Abstract
HHL algorithm is a quantum algorithm for solving linear equation system. It can achieve an exponential improvement over the best classical algorithm. In this paper, we analyze the quantum security of Grain-128/Grain-128a stream cipher by using the HHL algorithm. Our algorithm is based on Chen and Gao’s research on solving nonlinear equation system in Chen et al. (Quantum algorithm for optimization and polynomial system solving over finite field and application to cryptanalysis, 2018. arXiv:1802.03856) and Chen et al. (Quantum algorithms for Boolean equation solving and quantum algebraic attack on cryptosystems, 2017. arXiv:1712.06239). Firstly, we build a nonlinear Boolean equation system by choosing any keystream. Then, the nonlinear equation system is transformed into a special linear equation system that can be solved with the HHL algorithm. Finally, we solve the system by the HHL quantum algorithm. Our attack requires \( N > {2^8} \)-bit keystream, and the complexity is \(O(2^{21} N^{3.5} \kappa ^2 e^\epsilon /\epsilon ^{0.5})\) for Grain-128, and \(O(2^{21.5} N^{3.5} \kappa ^2 e^\epsilon /\epsilon ^{0.5})\) for Grain-128a where \(\kappa \) is the condition number of the matrix of the corresponding linear systems and \(\epsilon \) is a given error bound. Then we give a toy example of Grain family to estimate \(\kappa \) and briefly analyze the security of Grain-128/Grain-128a against HHL algorithm.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Feynman, R.P.: Simulating physics with computers. Int. J. Theor. Phys. 21(6), 467–488 (1982)
Shor, P.W.: Algorithms for quantum computation: Discrete logarithms and factoring. In: Proceedings 35th annual symposium on foundations of computer science. IEEE , pp. 124–134 (1994)
Grover, L.K.: A fast quantum mechanical algorithm for database search (1996). preprint arXiv:quant-ph/9605043
Raj G., Singh D., Madaan A.: Analysis of classical and quantum computing based on Grover and Shor algorithm. In: Satapathy S., Bhateja V., Das, S. (eds) Smart Computing and Informatics. Smart Innovation, Systems and Technologies, vol. 78. Springer, Singapore (2018). https://doi.org/10.1007/978-981-10-5547-8_43
Rötteler, M.: A survey of some recent results. Informatik-Forschung und Entwicklung 21(1–2), 3–20 (2006)
Montanaro, A.: Quantum algorithms: an overview. NPJ Quantum Inf. 2, 15023 (2016)
Biamonte, J., Wittek, P., Pancotti, N., et al.: Quantum machine learning. Nature 549(7671), 195 (2017)
Wiebe, N., Kapoor, A., Svore, K.M.: Quantum deep learning (2014). arXiv preprint arXiv:1412.3489
Jordan, S.P., Liu, Y.K.: Quantum cryptanalysis: shor, grover, and beyond. IEEE Secur. Priv. 16(5), 14–21 (2018)
Li, H..W.: Quantum Algorithms and its Applications in Cryptography. Institute of Information Engineering Chinese Academy of Sciences, Beijing (2015)
Alagic, G., Gagliardoni, T., Majenz, C.: Unforgeable quantum encryption. In: Annual international conference on the theory and applications of cryptographic techniques, pp. 489–519. Springer, Cham (2018)
Alagic, G., Russell, A.: Quantum-secure symmetric-key cryptography based on hidden shifts. In: Annual international conference on the theory and applications of cryptographic techniques, pp. 65–93. Springer, Cham (2017)
Broadbent, A., Schaffner, C.: Quantum cryptography beyond quantum key distribution. Des. Codes Cryptogr. 78(1), 351–382 (2016)
Bonnetain, X., Plasencia, M.N., Schrottenloher, A.: Quantum security analysis of AES. IACR Trans. Symmetric Cryptol. 2019, 55–93 (2019)
Xie, H.Q., Yang, L.: Using Bernstein Vazirani algorithm to attack block ciphers. Des. Codes Cryptogr. 87(5), 1161–1182 (2019)
Farik, M., Ali, S.: The need for quantum-resistant cryptography in classical computers. In: 2016 3rd Asia-Pacific World Congress on Computer Science and Engineering (APWC on CSE). IEEE , pp. 98–105 (2016)
Harrow, A.W., Hassidim, A., Lloyd, S.: Quantum algorithm for linear systems of equations. Phys. Rev. Lett. 103(15), 150502 (2009)
Rebentrost, P., Mohseni, M., Lloyd, S.: Quantum support vector machine for big data classification. Phys. Rev. Lett. 113(13), 130503 (2014)
Chen, Y.A., Gao, X.S., Yuan, C.M.: Quantum algorithm for optimization and polynomial system solving over finite field and application to cryptanalysis (2018). arXiv preprint arXiv:1802.03856
Chen, Y.A., Gao, X.S.: Quantum algorithms for Boolean equation solving and quantum algebraic attack on cryptosystems (2017). arXiv preprint arXiv:1712.06239
eSTREAM-ECRYPT steam cipher project. http://www.ecrypt.eu.org/stream/
Hell, M., Johansson, T., Meier, W.: Grain: a stream cipher for constrained environments. IJWMC 2(1), 86–93 (2007)
Hell, M., Johansson, T., Maximov, A.: A stream cipher proposal: Grain-128. In: 2006 IEEE international symposium on information theory. IEEE , pp. 1614–1618 (2006)
Martin, Å., et al.: Grain-128a: a new version of Grain-128 with optional authentication. Int. J. Wirel. Mob. Comput. 5, 48–59 (2011)
Lee, Y., Jeong, K., et al.: Related-key chosen IV attacks on Grain-v1 and Grain-128. In: Australasian conference on information security and privacy, pp. 321–335. Springer, Berlin, Heidelberg (2008)
Dinur, I., Guneysu, T., Paar, C., Shamir, A., Zimmermann, R.: An experimentally verified attack on full Grain-128 using dedicated reconfigurable hardware. In: International conference on the theory and application of cryptology and information security. Springer, Berlin, Heidelberg, pp. 327–343 (2011)
Dinur, I., Shamir, A.: Breaking Grain-128 with dynamic cube attacks. In: International workshop on fast software encryption. Springer, Berlin, Heidelberg, pp. 167–187 (2011)
Banik, S., Maitra, S., Sarkar, S., Meltem, Sönmez. T.: A chosen IV related key attack on Grain-128a. (eds) Information Security and Privacy. ACISP, Lecture Notes in Computer Science, vol. 7959. Springer, Berlin, Heidelberg (2013)
Fu, X.M., Wang, X.Y., et al.: Determining the nonexistent terms of non-linear multivariate polynomials: how to break Grain-128 more efficiently. IACR Cryptol. ePrint Arch. 2017, 412 (2017)
Ambainis, A.: Variable time amplitude amplification and a faster quantum algorithm for solving systems of linear equations (2010). arXiv preprint arXiv:1010.4458
Caminata, A., Gorla, E.: Solving multivariate polynomial systems and an invariant from commutative algebra (2017). arXiv preprint arXiv:1706.06319
Faugere, J.C.: A new efficient algorithm for computing Gröbner bases (F4)[J]. J. Pure Appl. Algebra 139(1–3), 61–88 (1999)
Courtois, N., Klimov, A., Patarin, J., Shamir, A.: Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In: International conference on the theory and applications of cryptographic techniques. Springer, Berlin, Heidelberg, pp. 392–407 (2000)
Tang, Y.L., Han, D., Li, Z.C.: Key recover attack on stream Cipher Grain-128 and its improvement. Comput. Appl. Softw. 33(5), 298–301 (2016)
Acknowledgements
This work is supported in part by the Key Research and Development Program of Shaanxi (No. 2021ZDLGY06-04), the Natural Science Foundation of China (No. 61303217, 61502372), Guangxi Key Laboratory of Cryptography and Information Security (No. GCIS201802).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Liu, W., Gao, J. Quantum security of Grain-128/Grain-128a stream cipher against HHL algorithm. Quantum Inf Process 20, 343 (2021). https://doi.org/10.1007/s11128-021-03275-x
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11128-021-03275-x