A new quantum cryptanalysis method on block cipher Camellia
Abstract Symmetric cryptography is expected to be quantum safe when long‐term security is needed. Kuwakado and Morii gave a 3‐round quantum distinguisher of the Feistel cipher based on Simon's algorithm. However, the quantum distinguisher without considering the specific structure of the round...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi-IET
2021-11-01
|
| Series: | IET Information Security |
| Subjects: | |
| Online Access: | https://doi.org/10.1049/ise2.12037 |
| _version_ | 1797428876236816384 |
|---|---|
| author | Yanjun Li Hao Lin Meng Liang Ying Sun |
| author_facet | Yanjun Li Hao Lin Meng Liang Ying Sun |
| author_sort | Yanjun Li |
| collection | DOAJ |
| description | Abstract Symmetric cryptography is expected to be quantum safe when long‐term security is needed. Kuwakado and Morii gave a 3‐round quantum distinguisher of the Feistel cipher based on Simon's algorithm. However, the quantum distinguisher without considering the specific structure of the round function is not accurate enough. A new quantum cryptanalysis method for Feistel structure is studied here. It can make full use of the specific structure of the round function. The properties of Camellia round function and its linear transformation P are taken into account, and a 5‐round quantum distinguisher is proposed. Then, the authors follow a key‐recovery attack framework by Leander and May, that is, Grover‐meet‐Simon algorithm, and give a quantum key‐recovery attack on 7‐round Camellia in Q2 model with the time complexity of 224. It is the very first time that the specific structure of the round function is used to improve quantum attack on Camellia. |
| first_indexed | 2024-03-09T09:05:11Z |
| format | Article |
| id | doaj.art-7f3ae0ce2ee34a2a9a11c8ed880c4441 |
| institution | Directory Open Access Journal |
| issn | 1751-8709 1751-8717 |
| language | English |
| last_indexed | 2024-03-09T09:05:11Z |
| publishDate | 2021-11-01 |
| publisher | Hindawi-IET |
| record_format | Article |
| series | IET Information Security |
| spelling | doaj.art-7f3ae0ce2ee34a2a9a11c8ed880c44412023-12-02T10:41:15ZengHindawi-IETIET Information Security1751-87091751-87172021-11-0115648749510.1049/ise2.12037A new quantum cryptanalysis method on block cipher CamelliaYanjun Li0Hao Lin1Meng Liang2Ying Sun3Department of Cryptography and Technology Beijing Electronic Science and Technology Institute Beijing ChinaDepartment of Cryptography and Technology Beijing Electronic Science and Technology Institute Beijing ChinaDepartment of Cryptography and Technology Beijing Electronic Science and Technology Institute Beijing ChinaDepartment of Cryptography and Technology Beijing Electronic Science and Technology Institute Beijing ChinaAbstract Symmetric cryptography is expected to be quantum safe when long‐term security is needed. Kuwakado and Morii gave a 3‐round quantum distinguisher of the Feistel cipher based on Simon's algorithm. However, the quantum distinguisher without considering the specific structure of the round function is not accurate enough. A new quantum cryptanalysis method for Feistel structure is studied here. It can make full use of the specific structure of the round function. The properties of Camellia round function and its linear transformation P are taken into account, and a 5‐round quantum distinguisher is proposed. Then, the authors follow a key‐recovery attack framework by Leander and May, that is, Grover‐meet‐Simon algorithm, and give a quantum key‐recovery attack on 7‐round Camellia in Q2 model with the time complexity of 224. It is the very first time that the specific structure of the round function is used to improve quantum attack on Camellia.https://doi.org/10.1049/ise2.12037quantum cryptography |
| spellingShingle | Yanjun Li Hao Lin Meng Liang Ying Sun A new quantum cryptanalysis method on block cipher Camellia IET Information Security quantum cryptography |
| title | A new quantum cryptanalysis method on block cipher Camellia |
| title_full | A new quantum cryptanalysis method on block cipher Camellia |
| title_fullStr | A new quantum cryptanalysis method on block cipher Camellia |
| title_full_unstemmed | A new quantum cryptanalysis method on block cipher Camellia |
| title_short | A new quantum cryptanalysis method on block cipher Camellia |
| title_sort | new quantum cryptanalysis method on block cipher camellia |
| topic | quantum cryptography |
| url | https://doi.org/10.1049/ise2.12037 |
| work_keys_str_mv | AT yanjunli anewquantumcryptanalysismethodonblockciphercamellia AT haolin anewquantumcryptanalysismethodonblockciphercamellia AT mengliang anewquantumcryptanalysismethodonblockciphercamellia AT yingsun anewquantumcryptanalysismethodonblockciphercamellia AT yanjunli newquantumcryptanalysismethodonblockciphercamellia AT haolin newquantumcryptanalysismethodonblockciphercamellia AT mengliang newquantumcryptanalysismethodonblockciphercamellia AT yingsun newquantumcryptanalysismethodonblockciphercamellia |