Paper 2025/411
Security of the Ascon Authenticated Encryption Mode in the Presence of Quantum Adversaries
, Bauhaus University, Weimar, Bauhaus University, Weimar, Radboud University Nijmegen, Indian Statistical InstituteAbstract
We examine the post-quantum security of the Ascon authenticated encryption (AE) mode. In spite of comprehensive research of Ascon's classical security, the potential impact of quantum adversaries on Ascon has not yet been explored much. We investigate the generic security of the Ascon AE mode in the setting where the adversary owns a quantum computer to improve its attack, while the adversarial encryption or decryption queries are still classical. In this so-called Q1 model, Ascon achieves security up to approximately $\min\{2^{c/3},2^{k/2}\}$ evaluations, where $c$ is the capacity, $k$ the key size, and the adversary is block-wise adaptive but restricted to one forgery attempt. Our technique is based on applying the semi-classical one-way to hiding (O2H) lemma, and on tailoring the puncture set to the Ascon mode. Additionally, we discuss different parameter choices for Ascon and compare our results to generic quantum attacks, such as Grover-based key search and state recovery.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Preprint.
- Keywords
- post-quantum securitylightweight cryptographyAsconauthenticated encryption
- Contact author(s)
-
nathalie lang @ uni-weimar de
stefan lucks @ uni-weimar de
b mennink @ cs ru nl
suprita45 @ gmail com - History
- 2025-03-04: approved
- 2025-03-04: received
- See all versions
- Short URL
- https://ia.cr/2025/411
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/411,
author = {Nathalie Lang and Stefan Lucks and Bart Mennink and Suprita Talnikar},
title = {Security of the Ascon Authenticated Encryption Mode in the Presence of Quantum Adversaries},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/411},
year = {2025},
url = {https://eprint.iacr.org/2025/411}
}
