Quantum Query Lower Bounds for Key Recovery Attacks on the Even-Mansour
Cipher
- URL: http://arxiv.org/abs/2308.10418v1
- Date: Mon, 21 Aug 2023 02:01:30 GMT
- Title: Quantum Query Lower Bounds for Key Recovery Attacks on the Even-Mansour
Cipher
- Authors: Akinori Kawachi and Yuki Naito
- Abstract summary: Even-Mansour (EM) cipher is one of the famous constructions for a block cipher.
Kuwakado and Morii demonstrated that a quantum adversary can recover its $n$-bit secret keys only with $O(n)$ nonadaptive quantum queries.
- Score: 0.0
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: The Even-Mansour (EM) cipher is one of the famous constructions for a block
cipher. Kuwakado and Morii demonstrated that a quantum adversary can recover
its $n$-bit secret keys only with $O(n)$ nonadaptive quantum queries. While the
security of the EM cipher and its variants is well-understood for classical
adversaries, very little is currently known of their quantum security. Towards
a better understanding of the quantum security, or the limits of quantum
adversaries for the EM cipher, we study the quantum query complexity for the
key recovery of the EM cipher and prove every quantum algorithm requires
$\Omega(n)$ quantum queries for the key recovery even if it is allowed to make
adaptive queries. Therefore, the quantum attack of Kuwakado and Morii has the
optimal query complexity up to a constant factor, and we cannot asymptotically
improve it even with adaptive quantum queries.
Related papers
- Quantum Indistinguishable Obfuscation via Quantum Circuit Equivalence [6.769315201275599]
Quantum computing solutions are increasingly deployed in commercial environments through delegated computing.
One of the most critical issues is to guarantee the confidentiality and proprietary of quantum implementations.
Since the proposal of general-purpose indistinguishability obfuscation (iO) and functional encryption schemes, iO has emerged as a seemingly versatile cryptography primitive.
arXiv Detail & Related papers (2024-11-19T07:37:24Z) - The multimode conditional quantum Entropy Power Inequality and the squashed entanglement of the extreme multimode bosonic Gaussian channels [53.253900735220796]
Inequality determines the minimum conditional von Neumann entropy of the output of the most general linear mixing of bosonic quantum modes.
Bosonic quantum systems constitute the mathematical model for the electromagnetic radiation in the quantum regime.
arXiv Detail & Related papers (2024-10-18T13:59:50Z) - Revocable Encryption, Programs, and More: The Case of Multi-Copy Security [48.53070281993869]
We show the feasibility of revocable primitives, such as revocable encryption and revocable programs.
This suggests that the stronger notion of multi-copy security is within reach in unclonable cryptography.
arXiv Detail & Related papers (2024-10-17T02:37:40Z) - Simple Tests of Quantumness Also Certify Qubits [69.96668065491183]
A test of quantumness is a protocol that allows a classical verifier to certify (only) that a prover is not classical.
We show that tests of quantumness that follow a certain template, which captures recent proposals such as (Kalai et al., 2022) can in fact do much more.
Namely, the same protocols can be used for certifying a qubit, a building-block that stands at the heart of applications such as certifiable randomness and classical delegation of quantum computation.
arXiv Detail & Related papers (2023-03-02T14:18:17Z) - Revocable Cryptography from Learning with Errors [61.470151825577034]
We build on the no-cloning principle of quantum mechanics and design cryptographic schemes with key-revocation capabilities.
We consider schemes where secret keys are represented as quantum states with the guarantee that, once the secret key is successfully revoked from a user, they no longer have the ability to perform the same functionality as before.
arXiv Detail & Related papers (2023-02-28T18:58:11Z) - A Variational Quantum Attack for AES-like Symmetric Cryptography [69.80357450216633]
We propose a variational quantum attack algorithm (VQAA) for classical AES-like symmetric cryptography.
In the VQAA, the known ciphertext is encoded as the ground state of a Hamiltonian that is constructed through a regular graph.
arXiv Detail & Related papers (2022-05-07T03:15:15Z) - A general framework for the composition of quantum homomorphic
encryption \& quantum error correction [6.85316573653194]
Two essential primitives for universal, cloud-based quantum computation are quantum homomorphic encryption with information-theoretic security and quantum error correction.
We apply our framework to both discrete- and continuous-variable models for quantum computation.
arXiv Detail & Related papers (2022-04-22T02:47:07Z) - Depth-efficient proofs of quantumness [77.34726150561087]
A proof of quantumness is a type of challenge-response protocol in which a classical verifier can efficiently certify quantum advantage of an untrusted prover.
In this paper, we give two proof of quantumness constructions in which the prover need only perform constant-depth quantum circuits.
arXiv Detail & Related papers (2021-07-05T17:45:41Z) - A practical quantum encryption protocol with varying encryption
configurations [0.0]
We propose a quantum encryption protocol that utilizes a quantum algorithm to create blocks oftext ciphers based on quantum states.
The main feature of our quantum encryption protocol is that the encryption configuration of each block is determined by the previous blocks.
arXiv Detail & Related papers (2021-01-22T20:09:03Z) - A quantum encryption design featuring confusion, diffusion, and mode of
operation [0.0]
We propose a non-OTP quantum encryption scheme utilizing a quantum state creation process to encrypt messages.
As essentially a non-OTP quantum block cipher the method stands out against existing methods with the following features.
arXiv Detail & Related papers (2020-10-06T22:23:30Z) - Post-Quantum Multi-Party Computation [32.75732860329838]
We study multi-party computation for classical functionalities (in the plain model) with security against malicious-time quantum adversaries.
We assume superpolynomial quantum hardness of learning with errors (LWE), and quantum hardness of an LWE-based circular security assumption.
Along the way, we develop cryptographic primitives that may be of independent interest.
arXiv Detail & Related papers (2020-05-23T00:42:52Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.