Comment on "Security analysis and improvements of arbitrated quantum signature schemes"

Abstract

Recently, Zou et al. [Phys. Rev. A 82, 042325 (2010)] demonstrated that two arbitrated quantum signature (AQS) schemes are not secure, because an arbitrator cannot arbitrate the dispute between two users when a receiver repudiates the integrity of a signature. By using a public board, Zou et al. proposed two AQS schemes to solve the problem. This work shows that the same security problem may exist in Zou et al.'s schemes. Moreover, a malicious verifier, Bob, can actively negate a signed order if he wants to. This attack, a special case of denial-of-service (DoS) attack mentioned in [Phys. Rev. Lett. 91, 109801 (2003)], is important in quantum cryptography. Bob may get some benefits with this DoS attack, since he can actively deny Alice's signed order without being detected. This work also shows that a malicious signer can reveal the verifier's secret key without being detected by using Trojan-horse attacks.