Cryptology ePrint Archive: Report 2017/427

Grover Meets Simon - Quantumly Attacking the FX-construction

Gregor Leander and Alexander May

Abstract: Using whitening keys is a well understood mean of increasing the key-length of any given cipher. Especially as it is known ever since Grover's seminal work that the effective key-length is reduced by a factor of two when considering quantum adversaries, it seems tempting to use this simple and elegant way of extending the key-length of a given cipher to increase the resistance against quantum adversaries. However, as we show in this work, using whitening keys does not increase the security in the quantum-CPA setting significantly. For this we present a quantum algorithm that breaks the construction with whitening keys in essentially the same time complexity as Grover's original algorithm breaks the underlying block cipher. Technically this result is based on the combination of the quantum algorithms of Grover and Simon for the first time in the cryptographic setting, which might well have other applications.

Category / Keywords: symmetric cryptography, quantum attacks, Grover's algorithm, Simon's algorithm, FX-construction

Date: received 18 May 2017, last revised 18 May 2017

Contact author: Alex may at rub de

Available format(s): PDF | BibTeX Citation

Version: 20170522:213326 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]