Complete analysis of Simon’s quantum algorithm with additional collisions
- 20 Downloads
Simon’s algorithm, an exponential speedup quantum algorithm for recovering period, has been widely applied to symmetric cryptography. At Crypto 2016, Kaplan et al. showed the effect of additional collisions on the success probability of Simon’s algorithm, which led to a better analysis of previous applications. In this paper, we provide several new results of Simon’s algorithm. Firstly, we present the composing form of additional collisions and reveal the exact relationship between additional collisions and measurement outcomes for the first time. Specifically, all probabilities of observed measurements are completely depended on the number of additional collisions. Our findings shed new light on how to estimate the success probability of Simon’s algorithm with additional collisions and point out somewhere unreasonable in the work by Kaplan et al. Finally, we give the trade-off between the success probability and the number of runs of the subroutine afresh. For a random function, 4n repetitions of subroutine will ensure the success probability exponentially close to 1.
KeywordsQuantum cryptography Simon’s algorithm Additional collisions Probability distribution Success probability
This work was supported by National Natural Science Foundation of China (Grant Nos. 61572516, 61602514, 61802437 and 61802438).
- 3.Bernstein, D.J.: Introduction to post-quantum cryptography, Post-quantum cryptography, pp. 1–14. Springer, Berlin (2009) Google Scholar
- 6.NIST: Post-Quantum Cryptography, https://csrc.nist.gov/Projects/Post-Quantum-Cryptography. (2017). Accessed 08 Jan 2019
- 7.Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, vol. 212. ACM (1996)Google Scholar
- 8.Boneh, D., Dagdelen, O., Fischlin, M., Lehmann, A., Schaffner, C., Zhandry, M.: Random oracles in a quantum world. In: Advances in Cryptology—ASIACRYPT 2011, vol. 41. Springer, Cham (2017)Google Scholar
- 10.Damgard I., Funder J., Nielsen J. B., Salvail L.: Superposition attacks on cryptographic protocols. In: ICITS 2013, vol. 142 (2013)Google Scholar
- 11.Kuwakado, H., Morii, M.: Quantum distinguisher between the 3-round Feistel cipher and the random permutation. Int. Symp. Inf. Theory Appl. 41, 2682 (2010)Google Scholar
- 12.Kuwakado, H., Morii, M.: Security on the quantum-type Even–Mansour cipher. In: International Symposium Information Theory and its Applications. vol. 312 (2012)Google Scholar
- 15.Alagic, G., Russell, A.: Quantum-secure symmetric-key cryptography based on hidden shifts. In: Advances in Cryptology—EUROCRYPT 2017, vol. 65. Springer, Berlin (2015)Google Scholar
- 18.Dong, X., Wang, X.: Quantum key-recovery attack on Feistel structures. SCI. CHINA Inf. Sci. 61, 240 (2018)Google Scholar