Cite this Article
Niu Xu-Feng, Zhang Jian-Zhong, Xie Shu-Cui, Chen Bu-Qing. A Practical E-Payment Protocol Based on Quantum Multi-Proxy Blind Signature. Communications in Theoretical Physics, 2018, 70(5): 529  
Permissions
A Practical E-Payment Protocol Based on Quantum Multi-Proxy Blind Signature
Niu Xu-Feng1, Zhang Jian-Zhong1, †, Xie Shu-Cui2, Chen Bu-Qing3
College of Mathematics and Information Science, Shaanxi Normal University, Xi’an 710119, China
School of Science, Xi’an University of Posts and Telecommunications, Xi’an 710121, China
Teaching and Research Section of Political, PLA Information Engineering University, Luoyang 471003, China

 

† Corresponding author. E-mail: 1416655910@qq.com

Supported by the National Natural Science Foundation of China under Grant Nos. 61402275, 61402015, 61273311, the Natural Sci- ence Foundation of Shaanxi Province under Grant Nos. 2015JM6263, 2016JM6069 and the Fundamental Research Funds for the Central Universities under Grant No. GK201402004

Abstract
Abstract

A practical E-payment protocol is presented in this paper. It is based on quantum multi-proxy blind signature. Adopting the techniques of quantum key distribution, one-time pad and quantum multi-proxy blind signature, our E-payment system could protect user’s anonymity as the traditional E-payment systems do, and also have unconditional security, which the classical E-payment systems can not provide. Furthermore, compared with the existing quantum E-payment systems, this practical system could not only support mobile E-payment transactions but also inter-bank transactions.

Keyword:mobile E-payment;inter-bank transaction;quantum multi-proxy blind signature;unconditional security
1 Introduction

Today, E-commerce is favored by the majority of individuals for its convenience and speediness with technological advancements. Hence, it is particularly important to choose an appropriate model of payment. In 1983, Chaum proposed the first concept of E-cash.[1] Subsequently, E-cash system has attracted much attention and researchers proposed a number of E-cash payment schemes.[26] However, the security of the most existing E-cash payment schemes depends on some computational problems, which may be not difficult to solve with quantum algorithms.[78] The application of quantum signature in E-payment has attracted much attention because that the security of quantum cryptography relies on the principles of quantum mechanics.

In 2010, Wen and Nie proposed an E-payment system based on quantum blind and group signature, employing two TTPs (Third Trusted Party) to enhance the system’s robustness.[9] In succession, Wen et al. proposed an inter-bank E-payment protocol based on quantum proxy blind signature.[10] However, Cai et al.[11] showed that the dishonest merchant can succeed to change the purchase information of the customer in this protocol. In 2017, Shao et al.[12] proposed an E-payment protocol based on quantum multi-proxy blind signature. However, these protocols can not be applied to the business transactions, which use mobile E-payment. In real life, there are many business transactions need mobile E-payment, such as pos terminals. And an E-payment system supports secure mobile transactions is desired from the view of practical application.

In this paper, we proposed a new E-payment protocol to solve the problem and not only support secure mobile business transactions but also secure business transactions between two different banks. In our system, quantum multi-proxy blind signature is adopted to implement mobile payment and inter-bank payment. To the best of our knowledge, this is the first time to proposed a mobile quantum E-payment scheme, which not only supports mobile payment and inter-bank payment but also enhances the transaction credibility and the success of business rate. The property of multi-proxy blind signature could protect the anonymity of E-payment system, while the quantum signature could guarantee unconditionally security. Our scheme only needs Bell state measurement, which can be easily implemented under the current experimental conditions.

2 Preliminary Theory

In this section, we introduce the basic theories of the quantum multi-proxy blind signature.

2.1 Multi-Proxy Blind Signature

Proxy signature allows a designated person, called proxy signer, to sign on behalf of an original signer.[13] As for blind signature,[14] the message owner could get the authentic signature for his own message, but not reveal the specific content of the message. In some cases, such as an inter-bank trading system, both the property of proxy and blind signature are required for application and security concern, so multi-proxy blind signature was proposed.

2.2 Controlled Quantum Teleportation

Our quantum multi-proxy blind signature is based on controlled teleportation, which takes a genuinely entangled six qubits as its quantum channel. It is given by

As shown in Fig. 1, this controlled quantum teleportation involves the following three partners: a sender Alice, a controller Charlie, and a receiver Bob. Alice holds particle 1, Charlie and Bob own particles (2,3) and particles (4,5,6), respectively.

Fig. 1 The model of quantum teleportation. (BM represents Bell state measurement).

Suppose that the quantum state of particle M carrying message in Alice is

where the coefficients α and β are unknown and satisfy |α|2 + |β|2 = 1.

The system quantum state composed of particle M and particles (1,2,3,4,5,6) are given by

The details of the controlled teleportation are as follows.

(i) Alice performs Bell state measurement on particles M and 1. The measurement will collapse the state of |ψ〉M123456 into one of the following states

Then Alice sends her measurement result to Charlie and Bob.

(ii) If Charlie agrees Alice and Bob to complete their teleportation, he performs Bell state measurement on particles (2,3).

Suppose that Alice’s measurement outcome is , and Charlie’s measurement result is , , , and , the whole state of particles (4,5,6) will be projected into the following states, respectively.

Then Charlie sends his measurement result to Bob.

(iii) Bob performs Bell-state measurement on particles (5,6). Suppose that Alice’s measurement outcome is and Charlie’s measurement result is , and Bob’s measurement result is , , , and , particle 4 will be projected into the following states, respectively.

According to Alice’s, Charlie’s measurement outcomes, Bob performs an appropriate unitary operator on particle 4 to rebuild the original state |ψ〉M. For example, when particle 4 is in the state of Eq. (6), the unitary operators are −σx, −y, I, z.

3 The Practical Quantum E-payment System

To clarify our mobile quantum E-payment system, five characters are defined as follows:

(i) Alice: the customer.

(ii) Bob1: the bank where Alice opens her account.

(iii) Uj: one number of the mobile terminals (j = 1,2,. . .,t).

(iv) Charlie: the merchant.

(v) Bob2: the bank where Charlie opens his account.

As shown in Fig. 2, at the beginning of this transaction, the customer Alice informs Uj about her purchase. Then Uj applies to the bank Bob1 for deducting the corresponding amount of money from Alice’s account. Bob1 transfers the money to the bank Bob2 and delegates Bob2 sign to merchant Charlie, such that Charlie should receive the proper money in his account. After verifying, Charlie gives the corresponding goods to Alice.

Fig. 2 Framework of the mobile E-payment system.

The detailed procedure of our scheme can be described as follows.

3.1 Initial Phase
Fig. 3 Schematic of transmission on the i-th particles.
3.2 Blind the Message M2 Phase
Table 1

The measuring and encoding rules for quantum states.

.
3.3 Authorizing and Signing Phase
3.4 Verifying Phase
4 Security Analysis and Discussion

In this section, we will prove that this scheme satisfies the properties of blindness, unforgeability, undeniability, and unconditionally security.

4.1 Message’s Blindness

In the whole transaction, the message M2 has been transformed into , where . If Uj attempts to get the message M′2, the only way is to perform measurements. However, he can not acquire M′2 and M2 because that he has no idea of Alice’s measurement basis of particle Ai. Therefore, each proxy signers can not know the content of the message M2 when he signs it. In addition, the bank Bob1 and Bob2 are kept blind from the message M2. That is, our scheme has the property of blindness.

4.2 Impossibility of Forgery

In our scheme, the bank Bob1 and Bob2 are trusty. In the following, we prove that it is impossible for anyone to forge signature. Suppose that Eve wants to forge Uj’s signature, he has to get the key KB1Uj. However, KB1Uj is distributed via QKD protocols, which have been proved unconditionally security. That is, Eve’s forgery can be avoided. Similarly, the original bank Bob1’s proxy certificate and Bob2’s signature can not be forged either.

4.3 Impossibility of Denial

In the following, we will show that our scheme is secure against the denial of both customer Alice and merchant Charlie. First of all, Alice has to encrypt her partial message M1 with the key KAUj and send it to Uj, Uj could gain M1 to identify Alice in case of disputes. Thus, Alice can not deny her purchase message M1. In addition, according to Subsec. 3.4, Charlie has to decrypt M by using his key KAC to rebuild the original M2. Thus, Charlie can not deny the receipt of the payment message.

4.4 Unconditional Security

Our protocol’s unconditional security is ensured from the following aspects. First, we use the unconditionally secure QKD protocols for quantum key distribution. Second, we employ one-time pad to encrypt. Third, we arrange eavesdropping checks to achieve the secure quantum channel.

5 Conclusion

In this paper, we propose a practical E-payment protocol based on quantum multi-proxy blind signature. Compared with the previous works,[912] our scheme has some advantages. Firstly, our scheme could not only implement mobile E-payment but also realize the inter-bank payment. Secondly, our protocol has arranged eavesdropping checks to ensure a stronger security. Thirdly, our scheme only relies on Bell state measurement which is easy to implement with current technologies and experimental conditions. However, the received state’s fidelity may reduce because of the experimental environment,[1920] with the development of the quantum information technique, our protocol can be applied successfully.

Reference
[1] Chaum D. Lect. Notes. Comput. Sc. 15 1983 199
[2] Chaum D. Heyst E. Lect. Notes. Comput. Sc. 547 1991 257
[3] Maitland G. Boyd C. Lect. Notes. Comput. Sc. 2229 2001 461
[4] Canard S. Traor J. Lect. Notes. Comput. Sc. 2727 2003 237
[5] Traor J. ACISP99, Lect. Notes. Comput. Sc. 1587 1999 228
[6] Qiu W. Chen K. Gu D. ISC 2002, Lect. Notes. Comput. Sc. 2433 2002 177
[7] Shor P. W. SIAM J. Comput. 26 1997 1484
[8] Grover L. K. arXiv:quant-ph/9605043
[9] Wen X. J. Nie Z. Phys. Scripa. 82 2010 5468
[10] Wen X. J. Chen Y. Z. Fang J. B. Quantum Inf. Process. 12 2013 549
[11] Cai X. Q. Wei C. Y. Quantum Inf. Process. 12 2013 1651
[12] Shao A. X. Zhang J. Z. Xie S. C. Int. J. Theor. Phys. 56 2017 1241
[13] Xu G. B. Int. J. Theor. Phys. 54 2015 2605
[14] Guo W. Zhang J. Z. Li Y. P. An W. Int. J. Theor. Phys. 55 2016 3524
[15] Shor P. W. Preskill J. Phys. Rev. Lett. 85 2000 441
[16] Mayers D. Assoc J. J. Acm. 48 2001 351
[17] Lo H. K. J. Phys. A-Math. Gen. 34 2012 6957
[18] Inamon H. Lutkenhaus N. Mayers D. Eur. Phys. J. D 41 2007 599
[19] Paraoanu G. S. Scutaru H. Phys. Rev. A 61 1999 180
[20] Weinstein Y. S. Phys. Rev. A 79 2009 1744