Single-Query Quantum Hidden Shift Attacks
Quantum attacks using superposition queries are known to break many classically secure modes of operation. While these attacks do not necessarily threaten the security of the modes themselves, since they rely on a strong adversary model, they help us to draw limits on their provable security.Typical...
Saved in:
| Published in | IACR Transactions on Symmetric Cryptology Vol. 2024; no. 3; pp. 266 - 297 |
|---|---|
| Main Authors | , |
| Format | Journal Article |
| Language | English |
| Published |
Ruhr Universität Bochum
06.09.2024
Ruhr-Universität Bochum |
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | Quantum attacks using superposition queries are known to break many classically secure modes of operation. While these attacks do not necessarily threaten the security of the modes themselves, since they rely on a strong adversary model, they help us to draw limits on their provable security.Typically these attacks use the structure of the mode (stream cipher, MAC or authenticated encryption scheme) to embed a period-finding problem, which can be solved with a dedicated quantum algorithm. The hidden period can be recovered with a few superposition queries (e.g., O(n) for Simon’s algorithm), leading to state or key-recovery attacks. However, this strategy breaks down if the period changes at each query, e.g., if it depends on a nonce.In this paper, we focus on this case and give dedicated state-recovery attacks on the authenticated encryption schemes Rocca, Rocca-S, Tiaoxin-346 and AEGIS- 128L. These attacks rely on a procedure to find a Boolean hidden shift with a single superposition query, which overcomes the change of nonce at each query. This approach has the drawback of a lower success probability, meaning multiple independent (and parallelizable) runs are needed.We stress that these attacks do not break any security claim of the authors, and do not threaten the schemes if the adversary only makes classical queries. |
|---|---|
| AbstractList | Quantum attacks using superposition queries are known to break many classically secure modes of operation. While these attacks do not necessarily threaten the security of the modes themselves, since they rely on a strong adversary model, they help us to draw limits on their provable security. Typically these attacks use the structure of the mode (stream cipher, MAC or authenticated encryption scheme) to embed a period-finding problem, which can be solved with a dedicated quantum algorithm. The hidden period can be recovered with a few superposition queries (e.g., O(n) for Simon’s algorithm), leading to state or key-recovery attacks. However, this strategy breaks down if the period changes at each query, e.g., if it depends on a nonce. In this paper, we focus on this case and give dedicated state-recovery attacks on the authenticated encryption schemes Rocca, Rocca-S, Tiaoxin-346 and AEGIS- 128L. These attacks rely on a procedure to find a Boolean hidden shift with a single superposition query, which overcomes the change of nonce at each query. This approach has the drawback of a lower success probability, meaning multiple independent (and parallelizable) runs are needed. We stress that these attacks do not break any security claim of the authors, and do not threaten the schemes if the adversary only makes classical queries. |
| Author | Bonnetain, Xavier Schrottenloher, André |
| Author_xml | – sequence: 1 givenname: Xavier surname: Bonnetain fullname: Bonnetain, Xavier – sequence: 2 givenname: André surname: Schrottenloher fullname: Schrottenloher, André |
| BackLink | https://inria.hal.science/hal-04773920$$DView record in HAL |
| BookMark | eNpVkEtrAjEUhUOxUGv9C2W2Lmaa9yRLkbYKQhFb6C7EPDR2nCnJKPjvHbWUdnUu5557uHz3oFc3tQPgEcGCcib4U9skUxwwxLQIpMCc51iWN6CPGZI5Ksln7898B4YpbSGEWEjCqeyD0TLU68rli72Lx2yx13W732XTYK2rs-Um-DYbt602X-kB3HpdJTf80QH4eHl-n0zz-dvrbDKe54Yw2OZSGIS0hJwKy4XXhiDKDEO-E-kodQhLsdKo2whdEmmRxXBlJCmxo1h6MgCza69t9FZ9x7DT8agaHdTFaOJa6dgGUzlFJSKl44YTaykTSAvPGSmZXWGPvZdd1-jatdHVv6rpeK7OHqRl9wOGB9Rl-TVrYpNSdP73AEF1Ya3OrNWFtQpEdaxVx5qcABwyczM |
| ContentType | Journal Article |
| Copyright | Attribution |
| Copyright_xml | – notice: Attribution |
| DBID | AAYXX CITATION 1XC VOOES DOA |
| DOI | 10.46586/tosc.v2024.i3.266-297 |
| DatabaseName | CrossRef Hyper Article en Ligne (HAL) Hyper Article en Ligne (HAL) (Open Access) DOAJ Directory of Open Access Journals |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | CrossRef |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Open Access Full Text url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISSN | 2519-173X |
| EndPage | 297 |
| ExternalDocumentID | oai_doaj_org_article_49137e6c63dd4581a8f65375db2f2ff9 oai_HAL_hal_04773920v1 10_46586_tosc_v2024_i3_266_297 |
| GroupedDBID | AAYXX ADBBV ALMA_UNASSIGNED_HOLDINGS BCNDV CITATION GROUPED_DOAJ 1XC VOOES |
| ID | FETCH-LOGICAL-c350t-98c11a90648d68fac3145c51f1459e44e1298ba1fac8a739d1d20bc9372e429f3 |
| IEDL.DBID | DOA |
| ISSN | 2519-173X |
| IngestDate | Wed Aug 27 01:26:21 EDT 2025 Fri Jun 27 06:31:30 EDT 2025 Tue Jul 01 03:41:35 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 3 |
| Keywords | Quantum Fourier Transform Quantum cryptanalysis Rocca Authenticated encryption Tiaoxin AEGIS Boolean hidden shift |
| Language | English |
| License | http://creativecommons.org/licenses/by/4.0 Attribution: http://creativecommons.org/licenses/by |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c350t-98c11a90648d68fac3145c51f1459e44e1298ba1fac8a739d1d20bc9372e429f3 |
| ORCID | 0000-0002-1329-8630 |
| OpenAccessLink | https://doaj.org/article/49137e6c63dd4581a8f65375db2f2ff9 |
| PageCount | 32 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_49137e6c63dd4581a8f65375db2f2ff9 hal_primary_oai_HAL_hal_04773920v1 crossref_primary_10_46586_tosc_v2024_i3_266_297 |
| ProviderPackageCode | CITATION AAYXX |
| PublicationCentury | 2000 |
| PublicationDate | 2024-09-06 |
| PublicationDateYYYYMMDD | 2024-09-06 |
| PublicationDate_xml | – month: 09 year: 2024 text: 2024-09-06 day: 06 |
| PublicationDecade | 2020 |
| PublicationTitle | IACR Transactions on Symmetric Cryptology |
| PublicationYear | 2024 |
| Publisher | Ruhr Universität Bochum Ruhr-Universität Bochum |
| Publisher_xml | – name: Ruhr Universität Bochum – name: Ruhr-Universität Bochum |
| SSID | ssj0002893649 |
| Score | 2.2673419 |
| Snippet | Quantum attacks using superposition queries are known to break many classically secure modes of operation. While these attacks do not necessarily threaten the... |
| SourceID | doaj hal crossref |
| SourceType | Open Website Open Access Repository Index Database |
| StartPage | 266 |
| SubjectTerms | Authenticated encryption Boolean hidden shift Computer Science Cryptography and Security Quantum cryptanalysis Quantum Fourier Transform Rocca Tiaoxin |
| Title | Single-Query Quantum Hidden Shift Attacks |
| URI | https://inria.hal.science/hal-04773920 https://doaj.org/article/49137e6c63dd4581a8f65375db2f2ff9 |
| Volume | 2024 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV3PS8MwFA6ykxdRVJy_KOLFQ7am-dH0OMUxRIUxB7uFND_YRDeZ7cD_3pd0k3ny4qmQlrbve4Xve2neF4SuQ8nggSaw8FZiRq3HGkQc1hSKEeGZMXEe8ulZDMbsYcInW1t9hTVhjT1wA1yXFYTmThhBrWVcEi294DTntsx85n1s3QPO2yqmXpvfZ1SwomkJZsCyolstPk1nBbU-68xoB3gJZ8HpaYuNomk_cMx0M6caOaa_j_bW4jDpNS91gHbc_BDdjIBd3hwe1m75lQxrgKJ-TwbB-mOejKYzXyW9qgqt8kdo3L9_uRvg9QYH2FCeVriQhhBdgCqQVkivDSWMG048HArHmAMylqUmcEbqnBaW2CwtDSiKzAGPeHqMWvPF3J2gJOeZISy3zoqUaWOkYwZi1TKNFRZvo-4mUPXR-Fgo0P8RGhWgUREaNaMKoFEATRvdBjx-rg4-1HEAsqPW2VF_ZaeNrgDNX_cY9B5VGEtZDiFl6Yqc_seTztBuCCAu_xLnqFUta3cBeqEqL-On8Q315Ll6 |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Single-Query+Quantum+Hidden+Shift+Attacks&rft.jtitle=IACR+Transactions+on+Symmetric+Cryptology&rft.au=Bonnetain%2C+Xavier&rft.au=Schrottenloher%2C+Andr%C3%A9&rft.date=2024-09-06&rft.issn=2519-173X&rft.eissn=2519-173X&rft.volume=2024&rft.issue=3&rft.spage=266&rft.epage=297&rft_id=info:doi/10.46586%2Ftosc.v2024.i3.266-297&rft.externalDBID=n%2Fa&rft.externalDocID=10_46586_tosc_v2024_i3_266_297 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2519-173X&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2519-173X&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2519-173X&client=summon |