Description
The Quantum Fourier Transform is a fundamental tool in quantum cryptanalysis, not only as the building block of Shor's algorithm, but also in attacks against symmetric cryptosystems. Indeed, hidden shift algorithms such as Simon's (FOCS 1994), which rely on the QFT, have been used to obtain attacks on some very specific block cipher structures. The Fourier Transform is also used in classical cryptanalysis, for example in FFT-based linear key-recovery attacks introduced by Collard et al. (ICISC 2007). Whether such techniques can be adapted to the quantum setting has remained so far an open question. In this talk, we will present a new framework for quantum linear key-recovery attacks using the QFT. These attacks loosely follow the classical method of Collard et al., but adapt it to the quantum setting. Classically, the FFT-based attack needs to compute a statistic (experimental correlation) which is higher for a good key guess, and lower for wrong guesses. The quantum attack encodes this statistic in the amplitudes of a quantum state. On some conditions, this can be used to devise new quantum key-recovery attacks which may be applicable to a broader class of ciphers.
Prochains exposés
-
Polytopes in the Fiat-Shamir with Aborts Paradigm
Orateur : Hugo Beguinet - ENS Paris / Thales
The Fiat-Shamir with Aborts paradigm (FSwA) uses rejection sampling to remove a secret’s dependency on a given source distribution. Recent results revealed that unlike the uniform distribution in the hypercube, both the continuous Gaussian and the uniform distribution within the hypersphere minimise the rejection rate and the size of the proof of knowledge. However, in practice both these[…]-
Cryptographie
-
Primitive asymétrique
-
Mode et protocole
-
-
Post-quantum Group-based Cryptography
Orateur : Delaram Kahrobaei - The City University of New York