**Quantum Algorithms for Boolean Equation Solving and Quantum Algebraic Attack on Cryptosystems**

*Yu-Ao Chen and Xiao-Shan Gao*

**Abstract: **Decision of whether a Boolean equation system has a solution is an NPC problem and finding a solution is NP hard. In this paper, we present a quantum algorithm to decide whether a Boolean equation system F has a solution and compute one if F does have solutions with any given success probability. The complexity of the algorithm is polynomial in the size of F and the condition number of F. As a consequence, we have achieved exponential speedup for solving sparse Boolean equation systems if their condition numbers are small. We apply the quantum algorithm to the cryptanalysis of the stream cipher Trivum, the block cipher AES, the hash function SHA-3/Keccak, and the multivariate public key cryptosystems, and show that they are secure under quantum algebraic attack only if the condition numbers of the corresponding equation systems are large.

**Category / Keywords: **foundations / quantum algorithm, Boolean equation solving, quantum algebraic attac

**Date: **received 1 Jan 2018

**Contact author: **xgao at mmrc iss ac cn

**Available format(s): **PDF | BibTeX Citation

**Note: **The paper is on arXiv 1712.06239.

**Version: **20180102:175425 (All versions of this report)

**Short URL: **ia.cr/2018/008

**Discussion forum: **Show discussion | Start new discussion

[ Cryptology ePrint archive ]