Document Open Access Logo

Quantum Security of Subset Cover Problems

Authors Samuel Bouaziz-Ermann, Alex B. Grilo, Damien Vergnaud

PDF

File

Thumbnail PDF
PDF
LIPIcs.ITC.2023.9.pdf
  • Filesize: 0.67 MB
  • 17 pages

Document Identifiers

Related Versions

Subject Classification

ACM Subject Classification
  • Security and privacy → Cryptography
Keywords
  • Cryptography
  • Random oracle model
  • Quantum information

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Abstract

The subset cover problem for k ≥ 1 hash functions, which can be seen as an extension of the collision problem, was introduced in 2002 by Reyzin and Reyzin to analyse the security of their hash-function based signature scheme HORS. The security of many hash-based signature schemes relies on this problem or a variant of this problem (e.g. HORS, SPHINCS, SPHINCS+, ...). 
Recently, Yuan, Tibouchi and Abe (2022) introduced a variant to the subset cover problem, called restricted subset cover, and proposed a quantum algorithm for this problem. In this work, we prove that any quantum algorithm needs to make Ω((k+1)^{-(2^k)/(2^{k+1}-1})⋅ N^{(2^{k}-1})/(2^{k+1}-1)}) queries to the underlying hash functions with codomain size N to solve the restricted subset cover problem, which essentially matches the query complexity of the algorithm proposed by Yuan, Tibouchi and Abe. 
We also analyze the security of the general (r,k)-subset cover problem, which is the underlying problem that implies the unforgeability of HORS under a r-chosen message attack (for r ≥ 1). We prove that a generic quantum algorithm needs to make Ω(N^{k/5}) queries to the underlying hash functions to find a (1,k)-subset cover. We also propose a quantum algorithm that finds a (r,k)-subset cover making O (N^{k/(2+2r)}) queries to the k hash functions.

Cite As Get BibTex

Samuel Bouaziz-Ermann, Alex B. Grilo, and Damien Vergnaud. Quantum Security of Subset Cover Problems. In 4th Conference on Information-Theoretic Cryptography (ITC 2023). Leibniz International Proceedings in Informatics (LIPIcs), Volume 267, pp. 9:1-9:17, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2023) https://doi.org/10.4230/LIPIcs.ITC.2023.9

Author Details

Samuel Bouaziz-Ermann
  • LIP6, Paris, France
  • Sorbonne Université, Paris, France
  • CNRS, Paris, France
Alex B. Grilo
  • LIP6, Paris, France
  • Sorbonne Université, Paris, France
  • CNRS, paris, France
Damien Vergnaud
  • LIP6, Paris, France
  • Sorbonne Université, Paris, France
  • CNRS, Paris, France

Funding

This work was partially funded by PEPR integrated project EPiQ ANR-22-PETQ-0007 part of Plan France 2030. This work is part of HQI initiative (www.hqi.fr) and is supported by France 2030 under the French National Research Agency award number "ANR-22-PNCQ-0002".
  • Grilo, Alex B.: ABG is supported by ANR JCJC TCS-NISQ ANR-22-CE47-0004, and by the PEPR integrated project EPiQ ANR-22-PETQ-0007 part of Plan France 2030.

Acknowledgements

We thanks the anonymous reviewers for their valuable comments that helped improving the quality of this paper.

References

  1. Jean-Philippe Aumasson and Guillaume Endignoux. Clarifying the subset-resilience problem. Cryptology ePrint Archive, Report 2017/909, 2017. URL: https://eprint.iacr.org/2017/909.
  2. Daniel J. Bernstein, Daira Hopwood, Andreas Hülsing, Tanja Lange, Ruben Niederhagen, Louiza Papachristodoulou, Michael Schneider, Peter Schwabe, and Zooko Wilcox-O'Hearn. SPHINCS: Practical stateless hash-based signatures. In Elisabeth Oswald and Marc Fischlin, editors, EUROCRYPT 2015, Part I, volume 9056 of LNCS, pages 368-397. Springer, Heidelberg, April 2015. URL: https://doi.org/10.1007/978-3-662-46800-5_15.
  3. Daniel J. Bernstein, Andreas Hülsing, Stefan Kölbl, Ruben Niederhagen, Joost Rijneveld, and Peter Schwabe. The SPHINCS^+ signature framework. In Lorenzo Cavallaro, Johannes Kinder, XiaoFeng Wang, and Jonathan Katz, editors, ACM CCS 2019, pages 2129-2146. ACM Press, November 2019. URL: https://doi.org/10.1145/3319535.3363229.
  4. Dan Boneh, Özgür Dagdelen, Marc Fischlin, Anja Lehmann, Christian Schaffner, and Mark Zhandry. Random oracles in a quantum world. In Dong Hoon Lee and Xiaoyun Wang, editors, ASIACRYPT 2011, volume 7073 of LNCS, pages 41-69. Springer, Heidelberg, December 2011. URL: https://doi.org/10.1007/978-3-642-25385-0_3.
  5. Michel Boyer, Gilles Brassard, Peter Høyer, and Alain Tapp. Tight bounds on quantum searching. Fortschritte der Physik, 46(4-5):493-505, June 1998. URL: https://doi.org/10.1002/(sici)1521-3978(199806)46:4/5<493::aid-prop493>3.0.co;2-p.
  6. Gilles Brassard, Peter Høyer, and Alain Tapp. Quantum cryptanalysis of hash and claw-free functions. In Claudio L. Lucchesi and Arnaldo V. Moura, editors, LATIN '98: Theoretical Informatics, Third Latin American Symposium, Campinas, Brazil, April, 20-24, 1998, Proceedings, volume 1380 of Lecture Notes in Computer Science, pages 163-169. Springer, 1998. URL: https://doi.org/10.1007/BFb0054319.
  7. Kai-Min Chung, Serge Fehr, Yu-Hsuan Huang, and Tai-Ning Liao. On the compressed-oracle technique, and post-quantum security of proofs of sequential work. In Anne Canteaut and François-Xavier Standaert, editors, EUROCRYPT 2021, Part II, volume 12697 of LNCS, pages 598-629. Springer, Heidelberg, October 2021. URL: https://doi.org/10.1007/978-3-030-77886-6_21.
  8. Lov K. Grover. A fast quantum mechanical algorithm for database search. In 28th ACM STOC, pages 212-219. ACM Press, May 1996. URL: https://doi.org/10.1145/237814.237866.
  9. L. Lamport. Constructing digital signatures from a one-way function. Technical Report SRI-CSL-98, SRI International Computer Science Laboratory, October 1979. Google Scholar
  10. Qipeng Liu and Mark Zhandry. On finding quantum multi-collisions. In Yuval Ishai and Vincent Rijmen, editors, EUROCRYPT 2019, Part III, volume 11478 of LNCS, pages 189-218. Springer, Heidelberg, May 2019. URL: https://doi.org/10.1007/978-3-030-17659-4_7.
  11. Leonid Reyzin and Natan Reyzin. Better than BiBa: Short one-time signatures with fast signing and verifying. In Lynn Margaret Batten and Jennifer Seberry, editors, ACISP 02, volume 2384 of LNCS, pages 144-153. Springer, Heidelberg, July 2002. URL: https://doi.org/10.1007/3-540-45450-0_11.
  12. Peter W. Shor. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Journal on Computing, 26(5):1484-1509, October 1997. URL: https://doi.org/10.1137/s0097539795293172.
  13. Takashi Yamakawa and Mark Zhandry. Classical vs quantum random oracles. In Anne Canteaut and François-Xavier Standaert, editors, EUROCRYPT 2021, Part II, volume 12697 of LNCS, pages 568-597. Springer, Heidelberg, October 2021. URL: https://doi.org/10.1007/978-3-030-77886-6_20.
  14. Quan Yuan, Mehdi Tibouchi, and Masayuki Abe. On subset-resilient hash function families. Designs, Codes and Cryptography, 90, March 2022. URL: https://doi.org/10.1007/s10623-022-01008-4.
  15. Mark Zhandry. How to record quantum queries, and applications to quantum indifferentiability. In Alexandra Boldyreva and Daniele Micciancio, editors, CRYPTO 2019, Part II, volume 11693 of LNCS, pages 239-268. Springer, Heidelberg, August 2019. URL: https://doi.org/10.1007/978-3-030-26951-7_9.
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2025 Schloss Dagstuhl – LZI GmbH About DROPS Imprint Privacy Contact