Chrome Extension
WeChat Mini Program
Use on ChatGLM

Quantum Multi-Collision Distinguishers

IACR Cryptol ePrint Arch(2021)

Cited 0|Views5
No score
Abstract
In EUROCRYPT 2020, Hosoyamada and Sasaki find differential paths with probability 2−2n/3 can be useful in quantum collision attacks, v.s. 2−n/2 for classical collision attacks. This observation led to attacks for more rounds on some AES-like hash functions. In this paper, we quantize the multi-collision distinguisher proposed by Biryukov, Khovratovich, and Nikolić at CRYPTO 2009, and propose quantum multicollision distinguishers. Compared against the tight bound 2 n 2 ⋅(1− 1 2q−1 ) for quantum multi-collision on ideal functions by Liu and Zhang in EUROCRYPT 2019, we find the probability of useful differential paths can be as low as 2−n. This leads to even more attacked rounds than both classical multi-collision distinguishers and quantum collision attacks. To demonstrate the effectiveness, we applied the attack model to AES, Rijndael, and the post-quantum block cipher design Saturnin. Distinguishing attacks are found on the full version of AES-192, AES-256, Rijndael-128-160, and Rijndael-128-224. Other results include 8-round AES-128, 11-round Rijndael-160-192, 12-round Rijndael-160-256, and 10-round Saturnin-256.
More
Translated text
AI Read Science
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined