Quantum Differential and Linear Cryptanalysis
Quantum computers, that may become available one day, would impact many scientific fields, most notably cryptography since many asymmetric primitives are insecure against an adversary with quantum capabilities. Cryptographers are already anticipating this threat by proposing and studying a number of...
Saved in:
| Published in | IACR Transactions on Symmetric Cryptology Vol. 2016; no. 1; pp. 71 - 94 |
|---|---|
| Main Authors | , , , |
| Format | Journal Article |
| Language | English |
| Published |
Ruhr Universität Bochum
01.01.2016
Ruhr-Universität Bochum |
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | Quantum computers, that may become available one day, would impact many scientific fields, most notably cryptography since many asymmetric primitives are insecure against an adversary with quantum capabilities. Cryptographers are already anticipating this threat by proposing and studying a number of potentially quantum-safe alternatives for those primitives. On the other hand, symmetric primi-tives seem less vulnerable against quantum computing: the main known applicable result is Grover's algorithm that gives a quadratic speed-up for exhaustive search. In this work, we examine more closely the security of symmetric ciphers against quantum attacks. Since our trust in symmetric ciphers relies mostly on their ability to resist cryptanalysis techniques, we investigate quantum cryptanalysis techniques. More specifically, we consider quantum versions of differential and linear cryptanalysis. We show that it is usually possible to use quantum computations to obtain a quadratic speed-up for these attack techniques, but the situation must be nuanced: we don't get a quadratic speed-up for all variants of the attacks. This allows us to demonstrate the following non-intuitive result: the best attack in the classical world does not necessarily lead to the best quantum one. We give some examples of application on ciphers LAC and KLEIN. We also discuss the important difference between an adversary that can only perform quantum computations, and an adversary that can also make quantum queries to a keyed primitive. |
|---|---|
| AbstractList | Quantum computers, that may become available one day, would impact many scientific fields, most notably cryptography since many asymmetric primitives are insecure against an adversary with quantum capabilities. Cryptographers are already anticipating this threat by proposing and studying a number of potentially quantum-safe alternatives for those primitives. On the other hand, symmetric primitives seem less vulnerable against quantum computing: the main known applicable result is Grover’s algorithm that gives a quadratic speed-up for exhaustive search. In this work, we examine more closely the security of symmetric ciphers against quantum attacks. Since our trust in symmetric ciphers relies mostly on their ability to resist cryptanalysis techniques, we investigate quantum cryptanalysis techniques. More specifically, we consider quantum versions of differential and linear cryptanalysis. We show that it is usually possible to use quantum computations to obtain a quadratic speed-up for these attack techniques, but the situation must be nuanced: we don’t get a quadratic speed-up for all variants of the attacks. This allows us to demonstrate the following non-intuitive result: the best attack in the classical world does not necessarily lead to the best quantum one. We give some examples of application on ciphers LAC and KLEIN. We also discuss the important difference between an adversary that can only perform quantum computations, and an adversary that can also make quantum queries to a keyed primitive. Quantum computers, that may become available one day, would impact many scientific fields, most notably cryptography since many asymmetric primitives are insecure against an adversary with quantum capabilities. Cryptographers are already anticipating this threat by proposing and studying a number of potentially quantum-safe alternatives for those primitives. On the other hand, symmetric primi-tives seem less vulnerable against quantum computing: the main known applicable result is Grover's algorithm that gives a quadratic speed-up for exhaustive search. In this work, we examine more closely the security of symmetric ciphers against quantum attacks. Since our trust in symmetric ciphers relies mostly on their ability to resist cryptanalysis techniques, we investigate quantum cryptanalysis techniques. More specifically, we consider quantum versions of differential and linear cryptanalysis. We show that it is usually possible to use quantum computations to obtain a quadratic speed-up for these attack techniques, but the situation must be nuanced: we don't get a quadratic speed-up for all variants of the attacks. This allows us to demonstrate the following non-intuitive result: the best attack in the classical world does not necessarily lead to the best quantum one. We give some examples of application on ciphers LAC and KLEIN. We also discuss the important difference between an adversary that can only perform quantum computations, and an adversary that can also make quantum queries to a keyed primitive. |
| Author | Leverrier, Anthony Leurent, Gaëtan Naya-Plasencia, María Kaplan, Marc |
| Author_xml | – sequence: 1 givenname: Marc surname: Kaplan fullname: Kaplan, Marc organization: School of Informatics [Edimbourg] – sequence: 2 givenname: Gaëtan surname: Leurent fullname: Leurent, Gaëtan organization: Security, Cryptology and Transmissions – sequence: 3 givenname: Anthony orcidid: 0000-0002-6707-1458 surname: Leverrier fullname: Leverrier, Anthony organization: Security, Cryptology and Transmissions – sequence: 4 givenname: María surname: Naya-Plasencia fullname: Naya-Plasencia, María organization: Security, Cryptology and Transmissions |
| BackLink | https://inria.hal.science/hal-01237242$$DView record in HAL |
| BookMark | eNpVzktLw0AUBeBBKlhr_4GLbF0kzs3cmcwsS320EBBBwV24ydzolDQpSVrov7c-Fro6h7P4OJdi0nYtC3ENMgEFGm_HbqiSQyrBJAGSDGKHZ2KaanAxZOpt8qdfiPkwbKSUqXXKoJuK-HlP7bjfRnehrrnndgzURNT6KA8tUx8t--NupJaa4xCGK3FeUzPw_Ddn4vXh_mW5ivOnx_VykccerB5jq1mlmBovlTfsUBlvyTCmNVa-9haUxRJKabnCUjOhQyy9Z9LWZUpXaibWP67vaFPs-rCl_lh0FIrvoevfC-rHUDVclLVV1qCviCyyUc4yKQYPTiMp7U7WzY_1Qc0_arXIi69NQqqy090DqE9_FWPf |
| ContentType | Journal Article |
| Copyright | Attribution |
| Copyright_xml | – notice: Attribution |
| DBID | 1XC VOOES DOA |
| DOI | 10.13154/tosc.v2016.i1.71-94 |
| DatabaseName | Hyper Article en Ligne (HAL) Hyper Article en Ligne (HAL) (Open Access) DOAJ Directory of Open Access Journals |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Physics Computer Science |
| EISSN | 2519-173X |
| EndPage | 94 |
| ExternalDocumentID | oai_doaj_org_article_bf83864dcaa84e6398ea3e1d1954a359 oai_HAL_hal_01237242v1 |
| GroupedDBID | 1XC ADBBV ALMA_UNASSIGNED_HOLDINGS BCNDV GROUPED_DOAJ VOOES |
| ID | FETCH-LOGICAL-d185t-85e32426d03d6e9436d8a6e42f4cdfd81384b1b08ec4b5ea4944bddea589735c3 |
| IEDL.DBID | DOA |
| ISSN | 2519-173X |
| IngestDate | Wed Aug 27 01:23:40 EDT 2025 Wed Jul 23 06:30:31 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 1 |
| Keywords | Post-quantum cryptography Differential cryptanalysis Quantum attacks Symmetric cryptography Linear cryptanalysis Block ciphers |
| Language | English |
| License | Attribution: http://creativecommons.org/licenses/by |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-d185t-85e32426d03d6e9436d8a6e42f4cdfd81384b1b08ec4b5ea4944bddea589735c3 |
| ORCID | 0000-0002-6707-1458 |
| OpenAccessLink | https://doaj.org/article/bf83864dcaa84e6398ea3e1d1954a359 |
| PageCount | 24 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_bf83864dcaa84e6398ea3e1d1954a359 hal_primary_oai_HAL_hal_01237242v1 |
| PublicationCentury | 2000 |
| PublicationDate | 2016-01-01 |
| PublicationDateYYYYMMDD | 2016-01-01 |
| PublicationDate_xml | – month: 01 year: 2016 text: 2016-01-01 day: 01 |
| PublicationDecade | 2010 |
| PublicationTitle | IACR Transactions on Symmetric Cryptology |
| PublicationYear | 2016 |
| Publisher | Ruhr Universität Bochum Ruhr-Universität Bochum |
| Publisher_xml | – name: Ruhr Universität Bochum – name: Ruhr-Universität Bochum |
| SSID | ssj0002893649 |
| Score | 2.2999425 |
| Snippet | Quantum computers, that may become available one day, would impact many scientific fields, most notably cryptography since many asymmetric primitives are... |
| SourceID | doaj hal |
| SourceType | Open Website Open Access Repository |
| StartPage | 71 |
| SubjectTerms | Block ciphers Computer Science Cryptography and Security Differential cryptanalysis Linear cryptanalysis Physics Post-quantum cryptography Quantum attacks Quantum Physics Symmetric cryptography |
| Title | Quantum Differential and Linear Cryptanalysis |
| URI | https://inria.hal.science/hal-01237242 https://doaj.org/article/bf83864dcaa84e6398ea3e1d1954a359 |
| Volume | 2016 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV1NS8NAEF2kJy-iqFi_COI1bbcz2WyOtVqKqCBY6C3sJyraljYt-O-dzUaoJy9eF_Ixb5O8N5udN4xdS4258wpTbwBSJIpMddhMZdHwLPd9gxDqnR-fxHiC99NsutXqK-wJi_bAEbiu9hKkQGuUkuiIT6VT4LgNTmUKsrp0jzhvK5l6j7_PQGDR1MoB6YRuNV-Zzob4TnTeeCcPzeUbn36ildefZdSaVkb7bK_Rg8kg3scB23GzQ5Y-ryng9Wdy27QvodfwI6GcP6HUkR7NZLj8WpCqi34iR2wyunsZjtOmr0FqiR2rVGYuyBhhe2CFKxCElUo47Hs01lvJQaLmuiedQZ05hQWips-QymSRQ2bgmLVm85k7YYnK6UheaCNBIZpCk_4D5ZFQ5gSZbbObEGG5iNYVZTCTrgcI4rKBuPwL4ja7Inx-nWM8eCjDWFBkOcWy4af_caUzthsmKC5xnLNWtVy7CyL9Sl_W8_sNa3WpzA |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Quantum+Differential+and+Linear+Cryptanalysis&rft.jtitle=IACR+Transactions+on+Symmetric+Cryptology&rft.au=Marc+Kaplan&rft.au=Ga%C3%ABtan+Leurent&rft.au=Anthony+Leverrier&rft.au=Mar%C3%ADa+Naya-Plasencia&rft.date=2016-01-01&rft.pub=Ruhr-Universit%C3%A4t+Bochum&rft.eissn=2519-173X&rft.spage=71&rft.epage=94&rft_id=info:doi/10.13154%2Ftosc.v2016.i1.71-94&rft.externalDBID=DOA&rft.externalDocID=oai_doaj_org_article_bf83864dcaa84e6398ea3e1d1954a359 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2519-173X&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2519-173X&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2519-173X&client=summon |