Joseph Jaeger,Fang Song,Stefano Tessaro

DOI: https://doi.org/10.48550/arXiv.2105.01242

2021-10-23

Abstract:Should quantum computers become available, they will reduce the effective key length of basic secret-key primitives, such as blockciphers. To address this we will either need to use blockciphers which inherently have longer keys or use key-length extension techniques which employ a blockcipher to construct a more secure blockcipher that uses longer keys. We consider the latter approach and revisit the FX and double encryption constructions. Classically, FX is known to be secure, while double encryption is no more secure than single encryption due to a meet-in-the-middle attack. We provide positive results, with concrete and tight bounds, for both of these constructions against quantum attackers in ideal models. For FX, we consider a partially-quantum model, where the attacker has quantum access to the ideal primitive, but only classic access to FX. We provide two results for FX in this model. The first establishes the security of FX against non-adaptive attackers. The second establishes security against general adaptive attacks for a variant of FX using a random oracle in place of an ideal cipher. This result relies on the techniques of Zhandry (CRYPTO '19) for lazily sampling a quantum random oracle. An extension to perfectly lazily sampling a quantum random permutation, which would help resolve the adaptive security of standard FX, is an important but challenging open question. We introduce techniques for partially-quantum proofs without relying on analyzing the classical and quantum oracles separately, which is common in existing work. This may be of broader interest. For double encryption we apply a technique of Tessaro and Thiruvengadam (TCC '18) to establish that security reduces to the difficulty of solving the list disjointness problem, which we are able to reduce through a chain of results to the known quantum difficulty of the element distinctness problem.

Quantum Physics,Cryptography and Security

Akinori Kawachi,Christopher Portmann

DOI: https://doi.org/10.48550/arXiv.0808.2869

2008-08-21

Quantum Physics

Abstract:The standard definition of quantum state randomization, which is the quantum analog of the classical one-time pad, consists in applying some transformation to the quantum message conditioned on a classical secret key $k$. We investigate encryption schemes in which this transformation is conditioned on a quantum encryption key state $\rho_k$ instead of a classical string, and extend this symmetric-key scheme to an asymmetric-key model in which copies of the same encryption key $\rho_k$ may be held by several different people, but maintaining information-theoretical security. We find bounds on the message size and the number of copies of the encryption key which can be safely created in these two models in terms of the entropy of the decryption key, and show that the optimal bound can be asymptotically reached by a scheme using classical encryption keys. This means that the use of quantum states as encryption keys does not allow more of these to be created and shared, nor encrypt larger messages, than if these keys are purely classical.

Randy Kuang,Michel Barbeau

DOI: https://doi.org/10.1007/s11128-022-03557-y

IF: 1.965

2022-06-01

Quantum Information Processing

Abstract:Classical cryptographic techniques are currently under the growing quantum computing threat. New techniques that quantum computing algorithms cannot break are urgently needed. We present such an encryption method. It builds upon quantum permutation logic gates or quantum permutation pads. It is universal in that it can be equally employed on classical computers, today’s Internet, and the upcoming quantum Internet. While the cryptographic technique is formulated in a quantum computing framework, it does not rely on physical properties uniquely present at the quantum level, such as no-cloning or entanglement of data. It achieves with today’s technology a level of security comparable to what will be possible to attain with tomorrow’s quantum technology. The mathematics behind the cryptographic technique, quantum representations of a symmetric group over a computational basis, is surprisingly simple. However, the challenge faced by an adversary wishing to break the code is intractable and uninterpretable, a property of Shannon’s perfect secrecy. We believe that the cryptographic technique presented in this article can be used in several different ways and modes. It can be integrated into numerous current Internet protocols, or the Internet of Things, making them quantum safe. In addition, it can be used to transition to the upcoming Internet quantum technology smoothly.

physics, multidisciplinary,quantum science & technology, mathematical

Junbin Fang,Zoe L. Jiang,S. M. Yiu,Lucas C. K. Hui,Zichen Li

DOI: https://doi.org/10.1117/12.853234

2010-01-01

Abstract:In quantum cryptography, the key can be directly distributed to the communicating parties through the communication channel. The security is guaranteed by the quantum properties of the channel. However, the transmitted key may contain errors due to the noise of the channel. Key integrity verification is an indispensable step in quantum cryptography and becomes an important problem in higher speed systems. Computing only one hash value for the key string does not provide an effective solution as it may lead to dropping all the bits once the hash values on both sides do not agree. In this paper, we introduce a new idea of using the technique of combinatorial group testing, which seems to be an unrelated topic, to design a scheme to identify the error bits to avoid dropping all the bits. Our scheme can precisely locate the error bits if the number of error bits is within the maximum set by the scheme while the overhead is insignificant based on our experiments (additional bits: 0.1% of the key; time for computing the hash values: 16ms; verification time: 22 ms). Also, even if the number of error bits is higher than the maximum set by the scheme, only some correct bits may be misclassified as error bits but not the vice versa. The results show that we can still keep the majority of the correct bits (e.g. the bits discarded due to misclassification is only 5% of the whole string even if the number of error bits is 10 times of the maximum).

Zixuan Hu,Sabre Kais

DOI: https://doi.org/10.1038/s41598-021-03241-8

IF: 4.6

2021-12-01

Scientific Reports

Abstract:Abstract Quantum cryptography—the application of quantum information processing and quantum computing techniques to cryptography has been extensively investigated. Two major directions of quantum cryptography are quantum key distribution (QKD) and quantum encryption, with the former focusing on secure key distribution and the latter focusing on encryption using quantum algorithms. In contrast to the success of the QKD, the development of quantum encryption algorithms is limited to designs of mostly one-time pads (OTP) that are unsuitable for most communication needs. In this work we propose a non-OTP quantum encryption design utilizing a quantum state creation process to encrypt messages. As essentially a non-OTP quantum block cipher the method stands out against existing methods with the following features: 1. complex key-ciphertext relation (i.e. confusion) and complex plaintext-ciphertext relation (i.e. diffusion); 2. mode of operation design for practical encryption on multiple blocks. These features provide key reusability and protection against eavesdropping and standard cryptanalytic attacks.

multidisciplinary sciences

Renato Renner,Ramona Wolf

DOI: https://doi.org/10.2514/1.J062267

IF: 2.624

2023-02-02

AIAA Journal

Abstract:Ever since its inception, cryptography has been caught in a vicious circle: Cryptographers keep inventing methods to hide information, and cryptanalysts break them, prompting cryptographers to invent even more sophisticated encryption schemes, and so on. But could it be that quantum information technology breaks this circle? At first sight, it looks as if it just lifts the competition between cryptographers and cryptanalysts to the next level. Indeed, quantum computers will render most of today’s public key cryptosystems insecure. Nonetheless, there are good reasons to believe that cryptographers will ultimately prevail over cryptanalysts. Quantum cryptography allows us to build communication schemes whose secrecy relies only on the laws of physics and some minimum assumptions about the cryptographic hardware—leaving basically no room for an attack. While we are not yet there, this paper provides an overview of the principles and state-of-the-art of quantum cryptography, as well as an assessment of current challenges and prospects for overcoming them.

engineering, aerospace

Si-Hui Tan,Joshua A Kettlewell,Yingkai Ouyang,Lin Chen,Joseph F Fitzsimons

DOI: https://doi.org/10.1038/srep33467

2016-09-23

Abstract:Encryption schemes often derive their power from the properties of the underlying algebra on the symbols used. Inspired by group theoretic tools, we use the centralizer of a subgroup of operations to present a private-key quantum homomorphic encryption scheme that enables a broad class of quantum computation on encrypted data. The quantum data is encoded on bosons of distinct species in distinct spatial modes, and the quantum computations are manipulations of these bosons in a manner independent of their species. A particular instance of our encoding hides up to a constant fraction of the information encrypted. This fraction can be made arbitrarily close to unity with overhead scaling only polynomially in the message length. This highlights the potential of our protocol to hide a non-trivial amount of information, and is suggestive of a large class of encodings that might yield better security.

Liucai Wang,Guoliang Shentu,Jian Wang,J. Pelc,Cheng-Zhi Peng,Qiang Zhang

2013-01-01

Abstract:Quantum cryptography holds promise for communication schemes that are, in theory, perfectly secure. But in the last few years, hackers have exploited security loopholes to crack some of the most sophisticated quantum encryption systems. Fortunately, two new papers in Physical Review Letters, one by Allison Rubenok, at the Institute for Quantum Science & Technology in Calgary, Canada, and colleagues [1] and the other by Yang Liu, at the Hefei National Laboratory for Physical Sciences and the University of Science and Technology of China, and colleagues [2] now report a new quantum encryption method that can remove the weakest link of quantum encryption schemes: loopholes associated with defects of the photodetectors used at the receiver end. Code makers have now regained the upper hand against code breakers.

Govindu Surla,R. Lakshmi,Surla, Govindu,Lakshmi, R.

DOI: https://doi.org/10.1007/s11082-023-05518-w

IF: 3

2023-11-02

Optical and Quantum Electronics

Abstract:Data and information secrecy during storage or transmission has been preserved through the use of cryptography. Consequently, cryptography studies have also progressed from traditional Caesar cipher to the existing cryptographic protocols depending on quantum computing, starting with the latest modular arithmetic-based cryptosystems. The strength of modular arithmetic ciphers lies in the fact that they are computationally difficult to break, but with the advent of quantum computing, even these issues can be cracked with in polynomial time. Research on post-quantum cryptography began in response to this danger, with the goal of creating post-quantum algorithms that are immune to quantum computing. However, cryptographic methods confront a number of other problems, including, but not limited to, availability, integrity, and vulnerability. Despite the researchers' successes, security is still a major issue for Quantum Computing. Because of its many advantages, cyberspace has quickly become the most common medium for disseminating information. Because of the exponential growth of science and technology, notably quantum computers, cyber security is now the top priority for the Internet and other wireless systems. The fundamental goal of this work is to create a Hybrid Quantum Cryptosystem that can be implemented in Wireless Body Sensor Networks. Using a series of comparisons with existing algorithms, we will determine how well our suggested hybrid algorithm operates in terms of key length, key generation time, decryption and encryption timings, and overall speed. The proposed approach attains 10.3 minimal rate of error, which outperforms the existing state-of-art techniques.

engineering, electrical & electronic,optics,quantum science & technology

Daniel J. Lum,M. S. Allman,Thomas Gerrits,Cosmo Lupo,Varun B. Verma,Seth Lloyd,Sae Woo Nam,John C. Howell

DOI: https://doi.org/10.48550/arXiv.1605.06556

2016-05-20

Quantum Physics

Abstract:Claude Shannon proved in 1949 that information-theoretic-secure encryption is possible if the encryption key is used only once, is random, and is at least as long as the message itself. Notwithstanding, when information is encoded in a quantum system, the phenomenon of quantum data locking allows one to encrypt a message with a shorter key and still provide information-theoretic security. We present one of the first feasible experimental demonstrations of quantum data locking for direct communication and propose a scheme for a quantum enigma machine that encrypts 6 bits per photon (containing messages, new encryption keys, and forward error correction bits) with less than 6 bits per photon of encryption key while remaining information-theoretically secure.

Paul Staat,Meik Dörpinghaus,Azadeh Sheikholeslami,Christof Paar,Gerhard Fettweis,Dennis Goeckel

2024-12-18

Abstract:Today's information society relies on cryptography to achieve security goals such as confidentiality, integrity, authentication, and non-repudiation for digital communications. Here, public-key cryptosystems play a pivotal role to share encryption keys and create digital signatures. However, quantum computers threaten the security of traditional public-key cryptosystems as they can tame computational problems underlying the schemes, i.e., discrete logarithm and integer factorization. The prospective arrival of capable-enough quantum computers already threatens today's secret communication in terms of their long-term secrecy when stored to be later decrypted. Therefore, researchers strive to develop and deploy alternative schemes. In this work, evaluate a key exchange protocol based on combining public-key schemes with physical-layer security, anticipating the prospect of quantum attacks. If powerful quantum attackers cannot immediately obtain private keys, legitimate parties have a window of short-term secrecy to perform a physical-layer jamming key exchange (JKE) to establish a long-term shared secret. Thereby, the protocol constraints the computation time available to the attacker to break the employed public-key cryptography. In this paper, we outline the protocol, discuss its security, and point out challenges to be resolved.

Cryptography and Security

Valeria A. Pastushenko,Dmitry A. Kronberg

DOI: https://doi.org/10.3390/e25060956

2023-06-21

Abstract:Security of quantum key distribution (QKD) protocols relies solely on quantum physics laws, namely, on the impossibility to distinguish between non-orthogonal quantum states with absolute certainty. Due to this, a potential eavesdropper cannot extract full information from the states stored in their quantum memory after an attack despite knowing all the information disclosed during classical post-processing stages of QKD. Here, we introduce the idea of encrypting classical communication related to error-correction in order to decrease the amount of information available to the eavesdropper and hence improve the performance of quantum key distribution protocols. We analyze the applicability of the method in the context of additional assumptions concerning the eavesdropper's quantum memory coherence time and discuss the similarity of our proposition and the quantum data locking (QDL) technique.

Quantum Physics

Gorjan Alagic,Anne Broadbent,Bill Fefferman,Tommaso Gagliardoni,Christian Schaffner,Michael St. Jules

DOI: https://doi.org/10.48550/arXiv.1602.01441

2016-02-03

Quantum Physics

Abstract:Quantum-mechanical devices have the potential to transform cryptography. Most research in this area has focused either on the information-theoretic advantages of quantum protocols or on the security of classical cryptographic schemes against quantum attacks. In this work, we initiate the study of another relevant topic: the encryption of quantum data in the computational setting. In this direction, we establish quantum versions of several fundamental classical results. First, we develop natural definitions for private-key and public-key encryption schemes for quantum data. We then define notions of semantic security and indistinguishability, and, in analogy with the classical work of Goldwasser and Micali, show that these notions are equivalent. Finally, we construct secure quantum encryption schemes from basic primitives. In particular, we show that quantum-secure one-way functions imply IND-CCA1-secure symmetric-key quantum encryption, and that quantum-secure trapdoor one-way permutations imply semantically-secure public-key quantum encryption.

Rakesh Saini,Bikash K. Behera,Saif Al-Kuwari,Ahmed Farouk

2024-03-26

Abstract:Cryptography plays an important role in ensuring data security and authentication within information processing systems. As the prevalence of digital imagery continues to grow, safeguarding this form of data becomes increasingly crucial. However, existing security protocols, reliant on complex mathematical models, exhibit vulnerabilities in effectively protecting information from both internal and external threats. Moreover, the forthcoming advent of quantum computing poses a significant challenge, as it could decrypt data encrypted by classical. In this paper, we propose an efficient implementation scheme for a quantum image encryption algorithm combining the generalized affine transform and logistic map. We evaluated developed quantum circuits using qiskit and quantum devices to validate the encryption technique. Through comprehensive performance analysis, we have demonstrated the efficiency of the chosen encryption algorithm across various criteria. Furthermore, we introduce a hybrid methodology aimed at mitigating circuit complexity and reducing quantum cost. Leveraging the Espresso algorithm and incorporating an ancilla qubit into the circuitry, we achieve a remarkable 50\% reduction in cost while maintaining security and efficiency. Finally, we conducted robustness and security analyses to assess the resilience of our encryption method against diverse noise attacks. The results confirm that our proposed quantum image encryption technique provides a secure solution and offers precise and measurable quantum image processing capabilities.

Quantum Physics

Gorjan Alagic,Stacey Jeffery,Maris Ozols,Alexander Poremba

DOI: https://doi.org/10.3390/cryptography4010010

2019-06-24

Abstract:Large-scale quantum computing is a significant threat to classical public-key cryptography. In strong "quantum access" security models, numerous symmetric-key cryptosystems are also vulnerable. We consider classical encryption in a model which grants the adversary quantum oracle access to encryption and decryption, but where the latter is restricted to non-adaptive (i.e., pre-challenge) queries only. We define this model formally using appropriate notions of ciphertext indistinguishability and semantic security (which are equivalent by standard arguments) and call it QCCA1 in analogy to the classical CCA1 security model. Using a bound on quantum random-access codes, we show that the standard PRF- and PRP-based encryption schemes are QCCA1-secure when instantiated with quantum-secure primitives. We then revisit standard IND-CPA-secure Learning with Errors (LWE) encryption and show that leaking just one quantum decryption query (and no other queries or leakage of any kind) allows the adversary to recover the full secret key with constant success probability. In the classical setting, by contrast, recovering the key uses a linear number of decryption queries, and this is optimal. The algorithm at the core of our attack is a (large-modulus version of) the well-known Bernstein-Vazirani algorithm. We emphasize that our results should *not* be interpreted as a weakness of these cryptosystems in their stated security setting (i.e., post-quantum chosen-plaintext secrecy). Rather, our results mean that, if these cryptosystems are exposed to chosen-ciphertext attacks (e.g., as a result of deployment in an inappropriate real-world setting) then quantum attacks are even more devastating than classical ones.

Quantum Physics,Cryptography and Security

Dana Sairangazhykyzy Amirkhanova,Maksim Iavich,Orken Mamyrbayev

DOI: https://doi.org/10.3390/cryptography8030031

2024-07-08

Cryptography

Abstract:Modern technologies like quantum and cloud computing have reshaped computing, offering immense power and scalability. While beneficial, they also challenge the security of traditional cryptographic systems. Quantum computing threatens RSA and ECC with algorithms like Shor’s algorithm, which can accelerate computations exponentially. This risks exposing these systems to attacks, necessitating quantum-resistant cryptography. Cloud computing poses data security concerns, requiring robust cryptographic mechanisms and access controls. Lattice-based cryptography, leveraging problems like the Short Integer Solution (SIS), emerges as a solution. This paper presents a novel quantum-resistant public key encryption scheme based on ElGamal and SIS, ensuring security against quantum and classical threats in modern cryptographic environments.

Pierre-Augustin Berthet

2024-09-24

Abstract:Due to developments in quantum computing, classical asymmetric cryptography is at risk of being breached. Consequently, new Post-Quantum Cryptography (PQC) primitives using lattices are studied. Another point of scrutiny is the resilience of these new primitives to Side Channel Analysis (SCA), where an attacker can study physical leakages. In this work we discuss a SCA vulnerability due to the ciphertext malleability of some PQC primitives exposed by a work from Ravi et al. We propose a novel countermeasure to this vulnerability exploiting the same ciphertext malleability and discuss its practical application to several PQC primitives. We also extend the seminal work of Ravi et al. by detailling their attack on the different security levels of a post-quantum Key Encapsulation Mechanism (KEM), namely FrodoKEM.

Cryptography and Security

Francesco Mazzoncini,Balthazar Bauer,Peter Brown,Romain Alléaume

2023-11-27

Abstract:We introduce an explicit construction for a key distribution protocol in the Quantum Computational Timelock (QCT) security model, where one assumes that computationally secure encryption may only be broken after a time much longer than the coherence time of available quantum memories. Taking advantage of the QCT assumptions, we build a key distribution protocol called HM-QCT from the Hidden Matching problem for which there exists an exponential gap in one-way communication complexity between classical and quantum strategies. We establish that the security of HM-QCT against arbitrary i.i.d. attacks can be reduced to the difficulty of solving the underlying Hidden Matching problem with classical information. Legitimate users, on the other hand, can use quantum communication, which gives them the possibility of sending multiple copies of the same quantum state while retaining an information advantage. This leads to an everlasting secure key distribution scheme over $n$ bosonic modes. Such a level of security is unattainable with purely classical techniques. Remarkably, the scheme remains secure with up to $\mathcal{O}\big( \frac{\sqrt{n}}{\log(n)}\big)$ input photons for each channel use, extending the functionalities and potentially outperforming QKD rates by several orders of magnitudes.

Quantum Physics

Xiaoyang Dong,Bingyou Dong,Xiaoyun Wang

DOI: https://doi.org/10.1007/s10623-020-00741-y

2020-03-09

Abstract:Post-quantum cryptography has attracted much attention from worldwide cryptologists. However, most research works are related to public-key cryptosystem due to Shor's attack on RSA and ECC ciphers. At CRYPTO 2016, Kaplan et al. showed that many secret-key (symmetric) systems could be broken using a quantum period finding algorithm, which encouraged researchers to evaluate symmetric systems against quantum attackers. In this paper, we continue to study symmetric ciphers against quantum attackers. First, we convert the classical advanced slide attacks (introduced by Biryukov and Wagner) to a quantum one, that gains an exponential speed-up in time complexity. Thus, we could break 2/4K-Feistel and 2/4K-DES in polynomial time. Second, we give a new quantum key-recovery attack on full-round GOST, which is a Russian standard, with <span class="mathjax-tex">\(2^{114.8}\)</span> quantum queries of the encryption process, faster than a quantum brute-force search attack by a factor of <span class="mathjax-tex">\(2^{13.2}\)</span>.

Marc Kaplan,Gaëtan Leurent,Anthony Leverrier,María Naya-Plasencia

DOI: https://doi.org/10.13154/tosc.v2016.i1.71-94

2017-03-07

Abstract:Quantum computers, that may become available one day, would impact many scientific fields, most notably cryptography since many asymmetric primitives are insecure against an adversary with quantum capabilities. Cryptographers are already anticipating this threat by proposing and studying a number of potentially quantum-safe alternatives for those primitives. On the other hand, symmetric primitives seem less vulnerable against quantum computing: the main known applicable result is Grover's algorithm that gives a quadratic speed-up for exhaustive search. In this work, we examine more closely the security of symmetric ciphers against quantum attacks. Since our trust in symmetric ciphers relies mostly on their ability to resist cryptanalysis techniques, we investigate quantum cryptanalysis techniques. More specifically, we consider quantum versions of differential and linear cryptanalysis. We show that it is usually possible to use quantum computations to obtain a quadratic speed-up for these attack techniques, but the situation must be nuanced: we don't get a quadratic speed-up for all variants of the attacks. This allows us to demonstrate the following non-intuitive result: the best attack in the classical world does not necessarily lead to the best quantum one. We give some examples of application on ciphers LAC and KLEIN. We also discuss the important difference between an adversary that can only perform quantum computations, and an adversary that can also make quantum queries to a keyed primitive.

Quantum Physics,Cryptography and Security