QCB: Efficient Quantum-secure Authenticated Encryption

Ritam Bhaumik; Xavier Bonnetain; André Chailloux; Gaëtan Leurent; María Naya-Plasencia; André Schrottenloher; Yannick Seurin

Paper 2020/1304

QCB: Efficient Quantum-secure Authenticated Encryption

Ritam Bhaumik, French Institute for Research in Computer Science and Automation

Xavier Bonnetain, University of Waterloo, University of Lorraine

André Chailloux, French Institute for Research in Computer Science and Automation

Gaëtan Leurent, French Institute for Research in Computer Science and Automation

María Naya-Plasencia, French Institute for Research in Computer Science and Automation

André Schrottenloher, Centrum Wiskunde & Informatica

Yannick Seurin, ANSSI

Abstract

It was long thought that symmetric cryptography was only mildly affected by quantum attacks, and that doubling the key length was sufficient to restore security. However, recent works have shown that Simon's quantum period finding algorithm breaks a large number of MAC and authenticated encryption algorithms when the adversary can query the MAC/encryption oracle with a quantum superposition of messages. In particular, the OCB authenticated encryption mode is broken in this setting, and no quantum-secure mode is known with the same efficiency (rate-one and parallelizable). In this paper we generalize the previous attacks, show that a large class of OCB-like schemes is unsafe against superposition queries, and discuss the quantum security notions for authenticated encryption modes. We propose a new rate-one parallelizable mode named QCB inspired by TAE and OCB and prove its security against quantum superposition queries.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Published by the IACR in ASIACRYPT 2021
DOI: 10.1007/978-3-030-92062-3_23
Keywords: authenticated encryption lightweight cryptography QCB post-quantum cryptography provable security tweakable block ciphers
Contact author(s): ritam bhaumik @ epfl ch
xavier bonnetain @ inria fr
andre chailloux @ inria fr
gaetan leurent @ inria fr
maria naya_plasencia @ inria fr
andre schrottenloher @ inria fr
yannick seurin @ m4x org
History: 2022-12-27: last of 2 revisions; 2020-10-20: received; See all versions
Short URL: https://ia.cr/2020/1304
License: CC BY

BibTeX

@misc{cryptoeprint:2020/1304,
      author = {Ritam Bhaumik and Xavier Bonnetain and André Chailloux and Gaëtan Leurent and María Naya-Plasencia and André Schrottenloher and Yannick Seurin},
      title = {{QCB}: Efficient Quantum-secure Authenticated Encryption},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/1304},
      year = {2020},
      doi = {10.1007/978-3-030-92062-3_23},
      url = {https://eprint.iacr.org/2020/1304}
}