Paper 2023/1157

Quantum Cryptanalysis of OTR and OPP: Attacks on Confidentiality, and Key-Recovery

Melanie Jauch, ETH Zurich
Varun Maram, ETH Zurich
Abstract

In this paper, we analyze the security of authenticated encryption modes OTR (Minematsu, Eurocrypt 2014) and OPP (Granger, Jovanovic, Mennink, and Neves, Eurocrypt 2016) in a setting where an adversary is allowed to make encryption queries in quantum superposition. Starting with OTR -- or more technically, AES-OTR, a third-round CAESAR candidate -- we extend prior quantum attacks on the mode's unforgeability in the literature to provide the first attacks breaking confidentiality, i.e., IND-qCPA security, of AES-OTR in different settings depending on how the associated data is processed. On a technical level, one of our IND-qCPA attacks involves querying the quantum encryption oracle on a superposition of data with unequal length; to the best of our knowledge, such an attack has never been modelled before in the (post-)quantum cryptographic literature, and we hence believe our technique is of independent interest. Coming to OPP, we present the first key-recovery attack against the scheme which uses only a single quantum encryption query.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. SAC 2023
Keywords
AES-OTROPPAuthenticated EncryptionIND-qCPA SecurityKey-RecoverySimon's AlgorithmDeutsch's Algorithm
Contact author(s)
mjauch @ student ethz ch
vmaram @ inf ethz ch
History
2023-07-27: approved
2023-07-27: received
See all versions
Short URL
https://ia.cr/2023/1157
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1157,
      author = {Melanie Jauch and Varun Maram},
      title = {Quantum Cryptanalysis of {OTR} and {OPP}: Attacks on Confidentiality, and Key-Recovery},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1157},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1157}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.