Advertisement

Improved Quantum Multicollision-Finding Algorithm

  • Akinori HosoyamadaEmail author
  • Yu Sasaki
  • Seiichiro Tani
  • Keita Xagawa
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11505)

Abstract

The current paper improves the number of queries of the previous quantum multi-collision finding algorithms presented by Hosoyamada et al. at Asiacrypt 2017. Let an l-collision be a tuple of l distinct inputs that result in the same output of a target function. In cryptology, it is important to study how many queries are required to find l-collisions for random functions of which domains are larger than ranges. The previous algorithm finds an l-collision for a random function by recursively calling the algorithm for finding \((l-1)\)-collisions, and it achieves the average quantum query complexity of \(O(N^{(3^{l-1}-1) / (2 \cdot 3^{l-1})})\), where N is the range size of target functions. The new algorithm removes the redundancy of the previous recursive algorithm so that different recursive calls can share a part of computations. The new algorithm finds an l-collision for random functions with the average quantum query complexity of \(O(N^{(2^{l-1}-1) / (2^{l}-1)})\), which improves the previous bound for all \(l\ge 3\) (the new and previous algorithms achieve the optimal bound for \(l=2\)). More generally, the new algorithm achieves the average quantum query complexity of \(O\left( c^{3/2}_N N^{\frac{2^{l-1}-1}{ 2^{l}-1}}\right) \) for a random function \(f:X\rightarrow Y\) such that \(|X| \ge l \cdot |Y| / c_N\) for any \(1\le c_N \in o(N^{\frac{1}{2^l - 1}})\). With the same query complexity, it also finds a multiclaw for random functions, which is harder to find than a multicollision.

Keywords

Post-quantum cryptography Quantum algorithm Multiclaw Multicollision 

References

  1. [Amb04]
    Ambainis, A.: Quantum walk algorithm for element distinctness. In: Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2004, Rome, Italy, 17–19 October 2004, pp. 22–31 (2004)Google Scholar
  2. [BBHT98]
    Boyer, M., Brassard, G., Høyer, P., Tapp, A.: Tight bounds on quantum searching. Fortschr. Physik Prog. Phys. 46(4–5), 493–505 (1998)CrossRefGoogle Scholar
  3. [BDH+01]
    Buhrman, H., et al.: Quantum algorithms for element distinctness. In: Proceedings of the 16th Annual IEEE Conference on Computational Complexity, Chicago, Illinois, USA, 18–21 June 2001, pp. 131–137 (2001)Google Scholar
  4. [BDRV18]
    Berman, I., Degwekar, A., Rothblum, R.D., Vasudevan, P.N.: Multi-collision resistant hash functions and their applications. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 133–161. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78375-8_5CrossRefGoogle Scholar
  5. [Bel12]
    Belovs, A.: Learning-graph-based quantum algorithm for \(k\)-distinctness. In: 53rd Annual IEEE Symposium on Foundations of Computer Science, FOCS 2012, New Brunswick, NJ, USA, 20–23 October 2012, pp. 207–216 (2012)Google Scholar
  6. [BHT98]
    Brassard, G., Høyer, P., Tapp, A.: Quantum cryptanalysis of hash and claw-free functions. In: Lucchesi, C.L., Moura, A.V. (eds.) LATIN 1998. LNCS, vol. 1380, pp. 163–169. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0054319CrossRefGoogle Scholar
  7. [BKP18]
    Bitansky, N., Kalai, Y.T., Paneth, O.: Multi-collision resistance: a paradigm for keyless hash functions. In: Proceedings of the 50th Annual ACM Symposium on Theory of Computing, STOC 2018, Los Angeles, CA, USA, 25–29 June 2018, pp. 671–684 (2018)Google Scholar
  8. [CNS17]
    Chailloux, A., Naya-Plasencia, M., Schrottenloher, A.: An efficient quantum collision search algorithm and implications on symmetric cryptography. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 211–240. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70697-9_8CrossRefGoogle Scholar
  9. [Gro96]
    Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, Philadelphia, Pennsylvania, USA, 22–24 May 1996, pp. 212–219 (1996)Google Scholar
  10. [HS05]
    Hush, D., Scovel, C.: Concentration of the hypergeometric distribution. Stat. Prob. Lett. 75(2), 127–132 (2005)MathSciNetCrossRefGoogle Scholar
  11. [HSX17]
    Hosoyamada, A., Sasaki, Y., Xagawa, K.: Quantum multicollision-finding algorithm. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 179–210. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70697-9_7CrossRefGoogle Scholar
  12. [JLM14]
    Jovanovic, P., Luykx, A., Mennink, B.: Beyond 2c/2 security in sponge-based authenticated encryption modes. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 85–104. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45611-8_5CrossRefzbMATHGoogle Scholar
  13. [KNY18]
    Komargodski, I., Naor, M., Yogev, E.: Collision resistant hashing for paranoids: dealing with multiple collisions. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 162–194. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78375-8_6CrossRefGoogle Scholar
  14. [LZ18]
    Liu, Q., Zhandry, M.: On finding quantum multi-collisions. In: Proceedings of EUROCRYPT 2019 (2018)Google Scholar
  15. [MU17]
    Mitzenmacher, M., Upfal, E.: Probability and Computing: Randomization and Probabilistic Techniques in Algorithms and Data Analysis. Cambridge University Press, Cambridge (2017)zbMATHGoogle Scholar
  16. [RS96]
    Rivest, R.L., Shamir, A.: PayWord and MicroMint: two simple micropayment schemes. In: Proceedings of the International Workshop on Security Protocols, Cambridge, United Kingdom, 10–12 April 1996, pp. 69–87 (1996)CrossRefGoogle Scholar
  17. [Tan09]
    Tani, S.: Claw finding algorithms using quantum walk. Theor. Comput. Sci. 410(50), 5285–5297 (2009)MathSciNetCrossRefGoogle Scholar
  18. [Zha15]
    Zhandry, M.: A note on the quantum collision and set equality problems. Quantum Inf. Comput. 15(7&8), 557–567 (2015)MathSciNetGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Akinori Hosoyamada
    • 1
    • 2
    Email author
  • Yu Sasaki
    • 1
  • Seiichiro Tani
    • 3
  • Keita Xagawa
    • 1
  1. 1.NTT Secure Platform LaboratoriesNTT CorporationMusashino-shiJapan
  2. 2.Department of Information and Communication EngineeringNagoya UniversityNagoyaJapan
  3. 3.NTT Communication Science LaboratoriesNTT CorporationAtsugi-shiJapan

Personalised recommendations