Cryptology ePrint Archive: Report 2019/327

Quantum Distinguishing Attacks against Type-1 Generalized Feistel Ciphers

Gembu Ito and Tetsu Iwata

Abstract: A generalized Feistel cipher is one of the methods to construct block ciphers, and it has several variants. Dong, Li, and Wang showed quantum distinguishing attacks against the $(2d-1)$-round Type-1 generalized Feistel cipher with quantum chosen-plaintext attacks, where $d\ge 3$, and they also showed key recovery attacks [Dong, Li, Wang. Sci China Inf Sci, 2019, 62(2): 022501].

In this paper, we show a polynomial time quantum distinguishing attack against the $(3d-3)$-round version, i.e., we improve the number of rounds by $(d-2)$. We also show a quantum distinguishing attack against the $(d^2-d+1)$-round version in the quantum chosen-ciphertext setting. We apply these quantum distinguishing attacks to obtain key recovery attacks against Type-1 generalized Feistel ciphers.

Category / Keywords: secret-key cryptography / Generalized Feistel cipher, Simon's algorithm, Grover search, Quantum cryptanalysis

Date: received 26 Mar 2019

Contact author: tetsu iwata at nagoya-u jp

Available format(s): PDF | BibTeX Citation

Version: 20190329:131640 (All versions of this report)

Short URL: ia.cr/2019/327