Paper 2020/1304

QCB: Efficient Quantum-secure Authenticated Encryption

Ritam Bhaumik, Xavier Bonnetain, André Chailloux, Gaëtan Leurent, María Naya-Plasencia, André Schrottenloher, and Yannick Seurin


It was long thought that symmetric cryptography was only mildly affected by quantum attacks, and that doubling the key length was sufficient to restore security. However, recent works have shown that Simon's quantum period finding algorithm breaks a large number of MAC and authenticated encryption algorithms when the adversary can query the MAC/encryption oracle with a quantum superposition of messages. In particular, the OCB authenticated encryption mode is broken in this setting, and no quantum-secure mode is known with the same efficiency (rate-one and parallelizable). In this paper we generalize the previous attacks, show that a large class of OCB-like schemes is unsafe against superposition queries, and discuss the quantum security notions for authenticated encryption modes. We propose a new rate-one parallelizable mode named QCB inspired by TAE and OCB and prove its security against quantum superposition queries.

Available format(s)
Secret-key cryptography
Publication info
Preprint. MINOR revision.
authenticated encryptionlightweight cryptographyQCBpost-quantum cryptographyprovable securitytweakable block ciphers
Contact author(s)
ritam bhaumik @ inria fr
xbonnetain @ uwaterloo ca
gaetan leurent @ inria fr
maria naya_plasencia @ inria fr
andre schrottenloher @ inria fr
yannick seurin @ m4x org
2021-03-19: revised
2020-10-20: received
See all versions
Short URL
Creative Commons Attribution


      author = {Ritam Bhaumik and Xavier Bonnetain and André Chailloux and Gaëtan Leurent and María Naya-Plasencia and André Schrottenloher and Yannick Seurin},
      title = {QCB: Efficient Quantum-secure Authenticated Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1304},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.