nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Cryptanalysis Against Symmetric-Key Schemes with Online Classical Queries and Offline Quantum Computations

verfasst von : Akinori Hosoyamada, Yu Sasaki

Erschienen in: Topics in Cryptology – CT-RSA 2018

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In this paper, quantum attacks against symmetric-key schemes are presented in which adversaries only make classical queries but use quantum computers for offline computations. Our attacks are not as efficient as polynomial-time attacks making quantum superposition queries, while our attacks use the realistic model and overwhelmingly improve the classical attacks. Our attacks convert a type of classical meet-in-the-middle attacks into quantum ones. The attack cost depends on the number of available qubits and the way to realize the quantum hardware. The tradeoffs between data complexity D and time complexity T against the problem of cardinality N are \(D^2 \cdot T^2 =N\) and \(D \cdot T^6 = N^3\) in the best and worst case scenarios to the adversary respectively, while the classic attack requires \(D\cdot T = N\). This improvement is meaningful from an engineering aspect because several existing schemes claim beyond-birthday-bound security for T by limiting the maximum D to be below \(2^{n/2}\) according to the classical tradeoff \(D\cdot T = N\). Those schemes are broken when quantum computations are available to the adversaries. The attack can be applied to many schemes such as a tweakable block-cipher construction TDR, a dedicated MAC scheme Chaskey, an on-line authenticated encryption scheme McOE-X, a hash function based MAC H \(^2\)-MAC and a permutation based MAC keyed-sponge. The idea is then applied to the FX-construction to discover new tradeoffs in the classical query model.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Asynchronous Provably-Secure Hidden Services

Nächstes Kapitel Improving Stateless Hash-Based Signatures

Nur mit Berechtigung zugänglich

While several concerns have been pointed out recently [Ber09, BB17], those works surely took important roles to the progress of this research topic in an early stage.

Kaplan [Kap14] proposed another type of quantum MitM attack for multiple encryptions. It computes two independent parts offline, thus is different from ours.

[BB17]

Banegas, G., Bernstein, D.J.: Low-communication parallel quantum multi-target preimage search. Cryptology ePrint Archive, Report 2017/789 (2017). To appear at SAC 2017

[BBG+13]

Beals, R., Brierley, S., Gray, O., Harrow, A.W., Kutin, S., Linden, N., Shepherd, D., Stather, M.: Efficient distributed quantum computing. In: Proceedings of the Royal Society A, vol. 469, p. 20120686. The Royal Society (2013)

[BBHT98]

Boyer, M., Brassard, G., Høyer, P., Tapp, A.: Tight bounds on quantum searching. Fortsch. Phys. 46(4–5), 493–505 (1998). https://arxiv.org/abs/quant-ph/9605034 CrossRef

[BDPA08]

Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the indifferentiability of the sponge construction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181–197. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78967-3_11 CrossRef

[Ber09]

Bernstein, D.J.: Cost analysis of hash collisions: will quantum computers make SHARCS obsolete? In: SHARCS 2009 (2009)

[BHT97]

Brassard, G., Høyer, P., Tapp, A.: Quantum algorithm for the collision problem. CoRR, quant-ph/9705002 (1997). Quantum Cryptanalysis of Hash and Claw-Free Functions. LATIN 1998, pp. 163–169

[Bon17]

Bonnetain, X.: Quantum key-recovery on full AEZ. Cryptology ePrint Archive, Report 2017/767 (2017). To appear at SAC 2017

[CNPS17]

Chailloux, A., Naya-Plasencia, M., Schrottenloher, A.: An efficient quantum collision search algorithm and implications on symmetric cryptography. Cryptology ePrint Archive, Report 2017/847 (2017)

[FFL12]

Fleischmann, E., Forler, C., Lucks, S.: McOE: a family of almost foolproof on-line authenticated encryption schemes. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 196–215. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34047-5_12. Cryptology ePrint Archive, Report 2011/644CrossRef

[GR04]

Lov, G., Rudolph, T.: How significant are the known collision and element distinctness quantum algorithms. Quantum Inf. Comput. 4(3), 201–206 (2004)MathSciNetMATH

[Gro96]

Grover, L.K.: A fast quantum mechanical algorithm for database search. In: STOC 1996, pp. 212–219 (1996). https://arxiv.org/abs/quant-ph/9605043

[HA17]

Hosoyamada, A., Aoki, K.: On quantum related-key attacks on iterated Even-Mansour ciphers. In: Obana, S., Chida, K. (eds.) IWSEC 2017. LNCS, vol. 10418, pp. 3–18. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-64200-0_1 CrossRef

[Kap14]

Kaplan, M.: Quantum attacks against iterated block ciphers. arXiv preprint arXiv:1410.1434 (2014)

[KLLN16a]

Kaplan, M., Leurent, G., Leverrier, A., Naya-Plasencia, M.: Breaking symmetric cryptosystems using quantum period finding. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 207–237. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53008-5_8 CrossRef

[KLLN16b]

Kaplan, M., Leurent, G., Leverrier, A., Naya-Plasencia, M.: Quantum differential and linear cryptanalysis. IACR Trans. Symmetric Cryptol. 2016(1), 71–94 (2016)MATH

[KM10]

Kuwakado, H., Morii, M.: Quantum distinguisher between the 3-round Feistel cipher and the random permutation. In: ISIT 2010, pp. 2682–2685. IEEE (2010)

[KM12]

Kuwakado, H., Morii, M.: Security on the quantum-type Even-Mansour cipher. In: ISITA 2012, pp. 312–316. IEEE (2012)

[KR96]

Kilian, J., Rogaway, P.: How to protect DES against exhaustive key search. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 252–267. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_20

[KR01]

Kilian, J., Rogaway, P.: How to protect DES against exhaustive key search (an analysis of DESX). J. Cryptol. 14, 17–35 (2001)MathSciNetCrossRefMATH

[LL17a]

Liu, F., Liu, F.: Universal forgery and key recovery attacks: application to FKS, FKD and Keyak. Cryptology ePrint Archive, Report 2017/691 (2017)

[LL17b]

Liu, F., Liu, F.: Universal forgery with birthday paradox: application to blockcipher-based message authentication codes and authenticated encryptions. Cryptology ePrint Archive, Report 2017/653 (2017)

[LM17]

Leander, G., May, A.: Grover meets Simon - quantumly attacking the FX-construction. Cryptology ePrint Archive, Report 2017/427 (2017). To appear at Asiacrypt 2017

[LRW11]

Liskov, M., Rivest, R.L., Wagner, D.A.: Tweakable block ciphers. J. Cryptol. 24(3), 588–613 (2011)MathSciNetCrossRefMATH

[LXS11]

Liu, F., Xie, T., Shen, C.: Breaking \(H^2\)-MAC using birthday paradox. Cryptology ePrint Archive, Report 2011/647 (2011)

[MBTM17]

McKay, K.A., Bassham, L., Turan, M.S., Mouha, N.: NISTIR 8114 report on lightweight cryptography. Technical report, U.S. Department of Commerce, National Institute of Standards and Technology (2017). https://doi.org/10.6028/NIST.IR.8114

[Min09]

Minematsu, K.: Beyond-birthday-bound security based on tweakable block cipher. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 308–326. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03317-9_19 CrossRef

[MMH+14]

Mouha, N., Mennink, B., Van Herrewege, A., Watanabe, D., Preneel, B., Verbauwhede, I.: Chaskey: an efficient MAC algorithm for 32-bit microcontrollers. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 306–323. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13051-4_19 CrossRef

[MMRT12]

Mendel, F., Mennink, B., Rijmen, V., Tischhauser, E.: A simple key-recovery attack on McOE-X. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 23–31. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35404-5_3 CrossRef

[Mou15]

Mouha, N.: Chaskey: a MAC algorithm for microcontrollers - status update and proposal of Chaskey-12. Cryptology ePrint Archive, Report 2015/1182 (2015)

[MS17]

Mennink, B., Szepieniec, A.: XOR of PRPs in a quantum world. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 367–383. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59879-6_21 CrossRef

[NIS16]

NIST: SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash, and ParallelHash. Technical report, U.S. Department of Commerce, National Institute of Standards and Technology. NIST Special Publication (SP) 800–185 (2016)

[Sas12]

Sasaki, Y.: Cryptanalyses on a Merkle-Damgård based MAC—almost universal forgery and distinguishing-H attacks. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 411–427. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_25 CrossRef

[Sim97]

Simon, D.R.: On the power of quantum computation. SIAM J. Comput. 26(5), 1474–1483 (1997)MathSciNetCrossRefMATH

[Tsu92]

Tsudik, G.: Message authentication with one-way hash functions. In: ACM SIGCOMM Computer Communication Review, vol. 22, no. 5, pp. 29–38. ACM (1992)

[VOW94]

Van Oorschot, P.C., Wiener, M.J.: Parallel collision search with application to hash functions and discrete logarithms. In: CCS 1994, pp. 210–218. ACM (1994)

[Yas09]

Yasuda, K.: HMAC without the “Second” Key. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 443–458. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04474-8_35 CrossRef

Titel: Cryptanalysis Against Symmetric-Key Schemes with Online Classical Queries and Offline Quantum Computations
verfasst von: Akinori Hosoyamada
Yu Sasaki
Verlag: Springer International Publishing
Buch: Topics in Cryptology – CT-RSA 2018
Print ISBN: 978-3-319-76952-3

Electronic ISBN: 978-3-319-76953-0

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-76953-0_11

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner