum properties to represent data and perform operations on these data. A theoretical model is the quantum Turing machine, also known as the universal quantum computer. Quantum computers share theoretical similarities with non-deterministic and probabilistic computers, like the ability to be in more than one state simultaneously. The field of quantum computing was first introduced by Richard Feynman in 1982. A quantum computer with spins as quantum bits was also formulated for use as a quantum space-time in 1969.
In the classical model of a computer, the most fundamental building block -the bit, can only exist in one of two distinct states, a '0' or a '1'. In a quantum computer the rules are changed. Not only can a qubit, exist in the classical '0' and '1' states, but it can also be in a superposition of both! In this coherent state, the bit exists as a '0' and a '1' in a particular manner. Let's consider a register of three classical bits: it would be possible to use this register to represent any one of the numbers from 0 to 7 at any one time. If we then consider a register of three qubits, we can see that if each bit is in the superposition or coherent state, the register can represent all the numbers from 0 to 7 simultaneously.
A processor that can use registers of qubits will in effect be able to perform calculations using all the possible values of the input registers simultaneously. This phenomenon is called quantum parallelism, and is the motivating force behind the research being carried out in quantum computing. [7,8] Although quantum computing is still in its infancy, experiments have been carried out in which quantum computational operations were executed on a very small number of qubits (quantum bits). Both practical and theoretical research continues, and many national government and military funding agencies support quantum computing research to develop quantum computers for both civilian and national security purposes, such as cryptanalysis. [9] Quantum Bits (Qubits) [10] An implementation of qubits for a quantum computer could start with the use of particles with two spin states: "down" and "up" (typically written |1> and |0>). But in fact any system possessing an observable quantity A which is conserved under time evolution and such that has at least two discrete and sufficiently spaced consecutive eigenvalues, is a suitable candidate for implementing a qubit. This is true because any such system can be mapped onto an effective spin-1/2 system.
Consider first a classical computer that operates on a three-bit register. The state of the computer at any time is a probability distribution over the 2 3 = 8 different threebit strings 000, 001, 010, 011, 100, 101, 110, 111. If it is a deterministic computer, then it is in exactly one of these states with probability 1. However, if it is a probabilistic computer, then there is a possibility of it being in any one of a number of different states. We can describe this probabilistic state by eight nonnegative numbers A,B,C,D,E,F,G,H (where A = probability computer is in state 000, B = probability computer is in state 001, etc.). There is a restriction that these probabilities sum to 1.
The state of a three-qubit quantum computer is similarly described by an eightdimensional vector (a, b, c, d, e, f, g, h), called a ket. However, instead of adding to one, the sum of the squares of the coefficient magnitudes, |a| 2 + |b| 2 + … + |h| 2 , must equal one. Moreover, the coefficients can have complex values. Since the absolute square of these complex-valued coefficients denote probability amplitudes of given states, the phase between any two coefficients (states) represents a meaningful parameter, which presents a fundamental difference between quantum computing and probabilistic classical computing.
If you measure the three qubits, can observe a three-bit string. The probability of measuring a given string is the squared magnitude of that string's coefficient (i.e., the probability of measuring 000 =|a| 2 , the probability of measuring 001 =|b| 2 , etc..). Thus, measuring a quantum state described by complex coefficients (a, b,... h) gives the classical probability distribution ( |a| 2 ,|b| 2 , …, |h| 2 ) and we say that the quantum state "collapses" to a classical state as a result of making the measurement.
Note that an eight-dimensional vector can be specified in many different ways depending on what basis is chosen for the space. The basis of bit strings (e.g., 000, 001, ..., 111) is known as the computational basis. Other possible bases are unitlength, orthogonal vectors and the eigenvectors of the Pauli-x operator. Ket notation is often used to make the choice of basis explicit. For example, the state (a, b, c, d, e, f, g, h) in the computational basis can be written as: a|000> + b|001> + c|010> + d|011> + e|100> + f|101> + g|110> + h|111> The Qubit Measurement Complexity [11] The computational basis for a single qubit (two dimensions) is |0> = (1, 0) and |1> = (0, 1). Can prepare to look more closely at the measurement complexity principle. Consider the quantum state: If the measure this qubit in the standard basis, the outcome would be 0 with probability 1/2 and 1 with probability 1/2. This measurement tells us only about the norms of the state amplitudes. To see if can gather any phase information; let us consider a measurement in a basis other than the standard basis, namely:

Quantum Key Exchange Cryptography
The principle of quantum cryptography consists in the use of non-orthogonal quantum states. Its security is guaranteed by the Heisenberg uncertainty principle, which does not allow us to discriminate non-orthogonal states with certainty and without disturbing the measured system. It should be noted that quantum mechanics does not avert eavesdropping; it only enables us to detect the presence of an eavesdropper. Since only the cryptographic key is transmitted, no information leak can take place when someone attempts to listen in. When discrepancies are found, the key is simply discarded and the users repeat the procedure to generate a new key. [12] Public key cryptographic mechanisms are used to provide the authentic channel needed for quantum key exchange. The key exchange sub-system, and hence the overall communications system, will be no more secure than the public key authentication mechanism on which it is based. Moreover, any system using quantum key exchange requires a quantum channel (e.g., an optical fiber) between the communicating parties.
Naturally, such a system would not resist active attacks subsequent to private key compromise. The quantum state of a string of qubits (quantum bits) is used as a key. Storage, distribution and manipulation of these quantum keys, however, require quantum information processing capabilities beyond the reach of current technology.
This system is merely a method for exchanging keys; no messages are involved. The both side in the first publicly choose a finite field |F q >. Then they publicly choose an element |g> ∈ |F q > to serve as their "base element" (|g> is preferably, but not necessarily the generator of the group of elements on |F q >). It is a generator of the key. To generate a key, one side chooses a random integer |a> of order of magnitude |q> and keeps it secret, then computes |g a > mod |q> ∈ |F q >, and makes that public.
Another side chooses his own secret random integer b and makes public |g b > mod |q> ∈ |F q >. The secret key is then g ab mod q ∈ F q >. Both them can compute this key. For example, one knows |g b >, (public knowledge) and another own secret |a>. and use it for further secure communication. On the other hand, only knows |g>,, |g a > and |g b >, (finding |a> knowing |g> and |g b >), there is no way for him to compute |g ab > only knowing |g a > and |g b >. [10] The Proposed Algorithm This section present the proposed algorithm to describe digital signature based on quantum key exchange that contain six steps of this algorithm.

Initial Public Elements
Step1.1: Sender (X) and Receiver (Y) publicly choose a prime number |q> from finite field |F q >. Step1.2: They publicly choose a random element |a> ∈ |F q > such that |a> generates a large subgroup of |F q >, where |a> is less than |q>.

Sender (X) Key generation
Step2.1: Sender (X) chooses a secret random integer x and Convert the x chosen number into quantum representation: x =  x 1 , x 2 , . . . . . . , x n 〉 where |x> is less than |q>