Scalable and Highly Fault-Tolerant Circular Quantum Byzantine Agreement

TL;DR

This work tackles the challenge of scalable, fault-tolerant multiparty QBA for large quantum networks by introducing a semi-decentralized circular QBA that uses OTUH-QDS with weak coherent states. It achieves polynomial communication complexity, $C(N)=N^2-N$, and a fault tolerance bound of $N \ge f+2$, while requiring only $N$ quantum channels in a star-shaped topology with a satellite acting as CA. The protocol's security rests on information-theoretic non-repudiation and unforgeability of OTUH-QDS, with a formal bound on the overall failure probability and composable security when including KGP imperfections. Satellite-to-ground simulations demonstrate high consensus rates under realistic conditions, supporting practical deployment in global quantum networks and offering a viable pathway toward secure quantum blockchain services.

Abstract

Quantum Byzantine Agreement (QBA), a cornerstone of quantum blockchain, offers inherent advantages in security and fault tolerance over classical protocols, guaranteed by the laws of quantum mechanics. However, existing multiparty QBA protocols face challenges for large-scale deployment due to exponential communication complexity or reliance on complex multi-particle entanglement. To address this, we propose a multiparty circular QBA protocol that adopts a semi-decentralized architecture, leveraging circular message gathering and quantum digital signatures to achieve quadratic communication complexity and enhanced fault tolerance. Our protocol is experimentally feasible, requiring only weak coherent states, and is compatible with existing star-shaped quantum networks. Simulations conducted on a global satellite-to-ground network demonstrate that the protocol sustains high consensus rates among multiple users, even when employing different key generation protocols under realistic conditions. This work presents a scalable framework for large-scale QBA networks, establishing the foundation for a practical quantum blockchain that enables secure and fault-tolerant decentralized services.

Figures (7)

• Figure 1: Schematic of our circular QBA protocol. (a) Order distribution. The commanding general $S$ distributes message $m_i$ to each lieutenant $R_i$ with signature $\sigma_i$ through three-party OTUH-QDS ($\forall i \in \mathbb{Z}_{N-1}^+$). (b) Message distribution step between $S$, $R_i$, and CA in the order distribution phase. $S$, $R_i$, and the CA share correlated quantum keys through a KGP first (left). Then they conduct the signing and verifying procedure (right). $R_i$'s initial message list is $O^i=\{m_i,\sigma_i\}$. CA records the signature $\sigma_i$ and related quantum keys of this QDS. (c) Circular gathering started by $R_i$ ($\forall i \in \mathbb{Z}_{N-1}^+$). The gathering follows a clockwise sequence, and each step is completed using OTUH-QDS. (d) The information delivery step from $R_{j}$ to $R_{j+1}$. $R_{j}$ combines the information package received from the previous lieutenant $R_{j-1}$, which is $G^i_{j-1}$, and its initial message list, which is $O^j$, and takes it as a whole and signs it with a signature $\sigma^i_{j\rightarrow j+1}$. Thus $G^i_{j\rightarrow j+1} = G^i_{j-1\rightarrow j} \cup O^j \cup \{\sigma^i_{j\rightarrow j+1}\}$. The OTUH-QDS process is similar to those in order distribution. CA acts as the verifier of QDS, records $\sigma^i_{j\rightarrow j+1}$ and checks the validity of all signatures in $G^i_{j\rightarrow j+1}$.
• Figure 2: Comparison of lower bounds on communication complexity (number of communication rounds) for QKD-based QBA kiktenko2018quantum, recursive QBA weng2023beating and this work. For each protocol, the total number of nodes is minimized according to its fault-tolerance capability. For the number of malicious players $f \geq 2$, our protocol provides an obvious advantage over the previous schemes.
• Figure 3: Illustration of the satellite-to-ground five-user QBA network employing our circular QBA protocol. The satellite acts as the CA, distributing quantum keys to ground-based players via satellite-to-ground quantum channels (red solid lines) and verifying validity in each three-party QDS. Authenticated classical channels (yellow dashed lines) are employed for communication among users, avoiding the need for quantum channels between ground stations. Note that classical authenticated channels between a player and CA are needed for the communication during QDS.
• Figure 4: Simulation of the consensus rate of circular QBA using satellite-to-ground DM-CV KGP scheme Li2024Discrete. Figures (a), (b), and (c) present the consensus rate versus altitude of the satellite (CA) at a zenith angle of 0 rad with ideal detectors, untrusted detectors, and the consensus rate versus the zenith angle at an altitude of 300 km, when using the homodyne protocol liu2021homodyne. Figures (d), (e), and (f) are the corresponding results when using the heterodyne protocol lin2019Asymptotic. All simulations are performed under downlink conditions, as the proposed QBA scheme requires the CA to distribute quantum keys. We consider different noise levels ($\xi_{\rm{ch}} = 0.01,~0.03,~0.05$) with both ideal and untrusted detectors. The size of the message is fixed to 1 Mb. These results comprehensively demonstrate the high efficiency of our protocol in a satellite-to-ground system.
• Figure 5: Performance of the QBA protocol using BB84 KGP adapted from asymmetric coding BB84 QKD lo2005Efficientlim2014concise. (a) Consensus rate versus satellite altitude (zenith angle = 0 rad). (b) Consensus rate versus zenith angle (at a fixed altitude of 300 km). Results are shown for various numbers of participants and message sizes (1 Kb, 1 Mb, and 100 Mb).