Cryptology ePrint Archive: Report 2020/1304

QCB: Efficient Quantum-secure Authenticated Encryption

Ritam Bhaumik and Xavier Bonnetain and André Chailloux and Gaëtan Leurent and María Naya-Plasencia and André Schrottenloher and Yannick Seurin

Abstract: It was long thought that symmetric cryptography was only mildly affected by quantum attacks, and that doubling the key length was sufficient to restore security. However, recent works have shown that Simon's quantum period finding algorithm breaks a large number of MAC and authenticated encryption algorithms when the adversary can query the MAC/encryption oracle with a quantum superposition of messages. In particular, the OCB authenticated encryption mode is broken in this setting, and no quantum-secure mode is known with the same efficiency (rate-one and parallelizable).

In this paper we generalize the previous attacks, show that a large class of OCB-like schemes is unsafe against superposition queries, and discuss the quantum security notions for authenticated encryption modes. We propose a new rate-one parallelizable mode named QCB inspired by TAE and OCB and prove its security against quantum superposition queries.

Category / Keywords: secret-key cryptography / authenticated encryption, lightweight cryptography, QCB, post-quantum cryptography, provable security, tweakable block ciphers

Date: received 19 Oct 2020, last revised 19 Oct 2020

Contact author: ritam bhaumik at inria fr, xbonnetain@uwaterloo ca, gaetan leurent@inria fr, maria naya_plasencia@inria fr,andre schrottenloher@inria fr,yannick seurin@m4x org

Available format(s): PDF | BibTeX Citation

Version: 20201020:062152 (All versions of this report)

Short URL: ia.cr/2020/1304


[ Cryptology ePrint archive ]