A note on quantum related-key attacks
نویسندگان
چکیده
In a basic related-key attack against a block cipher, the adversary has access to encryptions under keys that differ from the target key by bit-flips. In this short note we show that for a quantum adversary such attacks are quite powerful: if the secret key is (i) uniquely determined by a small number of plaintextciphertext pairs, (ii) the block cipher can be evaluated efficiently, and (iii) a superposition of related keys can be queried, then the key can be extracted efficiently.
منابع مشابه
Eavesdropping or Disrupting a Communication - On the Weakness of Quantum Communications
What is the behavior of an adversary to launch attacks against a communication? The good choice is to eavesdrop the communication such that the communicators can not detect the eavesdropping. The general choice is to disrupt the communication at low cost, say, measuring the transferred quantum signals in the well-known BB84 quantum key distribution protocol. The bad choice is to disrupt it at e...
متن کاملNumerical Simulation of the Wake Flow Behind an Ellipse using Random Vortex Method (RESEARCH NOTE)
Direct numerical simulation of the wake flow around and behind a planar ellipse using a random vortex method is presented. Fluid is considered incompressible and the aspect ratios of ellipse and the angles of attacks are varied. This geometry can be a logical prelude to the more complex geometries, but less time dependent experimental measurements are available to validate the numerical results...
متن کاملua nt - p h / 03 10 15 6 v 1 2 6 O ct 2 00 3 Quantum and classical advantage distillation are not equivalent
We report that, for the generation of a secure cryptographic key from correlations established through a noisy quantum channel, the quantum and classical advantage distillation procedures are not equivalent, when coherent eavesdropping attacks are duly taken into account. The quantum procedure can tolerate markedly more noise in the channel than the classical procedure. One of the important pro...
متن کاملOn the Security of Interferometric Quantum Key Distribution
Many quantum key distribution (QKD) schemes are based on sending and measuring qubits—twodimensional quantum systems. Yet, in practical realizations and experiments, the measuring devices at the receiver’s (Bob) site commonly do not measure a two-dimensional system but rather a quantum space of a larger dimension. Such an enlargement sometimes results from imperfect devices. However, in various...
متن کاملImpossible Differential Cryptanalysis on Deoxys-BC-256
Deoxys is a final-round candidate of the CAESAR competition. Deoxys is built upon an internal tweakable block cipher Deoxys-BC, where in addition to the plaintext and key, it takes an extra non-secret input called a tweak. This paper presents the first impossible differential cryptanalysis of Deoxys-BC-256 which is used in Deoxys as an internal tweakable block cipher. First, we find a 4.5-round...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2013 شماره
صفحات -
تاریخ انتشار 2013