{"title":"sdn控制的量子集成光网络中广义量子辅助数字签名业务","authors":"Alessio Giorgetti;Nicola Andriolli;Marco Ferrari;Elisabetta Storelli;Gennaro Davide Paduanelli;Antonino Cacicia;Rudi Paolo Paganelli;Alberto Tarable;Emilio Paolini;Giada Sajeva;Marco Brunero;Alessandro Gagliano;Paolo Martelli;Pietro Noviello;Giovanni Schmid;Alberto Gatto","doi":"10.1364/JOCN.534089","DOIUrl":null,"url":null,"abstract":"Digital signature (DS) is an essential application of cryptography, used to certify the provenance of a message and its authenticity, guaranteeing the non-repudiation, unforgeability, and transferability of messages. However, the forthcoming advent of quantum computation poses a significant threat to classical signature schemes. A possible solution could be the introduction of novel DS schemes based on the fundamental laws of quantum physics. Recently, several quantum DS (QDS) protocols have been proposed, even relying on the exploitation of off-the-shelf quantum key distribution (QKD) solutions. However, their efficiency and large signature size, uncorrelated to the size of the message to sign, represent the main limitation in their employment in a practical scenario. A trade-off solution could be a quantum-assisted DS (QADS), where the QKD technology is exploited together with classical cryptographic functions to achieve a stronger DS scheme, more resistant even to quantum attacks. We propose a generalized quantum-assisted digital signature (G-QADS) protocol based on a hybrid system, composed by the standard Wegman-Carter Message Authentication Code (WG-MAC) together with symmetric QKD keys, to enhance the security of the DS, allowing messages with arbitrary lengths to be signed while maintaining a suitable DS length. In this work, the G-QADS process is proposed for a three-party configuration (one signer and two verifiers), where the third participant is involved in the procedure just in the case of contention between the other two parties. The G-QADS protocol is then experimentally tested to prove its resilience to forging and non-repudiation attacks, demonstrating its capability in securing the message signature (with a success probability of the attacks \n<tex>${ \\lt }10^{- 18}$</tex>\n). The performance is experimentally tested exploiting QKD prototypes based on standard BB84 protocol with decoy states and polarization encoding, in a software-defined network (SDN) infrastructure supervised by a single SDN controller, which provides the management of both classical and quantum communication channels. The proposed solution could push the practical exploitation of QKD into a new application domain, leading to a more pervasive integration of quantum technology in realistic scenarios.","PeriodicalId":50103,"journal":{"name":"Journal of Optical Communications and Networking","volume":"17 2","pages":"A155-A164"},"PeriodicalIF":4.0000,"publicationDate":"2025-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Generalized quantum-assisted digital signature service in an SDN-controlled quantum-integrated optical network\",\"authors\":\"Alessio Giorgetti;Nicola Andriolli;Marco Ferrari;Elisabetta Storelli;Gennaro Davide Paduanelli;Antonino Cacicia;Rudi Paolo Paganelli;Alberto Tarable;Emilio Paolini;Giada Sajeva;Marco Brunero;Alessandro Gagliano;Paolo Martelli;Pietro Noviello;Giovanni Schmid;Alberto Gatto\",\"doi\":\"10.1364/JOCN.534089\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Digital signature (DS) is an essential application of cryptography, used to certify the provenance of a message and its authenticity, guaranteeing the non-repudiation, unforgeability, and transferability of messages. However, the forthcoming advent of quantum computation poses a significant threat to classical signature schemes. A possible solution could be the introduction of novel DS schemes based on the fundamental laws of quantum physics. Recently, several quantum DS (QDS) protocols have been proposed, even relying on the exploitation of off-the-shelf quantum key distribution (QKD) solutions. However, their efficiency and large signature size, uncorrelated to the size of the message to sign, represent the main limitation in their employment in a practical scenario. A trade-off solution could be a quantum-assisted DS (QADS), where the QKD technology is exploited together with classical cryptographic functions to achieve a stronger DS scheme, more resistant even to quantum attacks. We propose a generalized quantum-assisted digital signature (G-QADS) protocol based on a hybrid system, composed by the standard Wegman-Carter Message Authentication Code (WG-MAC) together with symmetric QKD keys, to enhance the security of the DS, allowing messages with arbitrary lengths to be signed while maintaining a suitable DS length. In this work, the G-QADS process is proposed for a three-party configuration (one signer and two verifiers), where the third participant is involved in the procedure just in the case of contention between the other two parties. The G-QADS protocol is then experimentally tested to prove its resilience to forging and non-repudiation attacks, demonstrating its capability in securing the message signature (with a success probability of the attacks \\n<tex>${ \\\\lt }10^{- 18}$</tex>\\n). The performance is experimentally tested exploiting QKD prototypes based on standard BB84 protocol with decoy states and polarization encoding, in a software-defined network (SDN) infrastructure supervised by a single SDN controller, which provides the management of both classical and quantum communication channels. The proposed solution could push the practical exploitation of QKD into a new application domain, leading to a more pervasive integration of quantum technology in realistic scenarios.\",\"PeriodicalId\":50103,\"journal\":{\"name\":\"Journal of Optical Communications and Networking\",\"volume\":\"17 2\",\"pages\":\"A155-A164\"},\"PeriodicalIF\":4.0000,\"publicationDate\":\"2025-01-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Optical Communications and Networking\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10834438/\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Optical Communications and Networking","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10834438/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
Generalized quantum-assisted digital signature service in an SDN-controlled quantum-integrated optical network
Digital signature (DS) is an essential application of cryptography, used to certify the provenance of a message and its authenticity, guaranteeing the non-repudiation, unforgeability, and transferability of messages. However, the forthcoming advent of quantum computation poses a significant threat to classical signature schemes. A possible solution could be the introduction of novel DS schemes based on the fundamental laws of quantum physics. Recently, several quantum DS (QDS) protocols have been proposed, even relying on the exploitation of off-the-shelf quantum key distribution (QKD) solutions. However, their efficiency and large signature size, uncorrelated to the size of the message to sign, represent the main limitation in their employment in a practical scenario. A trade-off solution could be a quantum-assisted DS (QADS), where the QKD technology is exploited together with classical cryptographic functions to achieve a stronger DS scheme, more resistant even to quantum attacks. We propose a generalized quantum-assisted digital signature (G-QADS) protocol based on a hybrid system, composed by the standard Wegman-Carter Message Authentication Code (WG-MAC) together with symmetric QKD keys, to enhance the security of the DS, allowing messages with arbitrary lengths to be signed while maintaining a suitable DS length. In this work, the G-QADS process is proposed for a three-party configuration (one signer and two verifiers), where the third participant is involved in the procedure just in the case of contention between the other two parties. The G-QADS protocol is then experimentally tested to prove its resilience to forging and non-repudiation attacks, demonstrating its capability in securing the message signature (with a success probability of the attacks
${ \lt }10^{- 18}$
). The performance is experimentally tested exploiting QKD prototypes based on standard BB84 protocol with decoy states and polarization encoding, in a software-defined network (SDN) infrastructure supervised by a single SDN controller, which provides the management of both classical and quantum communication channels. The proposed solution could push the practical exploitation of QKD into a new application domain, leading to a more pervasive integration of quantum technology in realistic scenarios.
期刊介绍:
The scope of the Journal includes advances in the state-of-the-art of optical networking science, technology, and engineering. Both theoretical contributions (including new techniques, concepts, analyses, and economic studies) and practical contributions (including optical networking experiments, prototypes, and new applications) are encouraged. Subareas of interest include the architecture and design of optical networks, optical network survivability and security, software-defined optical networking, elastic optical networks, data and control plane advances, network management related innovation, and optical access networks. Enabling technologies and their applications are suitable topics only if the results are shown to directly impact optical networking beyond simple point-to-point networks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
