Improved Quantum Rebound Attacks on Double Block Length Hashing with Round-Reduced AES-256 and ARIA-256

Authors

  • Dongjae Lee Department of Convergence Security, Kangwon National University, Chuncheon, Republic of Korea
  • Seokhie Hong School of Cybersecurity, Korea University, Seoul, Republic of Korea

DOI:

https://doi.org/10.46586/tosc.v2024.i3.238-265

Keywords:

Quantum cryptanalysis, Quantum Rebound Attack, Nested Quantum Amplitude Amplification, Quantum State Preparation

Abstract

At EUROCRYPT 2020, Hosoyamada and Sasaki proposed the first dedicated quantum collision attacks on hash functions. Their proposal presented a quantum adaptation of the rebound attack and revealed that differential trails, which have too low probability for use in classical settings, might be exploitable in quantum settings. After their work, subsequent research has actively delved into analyzing the security of hash functions in the quantum setting.
In this paper, we revisit the quantum rebound attacks on the double block hash function Hirose instantiated with 10-round AES-256 (HCF-AES-256) and 7-round ARIA-256 (HCF-ARIA-256) proposed by Chauhan et al. and Baek et al., respectively. Initially, we identify the flaws in their work and reevaluate the complexity of the attacks. We reveal that the flaws stem from not considering the issue that the S-box differential equation has one solution on average. Earlier research addressed this problem by adding auxiliary bits to the search space. If this method is used to correct the flaws, the resulting time complexities are 217.36 and 220.94 times higher than their proposals. Consequently, in some settings, their attacks become less efficient than generic attacks.
Subsequently, we propose improved quantum rebound attacks using nested quantum amplitude amplification and quantum state preparation. Our improved attack efficiently pre-filters the search space, leading to a reduction in overall time complexity. We first classically reduce the search space and employ quantum state preparation to generate a superposition state over the pre-filtered search space. We then use nested quantum amplitude amplification to further reduce the search space quantumly. As a result, we achieve a reduction in the time complexity of the quantum rebound attacks on HCF-AES-256 and HCF-ARIA-256 by factors of 211.2 and 219.5, respectively, making the attacks more efficient than generic attacks again.

Downloads

Published

2024-09-06

Issue

Vol. 2024 No. 3

Section

Articles

License

Copyright (c) 2024 Dongjae Lee, Seokhie Hong

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

Improved Quantum Rebound Attacks on Double Block Length Hashing with Round-Reduced AES-256 and ARIA-256. (2024). IACR Transactions on Symmetric Cryptology, 2024(3), 238-265. https://doi.org/10.46586/tosc.v2024.i3.238-265