Abstract
The current paper improves the number of queries of the previous quantum multi-collision finding algorithms presented by Hosoyamada et al. at Asiacrypt 2017. Let an l-collision be a tuple of l distinct inputs that result in the same output of a target function. In cryptology, it is important to study how many queries are required to find l-collisions for random functions of which domains are larger than ranges. The previous algorithm finds an l-collision for a random function by recursively calling the algorithm for finding \((l-1)\)-collisions, and it achieves the average quantum query complexity of \(O(N^{(3^{l-1}-1) / (2 \cdot 3^{l-1})})\), where N is the range size of target functions. The new algorithm removes the redundancy of the previous recursive algorithm so that different recursive calls can share a part of computations. The new algorithm finds an l-collision for random functions with the average quantum query complexity of \(O(N^{(2^{l-1}-1) / (2^{l}-1)})\), which improves the previous bound for all \(l\ge 3\) (the new and previous algorithms achieve the optimal bound for \(l=2\)). More generally, the new algorithm achieves the average quantum query complexity of \(O\left( c^{3/2}_N N^{\frac{2^{l-1}-1}{ 2^{l}-1}}\right) \) for a random function \(f:X\rightarrow Y\) such that \(|X| \ge l \cdot |Y| / c_N\) for any \(1\le c_N \in o(N^{\frac{1}{2^l - 1}})\). With the same query complexity, it also finds a multiclaw for random functions, which is harder to find than a multicollision.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
As in our case, the BHT algorithm also focus on only quantum query complexity. Although it runs in time \(\tilde{O}(N^{1/3})\) on an idealized quantum computer, it requires \(\tilde{O}(N^{1/3})\) qubits to store data in quantum memories. Recently Chailloux et al. [CNS17] has developed a quantum 2-collision finding algorithm that runs in time \(\tilde{O}(N^{2/5})\), which is polynomially slower than the BHT algorithm but requires only \(O(\log N)\) quantum memories.
References
Ambainis, A.: Quantum walk algorithm for element distinctness. In: Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2004, Rome, Italy, 17–19 October 2004, pp. 22–31 (2004)
Boyer, M., Brassard, G., Høyer, P., Tapp, A.: Tight bounds on quantum searching. Fortschr. Physik Prog. Phys. 46(4–5), 493–505 (1998)
Buhrman, H., et al.: Quantum algorithms for element distinctness. In: Proceedings of the 16th Annual IEEE Conference on Computational Complexity, Chicago, Illinois, USA, 18–21 June 2001, pp. 131–137 (2001)
Berman, I., Degwekar, A., Rothblum, R.D., Vasudevan, P.N.: Multi-collision resistant hash functions and their applications. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 133–161. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_5
Belovs, A.: Learning-graph-based quantum algorithm for \(k\)-distinctness. In: 53rd Annual IEEE Symposium on Foundations of Computer Science, FOCS 2012, New Brunswick, NJ, USA, 20–23 October 2012, pp. 207–216 (2012)
Brassard, G., Høyer, P., Tapp, A.: Quantum cryptanalysis of hash and claw-free functions. In: Lucchesi, C.L., Moura, A.V. (eds.) LATIN 1998. LNCS, vol. 1380, pp. 163–169. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054319
Bitansky, N., Kalai, Y.T., Paneth, O.: Multi-collision resistance: a paradigm for keyless hash functions. In: Proceedings of the 50th Annual ACM Symposium on Theory of Computing, STOC 2018, Los Angeles, CA, USA, 25–29 June 2018, pp. 671–684 (2018)
Chailloux, A., Naya-Plasencia, M., Schrottenloher, A.: An efficient quantum collision search algorithm and implications on symmetric cryptography. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 211–240. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_8
Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, Philadelphia, Pennsylvania, USA, 22–24 May 1996, pp. 212–219 (1996)
Hush, D., Scovel, C.: Concentration of the hypergeometric distribution. Stat. Prob. Lett. 75(2), 127–132 (2005)
Hosoyamada, A., Sasaki, Y., Xagawa, K.: Quantum multicollision-finding algorithm. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 179–210. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_7
Jovanovic, P., Luykx, A., Mennink, B.: Beyond 2c/2 security in sponge-based authenticated encryption modes. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 85–104. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45611-8_5
Komargodski, I., Naor, M., Yogev, E.: Collision resistant hashing for paranoids: dealing with multiple collisions. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 162–194. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_6
Liu, Q., Zhandry, M.: On finding quantum multi-collisions. In: Proceedings of EUROCRYPT 2019 (2018)
Mitzenmacher, M., Upfal, E.: Probability and Computing: Randomization and Probabilistic Techniques in Algorithms and Data Analysis. Cambridge University Press, Cambridge (2017)
Rivest, R.L., Shamir, A.: PayWord and MicroMint: two simple micropayment schemes. In: Proceedings of the International Workshop on Security Protocols, Cambridge, United Kingdom, 10–12 April 1996, pp. 69–87 (1996)
Tani, S.: Claw finding algorithms using quantum walk. Theor. Comput. Sci. 410(50), 5285–5297 (2009)
Zhandry, M.: A note on the quantum collision and set equality problems. Quantum Inf. Comput. 15(7&8), 557–567 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Hosoyamada, A., Sasaki, Y., Tani, S., Xagawa, K. (2019). Improved Quantum Multicollision-Finding Algorithm. In: Ding, J., Steinwandt, R. (eds) Post-Quantum Cryptography. PQCrypto 2019. Lecture Notes in Computer Science(), vol 11505. Springer, Cham. https://doi.org/10.1007/978-3-030-25510-7_19
Download citation
DOI: https://doi.org/10.1007/978-3-030-25510-7_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-25509-1
Online ISBN: 978-3-030-25510-7
eBook Packages: Computer ScienceComputer Science (R0)