Paper 2024/513

Quantum Implementation and Analysis of SHA-2 and SHA-3

Kyungbae Jang, Hansung University
Sejin Lim, Hansung University
Yujin Oh, Hansung University
Hyunjun Kim, Hansung University
Anubhab Baksi, Nanyang Technological University
Sumanta Chakraborty, Techno International New Town
Hwajeong Seo, Hansung University

Quantum computers have the potential to solve hard problems that are nearly impossible to solve by classical computers, this has sparked a surge of research to apply quantum technology and algorithm against the cryptographic systems to evaluate for its quantum resistance. In the process of selecting post-quantum standards, NIST categorizes security levels based on the complexity that quantum computers would require to crack AES encryption (levels 1, 3 and 5) and SHA-2 or SHA-3 (levels 2 and 4). In assessing the security strength of cryptographic algorithms against quantum threats, accurate predictions of quantum resources are crucial. Following the work of Jaques et al. in Eurocrypt 2020, NIST estimated security levels 1, 3, and 5, corresponding to quantum circuit size for finding the key for AES-128, AES-192, and AES-256, respectively. This work has been recently followed-up by Huang et al. (Asiacrypt'22) and Liu et al. (Asiacrypt'23) among others; though the most up-to-date results are available in the work by Jang et al. (ePrint'22). However, for levels 2 and 4, which relate to the collision finding for the SHA-2 and SHA-3 hash functions, quantum attack complexities are probably not well-studied. In this paper, we present novel techniques for optimizing the quantum circuit implementations for SHA-2 and SHA-3 algorithms in all the categories specified by NIST. After that, we evaluate the quantum circuits of target cryptographic hash functions for quantum collision search. Finally, we define the quantum attack complexity for levels 2 and 4, and comment on the security strength of the extended level. We present new concepts to optimize the quantum circuits at the component level and the architecture level.

Available format(s)
Publication info
Quantum CircuitQuantum Collision SearchSHA-2SHA-3NIST Post Quantum CryptographyQuantum Security Levels
Contact author(s)
starj1023 @ gmail com
dlatpwls834 @ gmail com
oyj0922 @ gmail com
khj930704 @ gmail com
anubhab baksi @ ntu edu sg
sumanta_phd21 @ iiitkalyani ac in
hwajeong84 @ gmail com
2024-04-23: last of 7 revisions
2024-04-01: received
See all versions
Short URL
No rights reserved


      author = {Kyungbae Jang and Sejin Lim and Yujin Oh and Hyunjun Kim and Anubhab Baksi and Sumanta Chakraborty and Hwajeong Seo},
      title = {Quantum Implementation and Analysis of SHA-2 and SHA-3},
      howpublished = {Cryptology ePrint Archive, Paper 2024/513},
      year = {2024},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.