Paper 2024/1804
Quantum Chosen-Cipher Attack on Camellia
, The 15th Research Institute of China Electronic Technology Group Corporation, BeijingAbstract
The Feistel structure represents a fundamental architectural component within the domain of symmetric cryptographic algorithms, with a substantial body of research conducted within the context of classical computing environments. Nevertheless, research into specific symmetric cryptographic algorithms utilizing the Feistel structure is relatively scarce in quantum computing environments. This paper builds upon a novel 4-round distinguisher proposed by Ito et al. for the Feistel structure under the quantum chosen-ciphertext attack (qCCA) setting. It introduces a 5-round distinguisher for Camellia. The efficacy of the distinguisher has been empirically validated. Furthermore, this paper combines Grover's algorithm with Simon's algorithm, utilizing an analysis of Camellia's key scheduling characteristics to construct a 9-round key recovery attack on Camellia algorithm. The time complexity for acquiring the correct key bits is $2^{61.5}$, and it requires 531 quantum bits. This represents the inaugural chosen-ciphertext attack on Camellia under the Q2 model.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- Feistel cipherQuantum chosen-ciphertext attacksGrover's algorithmSimon's algorithmCamellia
- Contact author(s)
-
liyjwuyh @ 163 com
wq58416562 @ 163 com - History
- 2024-11-08: approved
- 2024-11-04: received
- See all versions
- Short URL
- https://ia.cr/2024/1804
- License
-
CC BY-NC-ND
BibTeX
@misc{cryptoeprint:2024/1804,
author = {Yanjun Li and Qi Wang and DingYun Huang and Jian Liu and Huiqin Xie},
title = {Quantum Chosen-Cipher Attack on Camellia},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/1804},
year = {2024},
url = {https://eprint.iacr.org/2024/1804}
}
