Papers
Topics
Authors
Recent
Search
2000 character limit reached

Quantum Public-Key One-Time Signatures

Updated 18 June 2026
  • Quantum public-key one-time signatures are cryptographic schemes that use quantum properties such as unclonability to ensure unforgeability after one message is signed.
  • They are constructed via diverse models including quantum state-based keys, classical shadows, and hybrid approaches that rely on quantum hardness assumptions and information-theoretic guarantees.
  • Despite their strong security against quantum adversaries, these schemes face challenges in key reuse, scalable public key distribution, and practical implementation on quantum channels.

Quantum public-key one-time signatures (QPK-OTS) are cryptographic primitives that enable a sender to produce a single digital signature on a message, verifiable by anyone holding a public key, where the key, algorithm, or underlying security leverages quantum information or quantum computational hardness. In a QPK-OTS scheme, the signature remains unforgeable—even against quantum polynomial-time adversaries—after one invocation, but becomes insecure if reused. These schemes exploit quantum properties such as state unclonability, quantum hardness assumptions (e.g., learning random circuits from measurement data), or unconditionally secure constructions rooted in quantum information theory, fundamentally diverging from classical one-way-function-based approaches.

1. Models and Definitions

A quantum public-key one-time signature scheme typically consists of algorithms (KeyGen,Sign,Verify)(\mathrm{KeyGen}, \mathrm{Sign}, \mathrm{Verify})—classical, quantum, or hybrid in nature. The public key may be a quantum state, as in original proposals (Amiri et al., 2015, Skoric, 2020, Morimae et al., 2021), or classical data inferred from quantum measurement, as in more recent "classical shadow" constructions (Niroula et al., 4 Feb 2026). The scheme must satisfy correctness (honest signatures are always accepted) and existential unforgeability under one chosen-message attack (EU-CMA-1): given the public key and a signature on a message, no polynomial-time adversary can forge a valid signature on any new message with more than negligible probability.

Quantum public-key one-time signatures can be instantiated in several concrete models:

A unifying principle is that security relies fundamentally on quantum properties—either quantum information-theoretic limits (Holevo bound, no-cloning theorems) or computational hardness presumed to hold even for quantum adversaries.

2. Core Constructions

Several paradigms realize QPK-OTS, reflecting diverse security foundations and trade-offs.

2.1 Quantum States as Public Keys

The original approach, due to Gottesman and Chuang, constructs the public key from non-orthogonal quantum states encoding secret strings via a "quantum one-way hash" (Amiri et al., 2015). To sign a bit, the signer reveals the preimage(s); verification entails a SWAP test between the public quantum state and the candidate state determined by the preimage, allowing information-theoretic security due to the Holevo bound. Extensions to nonbinary alphabets and resource optimization are discussed in (Skoric, 2020). A generalization considers pseudorandom quantum states as public keys, yielding computational security under the assumption that pseudorandom quantum state ensembles cannot be efficiently inverted or distinguished from Haar random states (Morimae et al., 2021).

2.2 Classical Shadows as Public Keys

The scheme of (Niroula et al., 4 Feb 2026) introduces signatures using classical data ("classical shadows") produced from quantum measurement of random circuit states. The secret key is a description of a random quantum circuit CC, while the public key is a collection of sample outcomes from measurements in random bases of C∣0n⟩C|0^n\rangle. Signing is realized by publishing CC together with the message, with verification conducted via overlap tests (state certification) between the purported circuit and the classical shadow data. Security relies on the computational no-learning from shadows (CNL-S) conjecture: reconstructing or even closely approximating CC given its classical shadows is intractable for quantum or classical polynomial-time algorithms.

2.3 Efficient One-Shot Quantum Signatures

Recent schemes (Huang et al., 13 Oct 2025) achieve optimal qubit and signature length—O(λ2)O(\lambda^2) for security parameter λ\lambda—via BB84-style preparation with strong incompressibility guarantees, employing random oracles (in the ROM) or leveraging post-quantum indistinguishability obfuscation and LWE hardness in the standard model. The signature consists of syndrome measurements determined by a hash of the message and the public key. Unlike prior art (e.g., Shmueli–Zhandry 2025), this achieves both perfect correctness and robustness against quantum attempts to compress or duplicate the signing state.

2.4 Quantum Message Signing

Quantum one-time signature theory generalizes to quantum messages, using mechanisms such as time-dependent public keys, time-lock puzzles, or dynamic verification key announcements, supporting signatures on (possibly entangled) quantum states (Barhoush et al., 2023). Here, unforgeability requires adversaries cannot generate a previously unseen signed quantum message with high fidelity, even after access to one signing oracle query.

2.5 Public-Key Quantum Signatures from Complexity Assumptions

Approaches in (Liu et al., 20 Jun 2025) provide security reductions to QMA-complete problems, such as the Consistency of Local Density Matrices. Alice's public key encodes local marginals of a hidden highly entangled quantum state; signing is accomplished by releasing appropriately transformed fragments, and signature verification reduces to checking consistency with the announced marginals. Unforgeability is implied by the presumed hardness of constructing global quantum states from locally consistent marginals.

3. Security Assumptions and Proof Techniques

The unforgeability of QPK-OTS is achieved under several disparate but quantum-native hardness assumptions:

  • Information-theoretic: No adversary can learn the secret from the public key due to limitations such as the Holevo bound, no-cloning, and min-entropy barriers (original and fingerprinting-state-based schemes (Amiri et al., 2015, Skoric, 2020)).
  • Pseudorandom quantum state (PRQS) indistinguishability: If computationally indistinguishable from Haar-random states, PRQS can serve as public keys, while one-wayness of quantum state generators (OWSG) suffices to preclude forging (Morimae et al., 2021).
  • Computational learning hardness: CNL-S posits that learning or inverting a random quantum circuit based on its classical shadow is infeasible, even for quantum attackers (Niroula et al., 4 Feb 2026).
  • Reductions to QMA-complete problems: Forgery reduces to solving the Consistency of Local Density Matrices (CLDM), which is QMA-complete (Liu et al., 20 Jun 2025).
  • Combinatorial and coding-theoretic: In public-key quantum signature schemes based on syndrome decoding, security reduces to the intractability of large-weight syndrome decoding, leveraging code-based post-quantum assumptions (Baldi et al., 2022).

Proofs commonly exhibit reductions from the security experiment (one-time existential unforgeability) to either a quantum information-theoretic principle or a stated hardness assumption. Information leakage is controlled by limiting queries or by hard-wiring key consumption (one-time use).

4. Efficiency, Practicality, and Experimental Status

Quantum public-key one-time signatures exhibit diverse efficiency and implementation profiles, influenced by the model of public key distribution (quantum or classical), sample complexity, and circuit depth. For example:

  • The original Gottesman–Chuang scheme and its descendants require the distribution of many quantum states per signature bit, imposing significant overhead for multi-recipient or forwarding settings (Amiri et al., 2015).
  • Fingerprinting-state and nonbinary alphabet approaches improve key size per signed bit and admit tunable trade-offs (Skoric, 2020).
  • The classical-shadow approach of (Niroula et al., 4 Feb 2026) dispenses with quantum communication as a verification requirement, enabling purely classical public keys. Experimental demonstrations have realized signatures for 32-qubit circuits on trapped-ion hardware, with measured honest fidelity 0.90±0.010.90\pm0.01 and threshold passing for adversarial security bounds.
  • The efficient one-shot signature of (Huang et al., 13 Oct 2025) achieves O(λ2)O(\lambda^2) space and time complexity, representing a theoretically optimal construction for large messages.
  • For code-based and post-quantum settings, key and signature sizes can be considerable (public keys of several MB, signatures of tens of kB for 128-bit security), but verification and signing are classically efficient (Baldi et al., 2022).

Practical deployment of truly quantum schemes necessitates robust quantum memory, transmission, and decoy verification mechanisms, posing challenges for widespread usage.

5. Extensions, Limitations, and Open Problems

Key constraints of QPK-OTS schemes include:

  • One-time use: All constructions fundamentally require fresh keying per signature (or message slot) to prevent key leakage and multiplicity-based attacks. Extending to many-time signatures incurs exponential resource overhead or requires new compiler techniques (e.g., hash-tree or one-way puzzle-based transformations) (Niroula et al., 4 Feb 2026).
  • Public key distribution: Quantum public key distributions mandate authenticated quantum channels, complicating trust infrastructure. Classical shadow- and hybrid-key schemes can mitigate this by reducing public keys to classical data (Niroula et al., 4 Feb 2026).
  • Scalability and overhead: Current schemes—especially those with quantum public keys—can impose significant resource costs for large-scale or multi-verifier settings. This motivates the investigation of lower-overhead protocols, high-rate coding, or leveraging quantum state compressibility bounds.
  • Hardness evidence: While information-theoretic schemes achieve unconditional security (within physical assumptions), computational models rely on conjectures (PRQS, CNL-S, QMA-completeness) whose practical intractability continues to be explored both empirically and theoretically.

Open questions include transitioning to reusable or many-time signatures, achieving public-key quantum signatures in standard models without quantum memory requirements, and basing security on well-accepted quantum complexity-theoretic separations.

6. Connections and Comparisons to Classical and Post-Quantum OTS

Quantum public-key one-time signatures differ fundamentally from classical Lamport-style OTS in both assumptions and operational modality. Classical OTS rely on collision-resistant one-way functions and produce classical public keys and signatures, while QPK-OTS replace these with quantum-invertible or unclonable state constructions (or classical data tied to quantum hardness). While classical schemes permit arbitrarily many public key copies, the quantum setting limits either the number of successful public key distributions (due to the no-cloning theorem) or achieves computational security solely on the basis of quantum hardness (or quantum information limits) rather than classical cryptographic assumptions.

In the context of post-quantum cryptography, QPK-OTS provide signatures whose security does not reduce to (classically) hard problems such as lattice-based or code-based hardness, but rather to quantum information-theoretic or uniquely quantum computational assumptions (Niroula et al., 4 Feb 2026, Morimae et al., 2021). As such, these methods open pathways for cryptographic resilience independent of classical one-way function existence, as well as practical implementations with minimal quantum resource requirements.


For a detailed technical exposition, see "Digital signatures with classical shadows on near-term quantum computers" (Niroula et al., 4 Feb 2026), "Quantum commitments and signatures without one-way functions" (Morimae et al., 2021), "A Simple and Efficient One-Shot Signature Scheme" (Huang et al., 13 Oct 2025), and the original Gottesman–Chuang construction as discussed in (Amiri et al., 2015).

Topic to Video (Beta)

No one has generated a video about this topic yet.

Whiteboard

No one has generated a whiteboard explanation for this topic yet.

Follow Topic

Get notified by email when new papers are published related to Quantum Public-Key One-Time Signatures.