Paper 2022/236

Characterizing the qIND-qCPA (in)security of the CBC, CFB, OFB and CTR modes of operation

Tristan Nemoz, EURECOM, Télécom ParisTech, Thales (France)
Zoé AMBLARD, Thales (France)
Aurélien DUPIN, Thales (France)

We fully characterize the post-quantum security of the \(\mathsf{CBC}\), \(\mathsf{CFB}\), \(\mathsf{OFB}\) and \(\mathsf{CTR}\) modes of operation by considering all possible notions of \(\textsf{qIND-qCPA}\) security defined by Carstens, Ebrahimi, Tabia and Unruh (TCC 2021), thus extending the work performed by Anand, Targhi, Tabia and Unruh (PQCrypto 2016). We show that the results obtained by Anand et al. for the \(\textsf{qIND-qCPA-P6}\) security of these modes carry on to the other \(\textsf{IND-qCPA}\) notions, namely the \(\textsf{qIND-qCPA-P10}\) and \(\textsf{qIND-qCPA-P11}\) ones. We also show that all of these modes are insecure according to all of the other notions, regardless of the block cipher they are used with. We also provide two general results concerning the insecurity of commonly used properties of block ciphers, namely those preserving the length of their input and those using the \(\texttt{XOR}\) operation as a way to randomize the encryption. Finally, we use these results to highlight the need for new quantum semantic security notions.

Note: The previous proof concerning the qIND-qCPA-P5 security of CBC was wrong. It has been corrected to show its qIND-qCPA-P13 insecurity. A general result about the qIND-qCPA-P5 of certain schemes has also been added.

Available format(s)
Secret-key cryptography
Publication info
Post-quantum cryptography Block ciphers Modes of operation qIND-qCPA security
Contact author(s)
nemoz @ eurecom fr
zoe amblard @ thalesgroup com
aurelien dupin @ thalesgroup com
2022-10-07: revised
2022-02-25: received
See all versions
Short URL
Creative Commons Attribution


      author = {Tristan Nemoz and Zoé AMBLARD and Aurélien DUPIN},
      title = {Characterizing the qIND-qCPA (in)security of the CBC, CFB, OFB and CTR modes of operation},
      howpublished = {Cryptology ePrint Archive, Paper 2022/236},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.