Quantum algorithm to find invariant linear structure of MD hash functions

In this paper, we consider a special problem. “Given a function f : { 0 , 1 } n → { 0 , 1 } m . Suppose there exists a n -bit string α ∈ { 0 , 1 } n subject to f ( x ⊕ α ) = f ( x ) for ∀ x ∈ { 0 , 1 } n . We only know the Hamming weight W ( α ) = 1 , and find this α .” We present a quantum algorith...

Full description

Saved in:
Bibliographic Details
Published inQuantum information processing Vol. 14; no. 3; pp. 813 - 829
Main Authors Wu, WanQing, Zhang, HuanGuo, Mao, ShaoWu, Wang, HouZhen
Format Journal Article
LanguageEnglish
Published Boston Springer US 01.03.2015
Subjects
Data Structures and Information Theory
Mathematical Physics
Physics
Physics and Astronomy
Quantum Computing
Quantum Information Technology
Quantum Physics
Spintronics
Hash functions
Quantum network
Quantum algorithm
Invariant linear structure
Online AccessGet full text

Cover

More Information
Summary:In this paper, we consider a special problem. “Given a function f : { 0 , 1 } n → { 0 , 1 } m . Suppose there exists a n -bit string α ∈ { 0 , 1 } n subject to f ( x ⊕ α ) = f ( x ) for ∀ x ∈ { 0 , 1 } n . We only know the Hamming weight W ( α ) = 1 , and find this α .” We present a quantum algorithm with “Oracle” to solve this problem. The successful probability of the quantum algorithm is ( 2 l - 1 2 l ) n - 1 , and the time complexity of the quantum algorithm is O ( log ( n - 1 ) ) for the given Hamming weight W ( α ) = 1 . As an application, we present a quantum algorithm to decide whether there exists such an invariant linear structure of the M D hash function family as a kind of collision. Then, we provide some consumptions of the quantum algorithms using the time–space trade-off.
ISSN:1570-0755
1573-1332
DOI:10.1007/s11128-014-0909-5