1. Introduction

With advances in quantum information science, various quantum techniques have been applied in quantum cryptography, such as entanglement swapping [1], quantum teleportation [2,3,4], and quantum remote control [5,6,7,8,9,10]. Quantum cryptography techniques can be used in various network communication environments, among which quantum signature is an important topic. In 2001, Gottesman and Chuang [11] proposed the first quantum signature concept. In 2002, Zeng and Keitel [12] proposed the first arbitrated quantum signature protocol based on the Green–Horne–Zeilinger (GHZ) state. Since then, various quantum signature protocols have been proposed, for example, arbitrated quantum signature [13,14,15,16,17,18,19,20], quantum blind signature [21,22,23,24,25,26], quantum proxy signature [27,28], and quantum group signature [29]. Inspired by the above quantum signature schemes [11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29], Zhao et al. [30] proposed a signature scheme based on the concept of “bi-signature.” In Zhao et al.’s quantum bi-signature protocol, two participants sign their signatures on the same message.

The aforementioned quantum signature schemes [11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30] all require the assumption that all participants in the protocol are quantum-capable, i.e., they must have devices such as photonic generators, quantum memory, and photonic measurement devices. In the absence of these devices, quantum signature protocols [11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30] cannot be executed. However, quantum devices are not widely available, and not all participants have access to such devices. In 2007, Boyer et al. [31] introduced the concept of a semi-quantum environment. In 2009, the same authors [32] proposed two types of semi-quantum key distribution protocols. Since then, various semi-quantum cryptographic protocols and applications have flourished. For example, various applications of the semi-quantum key distribution (SQKD) protocol have been reported. Some studies [33,34,35,36] have implemented SQKD protocols using single photons. Zhu et al. [37] design a SQKD protocol involving GHZ states. Considering the multiparticipant scenario, researchers have [38,39,40] proposed mediated SQKD protocols. Some studies [41] also discuss the implementation of SQKD protocols by excluding the measurement capabilities of classical participants. On the other hand, several studies [42,43,44,45] have investigated the implementation of authenticated SQKD protocols. Unlike SQKD protocols, another application environment is one in which the boss has quantum capabilities, and the agent has only classical capabilities. The boss divides the secret key into several parts and gives them to the agents for custody. The agents must work together to obtain the boss’s secret key. Current semi-quantum secret-sharing protocols are available in single photons [46,47,48,49], entangled states [50,51,52,53], GHZ states [54,55,56,57], W states [58], and cluster states [59]. In 2014, Zou and Qiu [60] proposed a three-step semi-quantum secure direct communication (SQSDC) protocol allowing a classical participant who does not have a quantum register to securely send a secret message to a quantum participant. Since then, many SQSDC protocols with an entanglement state [61,62,63,64,65,66,67,68] and without entanglement [69] have been proposed. Private comparison is primitive for many cryptographic tasks, and recently, several schemes for semi-quantum private comparison with single photons [70,71,72,73], Bell states [74,75,76,77], GHZ-like states [78,79,80], and W states [81] have been proposed.

In 2019, Zhao et al. [82] proposed a semi-quantum bi-signature (SQBS) scheme based on W-like states [83,84,85] and a quantum teleportation technique [86]. In the SQBS protocol, two participants are quantum-capable signers, and one is conventionally capable verifier. The main technique is to transmit the secret message of the signature to another signer through W-state teleportation technology. Then, the two signers transmit the signature messages to the verifier via their pre-shared keys. Finally, the verifier confirms that the two received signatures are identical, and the signature is completed.

Although Zhao et al. [82] proposed an SQBS protocol and proved the security of their protocol, in this study we highlight three security problems with the proposed SQBS protocol [82].

• In the final step of the verification phase, the verifier (Charlie) performs an XOR operation with the pre-shared keys of two signers (Alice and Bob). If the verification passes, it means that the signature message is the same. Therefore, Bob can infer Alice’s pre-shared key and forge Alice’s signature later.

• In the final step of the signature phase, the signer (Alice) transmits the signature message and the W-state measurement results to the verifier (Charlie) through the public classical channel. The public classical channel can be eavesdropped on and tampered with. Therefore, Bob can use the received secret message, Alice’s signature message, and measurement results to infer Alice’s pre-shared key, which can then be used to forge Alice’s signature.

• The signer (Alice) transmits the secret message to another signer (Bob) through W-state teleportation technology; however, Alice and Bob do not perform any eavesdropping checks during the teleportation stage. Therefore, the eavesdropper (Eve) will be able to capture the secret message through a man-in-the-middle attack.

The rest of this paper is organized as follows. In Section 2, we review Zhao et al.’s SQBS protocol. In Section 3, we discuss three security issues associated with the protocol. Finally, in Section 4 we present our conclusions and discussion.

2. Review of Zhao et al.’s SQBS Protocol

In Zhao et al.’s SQBS protocol [82], there are three participants: Alice and Bob (signers with quantum capabilities) and Charlie (a verifier with only classical capabilities); the classical capabilities of Charlie limit him to the use of the Z basis $\left\{\left|0\right.⟩,\left|1\right.⟩\right\}$ to measure and generate single photons and to directly return the received quantum state. The eavesdropper, Eve, can perform any attack without violating the definition of quantum mechanics. Zhao et al.’s SQBS protocol is divided into three phases: the initial phase, the signature phase, and the verification phase. An overview of Zhao et al.’s SQBS protocol is shown in Figure 1. The detailed steps of Zhao et al.’s SQBS protocol are described as follows.

2.1. Initial Phase

In the initial phase, the pre-shared keys, $K_{AC}$ and $K_{BC}$, are allocated, and the W-like state is prepared to provide the execution requirements in the subsequent signature phase and verification phase.

•  Step 1. 

  Alice prepares the secret message, $M_A=\left\{m_1,m_2,\dots ,m_n\right\}$, where $m_i=\left\{0,1\right\}$. The agreed encoding rule is as follows: if the classical bit is “0”, then $\left|0⟩\right.$ is generated; if the classical bit is “1”, then $\left|1⟩\right.$ is generated.

•  Step 2. 

  Bob and Alice prepare n sets of W-like states, ${\left|W⟩\right.}_{123}=\frac{1}{2}{\left(\left|100\right.⟩+\left|010\right.⟩+\sqrt{2}\left|001\right.⟩\right)}_{123}$ and ${\left|W⟩\right.}_{456}=\frac{1}{2}{\left(\left|100\right.⟩+\left|010\right.⟩+\sqrt{2}\left|001\right.⟩\right)}_{456}$.

•  Step 3. 

  Through Krawec’s semi-quantum key distribution protocol [36], Alice and Charlie can share a private key, $K_{AC}$; Bob and Charlie can share a private key, $K_{BC}$.

2.2. Signature Phase

This phase focuses on Alice and Bob generating their respective signatures and sending them to Charlie. In addition, Alice sends the secret message, $M_A=\left\{m_1,m_2,\dots ,m_n\right\}$, to Bob through the quantum teleportation of the W-like state.

•  Step 1. 

  Alice sends ${\left|W⟩\right.}_5$ and ${\left|W⟩\right.}_6$ of ${\left|W⟩\right.}_{456}=\frac{1}{2}{\left(\left|100\right.⟩+\left|010\right.⟩+\sqrt{2}\left|001\right.⟩\right)}_{456}$ to Bob and Charlie, respectively, keeping ${\left|W⟩\right.}_4$ for herself. Then, Bob sends ${\left|W⟩\right.}_{12}$ of ${\left|W⟩\right.}_{123}=\frac{1}{2}{\left(\left|100\right.⟩+\left|010\right.⟩+\sqrt{2}\left|001\right.⟩\right)}_{123}$ to Alice and keeps ${\left|W⟩\right.}_3$ for himself.

•  Step 2. 

  Alice, Bob, and Charlie perform Z-basis measurements on their respective ${\left|W⟩\right.}_4$, ${\left|W⟩\right.}_5$, and ${\left|W⟩\right.}_6$ and obtain the measurement results for A, B, and C.

•  Step 3. 

  Based on Alice’s secret message ($M_A$) and the measurement result (A) of ${\left|W⟩\right.}_4$, Alice’s signature message (${S^{\prime }}_A$) can be obtained through the coding rule listed in Table 1. Then, the signature message (${S^{\prime }}_A$) and the pre-shared key ($K_{AC}$) perform the exclusive or (XOR) operation to obtain Alice’s signature, $S_A={S^{\prime }}_A⨁K_{AC}$. Finally, Alice sends the signature ($S_A$) and the measurement result (A) to Charlie through the public classical channel.

•  Step 4. 

  Alice generates the secret message ($M_A$) as a single photon $\left|M_A\right.⟩$ according to the coding rules (i.e., if the classical bit is “0”, then generate $\left|0⟩\right.$; if the classical bit is “1”, then $\left|1⟩\right.$ is generated). Next, Alice measures $\left|M_A\right.⟩$ with ${\left|W⟩\right.}_{12}$ in the W-basis $\left\{{\left|\kappa \right.}^{\pm }⟩=\frac{1}{2}\left(\left|010⟩\right.+\left|001⟩\right.\pm \sqrt{2}\left|100⟩\right.\right),{\left|\gamma \right.}^{\pm }⟩=\frac{1}{2}\left(\left|110⟩\right.+\left|101⟩\right.\pm \sqrt{2}\left|000⟩\right.\right)\right\}$ and announces the measurement result to Bob. Based on the measurement result, Bob can perform the corresponding operation $\left\{{\sigma }_1=\left[\begin{array}{cc}1& 0\\ 0& 1\end{array}\right],{\sigma }_2=\left[\begin{array}{cc}0& 1\\ 1& 0\end{array}\right],{\sigma }_3=\left[\begin{array}{cc}0& -1\\ 1& 0\end{array}\right],{\sigma }_4=\left[\begin{array}{cc}1& 0\\ 0& -1\end{array}\right]\right\}$ in ${\left|W⟩\right.}_3$ to obtain $\left|M_B\right.⟩$. Finally, Bob measures $\left|M_B\right.⟩$ in Z basis to obtain Alice’s secret message ($M_B$).

•  Step 5. 

  Based on the received secret message ($M_B$) and the measurement result (B) of ${\left|W⟩\right.}_5$, Bob can obtain the signature message (${S^{\prime }}_B$) via the coding rule listed in Table 1. Then, the signature message (${S^{\prime }}_B$) and the pre-shared key ($K_{BC}$) can be used to perform the XOR operation to obtain Bob’s signature, $S_B={S^{\prime }}_B⨁K_{BC}$. Finally, Bob sends the signature ($S_B$) and the measurement result (B) to Charlie through the public classical channel.

2.3. Verification Phase

This stage involves Charlie verifying whether Alice’s and Bob’s signatures are correct; the verification steps are as follows.

•  Step 1. 

  Charlie first checks that Alice’s, Bob’s, and his own measurement results (A, B, and C) are consistent with the W-like state, ${\left|W⟩\right.}_{456}=\frac{1}{2}{\left(\left|100\right.⟩+\left|010\right.⟩+\sqrt{2}\left|001\right.⟩\right)}_{456}$. If the measurement result does not match, the SQBS protocol is canceled; otherwise, Charlie continues with the next step.

•  Step 2. 

  Charlie can deduce Alice’s and Bob’s signature messages through $K_{AC}$ and $K_{BC}$ as ${S^{\prime }}_A=S_A⨁K_{AC}$ and ${S^{\prime }}_B=S_B⨁K_{BC}$, respectively.

•  Step 3. 

  Charlie can deduce Alice’s secret message ($M_A$) by ${S^{\prime }}_A$ and A through the coding rules listed in Table 1. Similarly, Charlie can deduce Bob’s secret message ($M_B$) by ${S^{\prime }}_B$ and B.

•  Step 4. 

  Charlie compares $M_A$ and $M_B$; if $M_A=M_B$, then Charlie accepts Alice’s and Bob’s signature; otherwise, Charlie rejects this signature. Finally, Charlie sends $M_A⨁K_{AC}$ and $M_B⨁K_{BC}$ to Alice and Bob, respectively.

3. Security Issues of Zhao et al.’s SQBS Protocol

In this study, we identified three security problems in Zhao et al.’s SQBS protocol: an impersonation attack in the verification phase, an impersonation attack in the signature phase, and a man-in-the-middle attack. The mechanisms of these three attack patterns are explained below.

3.1. Impersonation Attack in the Verification Phase

Consider Bob as the insider attacker. If Bob wants to impersonate Alice’s identity, he must obtain Alice’s private key with Charlie, $K_{AC}$. The following illustrates how Bob attacks.

In Step 4 of the verification phase, if Charlie accepts Alice’s and Bob’s signatures, then Charlie sends $M_A⨁K_{AC}$ and $M_B⨁K_{BC}$ to Alice and Bob, respectively. In this step, Bob intercepts the result of copying $M_A⨁K_{AC}$. Furthermore, if the signature is passed, it means that Bob’s message ($M_B$) is the same as $M_A$. Therefore, Bob can deduce that $M_A⨁K_{AC}=M_B⨁K_{AC}$ and learn the value of $K_{AC}$. In this way, Bob can impersonate Alice’s identity and communicate with Charlie through $K_{AC}$.

3.2. Impersonation Attack in the Signature Phase

Similarly, considering Bob as the insider attacker, if Bob wants to impersonate Alice’s identity, he must obtain Alice’s private key, $K_{AC}$. The following describes Bob’s attack strategy.

In Step 3 of the signature phase, Alice sends her signature ($S_A$) and the measurement result (A) to Charlie through the public classical channel. Hence, Bob can intercept and learn Alice’s signature ($S_A$) and the measurement result (A). In Step 4 of the signature phase, Bob can obtain Alice’s message ($M_B$) through the quantum teleportation of the W-like state. In this way, Bob has both $M_B$ and A and can deduce Alice’s ${S^{\prime }}_A$ in Table 1. Then, through ${S^{\prime }}_A$ and $S_A$, Bob can deduce Alice’s private key, $K_{AC}={S^{\prime }}_A⨁S_A$. Finally, Bob can impersonate Alice’s identity through $K_{AC}$ to communicate with Charlie.

3.3. Man-in-the-Middle Attack

In the quantum signature protocol, the signer’s message cannot be known by anyone other than the signer. Therefore, Alice’s secret message ($M_A$) cannot be eavesdropped on. Once the signer’s secret message is leaked, the protocol is declared a failure. In Zhao’s SQBS protocol, the signers (Alice and Bob) protect Alice’s secret messages ($M_A$) through the quantum teleportation of the W-like state. However, in this study, we revealed that the eavesdropper, Eve, can perform a man-in-the-middle attack to obtain Alice’s secret message ($M_A$) without being detected. Because Alice and Bob do not have any protection or checking mechanism when executing quantum teleportation, Eve can capture the secret message ($M_A$). An overview of the man-in-the-middle attack on Zhao’s SQBS protocol is shown in Figure 2. The attack strategy is described as follows.

•  Step A1. 

  In Step 1 of the signature phase, Bob sends the state ${\left|W⟩\right.}_{12}$ of ${\left|W⟩\right.}_{123}=\frac{1}{2}{\left(\left|100\right.⟩+\left|010\right.⟩+\sqrt{2}\left|001\right.⟩\right)}_{123}$ to Alice. At this point, Eve intercepts ${\left|W⟩\right.}_{12}$ and generates another set of W-like states, ${\left|W⟩\right.}_{123}^E=\frac{1}{2}{\left(\left|100\right.⟩+\left|010\right.⟩+\sqrt{2}\left|001\right.⟩\right)}_{123}^E$, and sends ${\left|W⟩\right.}_{12}^E$ to Alice.

•  Step A2. 

  In Step 4 of the signature phase, Alice measures $\left|M_A\right.⟩$ and ${\left|W⟩\right.}_{12}^E$ in the W-basis $\left\{{\left|\kappa \right.}^{\pm }⟩=\frac{1}{2}\left(\left|010⟩\right.+\left|001⟩\right.\pm \sqrt{2}\left|100⟩\right.\right),{\left|\gamma \right.}^{\pm }⟩=\frac{1}{2}\left(\left|110⟩\right.+\left|101⟩\right.\pm \sqrt{2}\left|000⟩\right.\right)\right\}$ and informs Bob of the measurement result. In this step, Eve intercepts Alice’s measurement result ($M{R}_A$); then, based on the measurement result ($M{R}_A$), Eve can perform the corresponding operation $\left\{{\sigma }_1,{\sigma }_2,{\sigma }_3,{\sigma }_4\right\}$ in ${\left|W⟩\right.}_3^E$ to obtain $\left|M_A\right.⟩$. Thus, Eve can measure $\left|M_A\right.⟩$ in the Z basis to obtain Alice’s secret message ($M_A$).

•  Step A3. 

  After Eve obtains $M_A$, Eve generates $\left|M_A\right.⟩$ and measures it with the intercepted ${\left|W⟩\right.}_{12}$ in the W-basis $\left\{{\left|\kappa \right.}^{\pm }⟩,{\left|\gamma \right.}^{\pm }⟩\right\}$. Then, Eve informs Bob of the measurement result ($M{R}_A^E$). Based on the measurement result ($M{R}_A^E$), Bob can perform the corresponding operation $\left\{{\sigma }_1,{\sigma }_2,{\sigma }_3,{\sigma }_4\right\}$ in ${\left|W⟩\right.}_3$ to obtain $\left|M_A\right.⟩$. Finally, $\left|M_A\right.⟩$ is measured through the Z-basis to obtain Alice’s secret message ($M_A$).

Because Eve’s attack does not destroy the secret message ($M_A$), Charlie’s inspection of Alice’s and Bob’s signatures will pass smoothly in the final verification stage. Therefore, Eve successfully executes the man-in-the-middle attack to capture Alice’s secret message ($M_A$) and is not discovered.

4. Conclusions

In this study, we highlight three security issues with Zhao et al.’s SQBS protocol: an impersonation attack in the verification phase, an impersonation attack in the signature phase, and a man-in-the-middle attack. In the impersonation attack, the insider attacker can capture the private key and impersonates the signer’s identity to communicate with the verifier. In the man-in-the-middle attack, the eavesdropper can obtain all the signer’s secret messages. All of the above three attacks can pass the eavesdropping check. Without considering these security issues, the SQBS protocol could fail to ensure the security of the signature. A possible solution is to add an eavesdropping check, for example, using decoy photons as an eavesdropping check. However, this requires an authenticated channel between the verifier and each signer and is therefore not very elegant. Improved solutions for this new issue in the SQBS protocol need to be designed in future research.

Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Enlarge this image.

Figure 1. Zhao et al.’s SQBS protocol.

Enlarge this image.

Figure 2. The process of the man-in-the-middle attack on Zhao’s SQBS protocol.

References

1. Xie, C.; Liu, Y.-M.; Chen, J.; Yin, X.; Zhang, Z.-J. Quantum entanglement swapping of two arbitrary biqubit pure states. Sci. China Phys.; 2016; 59, pp. 1-9. [DOI: https://dx.doi.org/10.1007/s11433-016-0189-1]

2. Yuan, H.; Zhang, Z. Optimizing the scheme of bidirectional controlled quantum teleportation with a genuine five-qubit entangled state. Mod. Phys. Lett. A; 2020; 35, 2050301. [DOI: https://dx.doi.org/10.1142/S0217732320503010]

3. Zhang, W.; Li, B.; Zhang, Z. Cyclic deterministic bidirectional quantum controlled teleportation with maximally seven-qubit entangled state. Laser Phys. Lett.; 2020; 17, 125202. [DOI: https://dx.doi.org/10.1088/1612-202X/abc071]

4. Zhang, Z.; Xie, C.; Ye, B. Teleportation with Mixing State from Two Bell States Due to Qubit Confusion. Int. J. Theor. Phys.; 2020; 59, pp. 3249-3255. [DOI: https://dx.doi.org/10.1007/s10773-020-04578-y]

5. Zhang, Z.; Xing, H.; Ye, B.; Xie, C. Four-party quantum operation sharing with composite quantum channel in Bell and Yeo–Chua product state. Mod. Phys. Lett. B; 2020; 35, 2150024. [DOI: https://dx.doi.org/10.1142/S021798492150024X]

6. Zhang, Z.; Zhang, W.; Ye, B. Tripartite Quantum Operation Sharing with Six-Qubit Entangled State. Int. J. Theor. Phys.; 2020; 59, pp. 1605-1611. [DOI: https://dx.doi.org/10.1007/s10773-020-04428-x]

7. Zhang, Z. Tripartite quantum operation sharing with six-qubit highly entangled state. Mod. Phys. Lett. A; 2021; 36, 2150034. [DOI: https://dx.doi.org/10.1142/S0217732321500346]

8. Zhang, Z.; Yuan, H. Deterministic tripartite sharing of an arbitrary single-qubit operation with the five-qubit cluster state in a given entanglement structure. Quantum Inf. Process.; 2021; 20, 3. [DOI: https://dx.doi.org/10.1007/s11128-020-02893-1]

9. Zhang, Z.; Zhang, L.; Zhuge, B.; Ye, B. Four-party deterministic quantum operation sharing with a generalized seven-qubit Brown state. Laser Phys. Lett.; 2021; 18, 55202. [DOI: https://dx.doi.org/10.1088/1612-202X/abf0aa]

10. Zhang, Z.; Zhang, L.; Zhuge, B.; Yuan, H.; Ye, B. Tripartite Quantum Operation Sharing with a Six-Qubit Absolutely Maximally Entangled State. Int. J. Theor. Phys.; 2021; 60, pp. 2520-2530. [DOI: https://dx.doi.org/10.1007/s10773-020-04652-5]

11. Gottesman, D.; Chuang, I. Quantum digital signatures. arXiv; 2001; arXiv: quant-ph/0105032

12. Zeng, G.; Keitel, C.H. Arbitrated quantum-signature scheme. Phys. Rev. A; 2002; 65, 42312. [DOI: https://dx.doi.org/10.1103/PhysRevA.65.042312]

13. Lee, H.; Hong, C.; Kim, H.; Lim, J.; Yang, H.J. Arbitrated quantum signature scheme with message recovery. Phys. Lett. A; 2004; 321, pp. 295-300. [DOI: https://dx.doi.org/10.1016/j.physleta.2003.12.036]

14. Li, Q.; Chan, W.H.; Long, D.Y. Arbitrated quantum signature scheme using Bell states. Phys. Rev. A; 2009; 79, 54307. [DOI: https://dx.doi.org/10.1103/PhysRevA.79.054307]

15. Dunjko, V.; Wallden, P.; Andersson, E. Quantum digital signatures without quantum memory. Phys. Rev. Lett.; 2014; 112, 40502. [DOI: https://dx.doi.org/10.1103/PhysRevLett.112.040502] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/24580426]

16. Luo, Y.P.; Hwang, T. Arbitrated quantum signature of classical messages without using authenticated classical channels. Quantum Inf. Process.; 2014; 13, pp. 113-120. [DOI: https://dx.doi.org/10.1007/s11128-013-0634-5]

17. Yang, Y.G.; Lei, H.; Liu, Z.C.; Zhou, Y.H.; Shi, W.M. Arbitrated quantum signature scheme based on cluster states. Quantum Inf. Process.; 2016; 15, pp. 2487-2497. [DOI: https://dx.doi.org/10.1007/s11128-016-1293-0]

18. Chen, F.L.; Liu, W.F.; Chen, S.G.; Wang, Z.H. Public-key quantum digital signature scheme with one-time pad private-key. Quantum Inf. Process.; 2017; 17, 10. [DOI: https://dx.doi.org/10.1007/s11128-017-1778-5]

19. Zhang, L.; Sun, H.W.; Zhang, K.J.; Jia, H.Y. An improved arbitrated quantum signature protocol based on the key-controlled chained CNOT encryption. Quantum Inf. Process.; 2017; 16, 70. [DOI: https://dx.doi.org/10.1007/s11128-017-1531-0]

20. Xin, X.; Wang, Z.; He, Q.; Yang, Q.; Li, F. New public-key quantum signature scheme with quantum one-way function. Int. J. Theor. Phys.; 2019; 58, pp. 3282-3294. [DOI: https://dx.doi.org/10.1007/s10773-019-04203-7]

21. Wen, X.; Niu, X.; Ji, L.; Tian, Y. A weak blind signature scheme based on quantum cryptography. Opt. Commun.; 2009; 282, pp. 666-669. [DOI: https://dx.doi.org/10.1016/j.optcom.2008.10.025]

22. Su, Q.; Zheng, H.; Qiaoyan, W.; Wenmin, L. Quantum blind signature based on two-state vector formalism. Opt. Commun.; 2010; 283, pp. 4408-4410.

23. Yang, C.W.; Hwang, T.; Luo, Y.P. Enhancement on “Quantum Blind Signature Based on Two-State Vector Formalism”. Quantum Inf. Process.; 2013; 12, pp. 109-117. [DOI: https://dx.doi.org/10.1007/s11128-012-0362-2]

24. Li, W.; Shi, J.; Shi, R.; Guo, Y. Blind quantum signature with controlled four-particle cluster States. Int. J. Theor. Phys.; 2017; 56, pp. 2579-2587. [DOI: https://dx.doi.org/10.1007/s10773-017-3413-8]

25. Luo, Y.P.; Tsai, S.L.; Hwang, T.; Kao, S.H. On “A new quantum blind signature with unlinkability”. Quantum Inf. Process.; 2017; 16, 87. [DOI: https://dx.doi.org/10.1007/s11128-017-1536-8]

26. Guo, X.; Zhang, J.Z.; Xie, S.C. A trusted third-party e-payment protocol based on quantum blind signature without entanglement. Int. J. Theor. Phys.; 2018; 57, pp. 2657-2664. [DOI: https://dx.doi.org/10.1007/s10773-018-3787-2]

27. Wang, T.Y.; Wei, Z.L. One-time proxy signature based on quantum cryptography. Quantum Inf. Process.; 2012; 11, pp. 455-463. [DOI: https://dx.doi.org/10.1007/s11128-011-0258-6]

28. Yang, C.W.; Luo, Y.P.; Hwang, T. Forgery attack on one-time proxy signature and the improvement. Quantum Inf. Process.; 2014; 13, pp. 2007-2016. [DOI: https://dx.doi.org/10.1007/s11128-014-0795-x]

29. Guo, R.; Cheng, X. Cryptanalysis and improvement of a (t, n) threshold group signature scheme. Quantum Inf. Process.; 2022; 21, 37. [DOI: https://dx.doi.org/10.1007/s11128-021-03390-9]

30. Zhao, X.Q.; Wang, Y.Q.; Gong, L.H.; Zeng, Q.W. New bi-signature scheme based on GHZ states and W states. Int. J. Theor. Phys.; 2019; 58, pp. 1555-1567. [DOI: https://dx.doi.org/10.1007/s10773-019-04044-4]

31. Boyer, M.; Kenigsberg, D.; Mor, T. Quantum key distribution with classical bob. Phys. Rev. Lett.; 2007; 99, 140501. [DOI: https://dx.doi.org/10.1103/PhysRevLett.99.140501] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/17930654]

32. Boyer, M.; Gelles, R.; Kenigsberg, D.; Mor, T. Semiquantum key distribution. Phys. Rev. A; 2009; 79, 32341. [DOI: https://dx.doi.org/10.1103/PhysRevA.79.032341]

33. Zou, X.; Qiu, D.; Li, L.; Wu, L.; Li, L. Semiquantum-key distribution using less than four quantum states. Phys. Rev. A; 2009; 79, 52312. [DOI: https://dx.doi.org/10.1103/PhysRevA.79.052312]

34. Krawec, W.O. Restricted attacks on semi-quantum key distribution protocols. Quantum Inf. Process.; 2014; 13, pp. 2417-2436. [DOI: https://dx.doi.org/10.1007/s11128-014-0802-2]

35. Krawec, W.O. Security of a semi-quantum protocol where reflections contribute to the secret key. Quantum Inf. Process.; 2016; 15, pp. 2067-2090. [DOI: https://dx.doi.org/10.1007/s11128-016-1266-3]

36. Wang, M.M.; Gong, L.M.; Shao, L.H. Efficient semiquantum key distribution without entanglement. Quantum Inf. Process.; 2019; 18, 260. [DOI: https://dx.doi.org/10.1007/s11128-019-2378-3]

37. Zhu, K.N.; Zhou, N.R.; Wang, Y.Q.; Wen, X.J. Semi-quantum key distribution protocols with GHZ states. Int. J. Theor. Phys.; 2018; 57, pp. 3621-3631. [DOI: https://dx.doi.org/10.1007/s10773-018-3875-3]

38. Krawec, W.O. Mediated semiquantum key distribution. Phys. Rev. A; 2015; 91, 32323. [DOI: https://dx.doi.org/10.1103/PhysRevA.91.032323]

39. Tsai, C.W.; Yang, C.W.; Lee, N.Y. Lightweight mediated semi-quantum key distribution protocol. Mod. Phys. Lett. A; 2019; 34, 1950281. [DOI: https://dx.doi.org/10.1142/S021773231950281X]

40. Tsai, C.W.; Yang, C.W. Lightweight mediated semi-quantum key distribution protocol with a dishonest third party based on Bell states. Sci. Rep.; 2021; 11, 23222. [DOI: https://dx.doi.org/10.1038/s41598-021-02614-3]

41. Zou, X.; Qiu, D.; Zhang, S.; Mateus, P. Semiquantum key distribution without invoking the classical party’s measurement capability. Quantum Inf. Process.; 2015; 14, pp. 2981-2996. [DOI: https://dx.doi.org/10.1007/s11128-015-1015-z]

42. Yu, K.F.; Yang, C.W.; Liao, C.H.; Hwang, T. Authenticated semi-quantum key distribution protocol using Bell states. Quantum Inf. Process.; 2014; 13, pp. 1457-1465. [DOI: https://dx.doi.org/10.1007/s11128-014-0740-z]

43. Tsai, C.W.; Yang, C.W. Lightweight authenticated semi-quantum key distribution protocol without trojan horse attack. Laser Phys. Lett.; 2020; 17, 75202. [DOI: https://dx.doi.org/10.1088/1612-202X/ab9444]

44. Wang, H.W.; Tsai, C.W.; Lin, J.; Huang, Y.Y.; Yang, C.W. Efficient and secure measure-resend authenticated semi-quantum key distribution protocol against reflecting attack. Mathematics; 2022; 10, 1241. [DOI: https://dx.doi.org/10.3390/math10081241]

45. Wang, H.W.; Tsai, C.W.; Lin, J.; Yang, C.W. Authenticated semi-quantum key distribution protocol based on W states. Sensors; 2022; 22, 4998. [DOI: https://dx.doi.org/10.3390/s22134998]

46. Gheorghiu, V. Generalized semiquantum secret-sharing schemes. Phys. Rev. A; 2012; 85, 052309. [DOI: https://dx.doi.org/10.1103/PhysRevA.85.052309]

47. Yang, C.W.; Hwang, T. Efficient key construction on semi-quantum secret sharing protocols. Int. J. Quantum Inf.; 2013; 11, 1350052. [DOI: https://dx.doi.org/10.1142/S0219749913500524]

48. Li, Z.; Li, Q.; Liu, C.; Peng, Y.; Chan, W.H.; Li, L. Limited resource semiquantum secret sharing. Quantum Inf. Process.; 2018; 17, 285. [DOI: https://dx.doi.org/10.1007/s11128-018-2058-8]

49. Tsai, C.W.; Chang, Y.C.; Lai, Y.H.; Yang, C.W. Cryptanalysis of limited resource semi-quantum secret sharing. Quantum Inf. Process.; 2020; 19, 224. [DOI: https://dx.doi.org/10.1007/s11128-020-02690-w]

50. Li, Q.; Chan, W.H.; Long, D.Y. Semiquantum secret sharing using entangled states. Phys. Rev. A; 2010; 82, 22303. [DOI: https://dx.doi.org/10.1103/PhysRevA.82.022303]

51. Lin, J.; Yang, C.W.; Tsai, C.W.; Hwang, T. Intercept-resend attacks on semiquantum secret sharing and the improvements. Int. J. Theor. Phys.; 2013; 52, pp. 156-162. [DOI: https://dx.doi.org/10.1007/s10773-012-1314-4]

52. Yin, A.H.; Tong, Y. A novel semi-quantum secret sharing scheme using entangled states. Mod. Phys. Lett. B; 2018; 32, 1850256. [DOI: https://dx.doi.org/10.1142/S0217984918502561]

53. Tian, Y.; Li, J.; Chen, X.B.; Ye, C.Q.; Li, H.J. An efficient semi-quantum secret sharing protocol of specific bits. Quantum Inf. Process.; 2021; 20, 217. [DOI: https://dx.doi.org/10.1007/s11128-021-03157-2]

54. Xie, C.; Li, L.; Qiu, D. A novel semi-quantum secret sharing scheme of specific bits. Int. J. Theor. Phys.; 2015; 54, pp. 3819-3824. [DOI: https://dx.doi.org/10.1007/s10773-015-2622-2]

55. Yin, A.; Fu, F. Eavesdropping on semi-quantum secret sharing scheme of specific bits. Int. J. Theor. Phys.; 2016; 55, pp. 4027-4035. [DOI: https://dx.doi.org/10.1007/s10773-016-3031-x]

56. Gao, X.; Zhang, S.; Chang, Y. Cryptanalysis and improvement of the semi-quantum secret sharing protocol. Int. J. Theor. Phys.; 2017; 56, pp. 2512-2520. [DOI: https://dx.doi.org/10.1007/s10773-017-3404-9]

57. Tsai, C.W.; Yang, C.W.; Lin, J. Multiparty mediated quantum secret sharing protocol. Quantum Inf. Process.; 2022; 21, 63. [DOI: https://dx.doi.org/10.1007/s11128-021-03402-8]

58. Tsai, C.W.; Yang, C.W.; Lee, N.Y. Semi-quantum secret sharing protocol using W-state. Mod. Phys. Lett. A; 2019; 34, 1950213. [DOI: https://dx.doi.org/10.1142/S0217732319502134]

59. Li, C.; Ye, C.; Tian, Y.; Chen, X.B.; Li, J. Cluster-state-based quantum secret sharing for users with different abilities. Quantum Inf. Process.; 2021; 20, 385. [DOI: https://dx.doi.org/10.1007/s11128-021-03327-2]

60. Zou, X.; Qiu, D. Three-step semiquantum secure direct communication protocol. Sci. China Phys. Mech.; 2014; 57, pp. 1696-1702. [DOI: https://dx.doi.org/10.1007/s11433-014-5542-x]

61. Zhang, M.H.; Li, H.F.; Xia, Z.Q.; Feng, X.Y.; Peng, J.Y. Semiquantum secure direct communication using EPR pairs. Quantum Inf. Process.; 2017; 16, 117. [DOI: https://dx.doi.org/10.1007/s11128-017-1573-3]

62. Xie, C.; Li, L.; Situ, H.; He, J. Semi-quantum secure direct communication scheme based on Bell States. Int. J. Theor. Phys.; 2018; 57, pp. 1881-1887. [DOI: https://dx.doi.org/10.1007/s10773-018-3713-7]

63. Yan, L.; Sun, Y.; Chang, Y.; Zhang, S.; Wan, G.; Sheng, Z. Semi-quantum protocol for deterministic secure quantum communication using Bell states. Quantum Inf. Process.; 2018; 17, 315. [DOI: https://dx.doi.org/10.1007/s11128-018-2086-4]

64. Sun, Y.; Yan, L.; Chang, Y.; Zhang, S.; Shao, T.; Zhang, Y. Two semi-quantum secure direct communication protocols based on Bell states. Mod. Phys. Lett. A; 2019; 34, 1950004. [DOI: https://dx.doi.org/10.1142/S0217732319500044]

65. Yang, C.W.; Tsai, C.W. Intercept-and-resend attack and improvement of semiquantum secure direct communication using EPR pairs. Quantum Inf. Process.; 2019; 18, 306. [DOI: https://dx.doi.org/10.1007/s11128-019-2429-9]

66. Rong, Z.; Qiu, D.; Zou, X. Semi-quantum secure direct communication using entanglement. Int. J. Theor. Phys.; 2020; 59, pp. 1807-1819. [DOI: https://dx.doi.org/10.1007/s10773-020-04447-8]

67. Yang, C.W. Efficient and secure semi-quantum secure direct communication protocol against double CNOT attack. Quantum Inf. Process.; 2020; 19, 50. [DOI: https://dx.doi.org/10.1007/s11128-019-2550-9]

68. Yang, C.W.; Tsai, C.W. Advanced semi-quantum secure direct communication protocol based on bell states against flip attack. Quantum Inf. Process.; 2020; 19, 126. [DOI: https://dx.doi.org/10.1007/s11128-020-02623-7]

69. Zhang, X.; Zhou, R.G. An efficient and novel semi-quantum deterministic secure quantum communication protocol. Int. J. Theor. Phys.; 2022; 61, 94. [DOI: https://dx.doi.org/10.1007/s10773-022-05092-z]

70. Yan-Feng, L. Semi-quantum private comparison using single photons. Int. J. Theor. Phys.; 2018; 57, pp. 3048-3055. [DOI: https://dx.doi.org/10.1007/s10773-018-3823-2]

71. Ye, T.Y.; Ye, C.Q. Measure-resend semi-quantum private comparison without entanglement. Int. J. Theor. Phys.; 2018; 57, pp. 3819-3834. [DOI: https://dx.doi.org/10.1007/s10773-018-3894-0]

72. Lin, P.H.; Hwang, T.; Tsai, C.W. Efficient semi-quantum private comparison using single photons. Quantum Inf. Process.; 2019; 18, 207. [DOI: https://dx.doi.org/10.1007/s11128-019-2251-4]

73. Li, Y.C.; Chen, Z.Y.; Xu, Q.D.; Gong, L.H. Two semi-quantum private comparison protocols of size relation based on single particles. Int. J. Theor. Phys.; 2022; 61, 157. [DOI: https://dx.doi.org/10.1007/s10773-022-05149-z]

74. Jiang, L.Z. Semi-quantum private comparison based on Bell states. Quantum Inf. Process.; 2020; 19, 180. [DOI: https://dx.doi.org/10.1007/s11128-020-02674-w]

75. Tsai, C.W.; Lin, J.; Yang, C.W. Cryptanalysis and improvement in semi-quantum private comparison based on Bell states. Quantum Inf. Process.; 2021; 20, 120. [DOI: https://dx.doi.org/10.1007/s11128-021-03047-7]

76. Xie, L.; Li, Q.; Yu, F.; Lou, X.; Zhang, C. Cryptanalysis and improvement of a semi-quantum private comparison protocol based on Bell states. Quantum Inf. Process.; 2021; 20, 244. [DOI: https://dx.doi.org/10.1007/s11128-021-03178-x]

77. Li, Z.; Liu, T.; Zhu, H. Private comparison protocol for multiple semi-quantum users based on Bell States. Int. J. Theor. Phys.; 2022; 61, 177. [DOI: https://dx.doi.org/10.1007/s10773-022-05167-x]

78. Tian, Y.; Li, J.; Chen, X.B.; Ye, C.Q.; Li, C.Y.; Hou, Y.Y. An efficient semi-quantum private comparison without pre-shared keys. Quantum Inf. Process.; 2021; 20, 360. [DOI: https://dx.doi.org/10.1007/s11128-021-03294-8]

79. Yan, L.; Zhang, S.; Chang, Y.; Wan, G.; Yang, F. Semi-quantum private comparison protocol with three-particle G-like states. Quantum Inf. Process.; 2021; 20, 17. [DOI: https://dx.doi.org/10.1007/s11128-020-02960-7]

80. Li, Q.; Li, P.; Xie, L.; Chen, L.; Quan, J. Security analysis and improvement of a semi-quantum private comparison protocol with three-particle G-like states. Quantum Inf. Process.; 2022; 21, 127. [DOI: https://dx.doi.org/10.1007/s11128-022-03460-6]

81. Tian, Y.; Li, J.; Ye, C.; Chen, X.B.; Li, C. W-state-based semi-quantum private comparison. Int. J. Theor. Phys.; 2022; 61, 18. [DOI: https://dx.doi.org/10.1007/s10773-022-05005-0]

82. Zhao, X.Q.; Chen, H.Y.; Wang, Y.Q.; Zhou, N.R. Semi-quantum bi-signature scheme based on W states. Int. J. Theor. Phys.; 2019; 58, pp. 3239-3251. [DOI: https://dx.doi.org/10.1007/s10773-019-04199-0]

83. Ozaydin, F.; Bugu, S.; Yesilyurt, C.; Altintas, A.A.; Tame, M.; Özdemir, Ş.K. Fusing multiple W states simultaneously with a Fredkin gate. Phys. Rev. A; 2014; 89, 42311. [DOI: https://dx.doi.org/10.1103/PhysRevA.89.042311]

84. Bugu, S.; Ozaydin, F.; Ferrus, T.; Kodera, T. Preparing Multipartite Entangled Spin Qubits via Pauli Spin Blockade. Sci. Rep.; 2020; 10, 3481. [DOI: https://dx.doi.org/10.1038/s41598-020-60299-6]

85. Ozaydin, F.; Yesilyurt, C.; Bugu, S.; Koashi, M. Deterministic preparation of W states via spin-photon interactions. Phys. Rev. A; 2021; 103, 52421. [DOI: https://dx.doi.org/10.1103/PhysRevA.103.052421]

86. Li, K.; Kong, F.-Z.; Yang, M.; Ozaydin, F.; Yang, Q.; Cao, Z.-L. Generating multi-photon W-like states for perfect quantum teleportation and superdense coding. Quantum Inf. Process.; 2016; 15, pp. 3137-3150. [DOI: https://dx.doi.org/10.1007/s11128-016-1332-x]