Abstract
In this work, we have analyzed ChaCha against Grover’s search algorithm. We designed a reversible quantum circuit of ChaCha and then estimated the resources required to implement Grover. We showed that for MAXDEPTH = \( 2^{40} \), the ChaCha20 256-bit key can be recovered using Grover’s search algorithm with a gate count of \( 1.233 \cdot 2^{251} \), which is less than the NIST’s requirement of \( 2^{258} \). We also showed that implementing Grover’s algorithm greatly depends on the number of rounds in ChaCha. We deduced that ChaCha would require approximately 166 rounds so that implementing a non parallelized Grover would require a \( 2^{298} \) gate count. We implemented a ChaCha-like toy cipher in IBMQ simulator and recovered key using Grover’s algorithm.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Anand, R., Maitra, A., Mukhopadhyay, S.: Grover on SIMON. Quantum Inf. Process. 19(9), 1–17 (2020). https://doi.org/10.1007/s11128-020-02844-w
Anand, R., Maitra, A., Mukhopadhyay, S.: Evaluation of quantum cryptanalysis on SPECK. In: Bhargavan, K., Oswald, E., Prabhakaran, M. (eds.) Progress in Cryptology INDOCRYPT 2020. LNCS, vol. 12578. Springer, Cham (2020). https://doi.org/10.1007/ 978-3-030-65277-7_18
Anand, R., Maitra, S., Maitra, A., Mukherjee, C.S., Mukhopadhyay, S.: Resource estimation of Grovers-kind quantum cryptanalysis against FSR based symmetric ciphers. Cryptology ePrint Archive, Report 2020/1438, https://eprint.iacr.org/2020/1438 (2020)
Amy, M., Maslov, D., Mosca, M., Roetteler, M.: A meet-in-the-middle algorithm for fast synthesis of depth-optimal quantum circuits. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 32(6), 818–830 (2013). https://doi.org/10.1109/TCAD.2013.2244643
Aumasson, J.P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of Latin dances: analysis of Salsa, ChaCha, and Rumba. In: Nyberg, K. (ed.) Fast Software Encryption. FSE 2008. Lecture Notes in Computer Science, vol. 5086. Springer, Berlin (2008). https://doi.org/10.1007/978-3-540-71039-4_30
Aumasson, J.P.: Too much crypto. IACR Cryptol. ePrint Arch., p.1492 (2019). https://eprint.iacr.org/2019/1492
Bernstein, D.J.: ChaCha, a variant of Salsa20. In: Workshop Record of SASC, vol. 8, pp. 3–5 (2008)
Boyer, M., Brassard, G., Høyer, P., Tapp, A.: Tight bounds on quantum searching. Fortschritte der Physik: Progress of Physics 46(4–5), 493–505 (1998)
Choudhuri, A., Maitra, S.: Differential cryptanalysis of salsa and ChaCha: An evaluation with a hybrid model. Cryptology ePrint Archive: Report 2016/377, (2016)
Davenport, J.H., Pring, B.: Improvements to quantum search techniques for block-ciphers, with applications to AES. In: Selected Areas in Cryptography-SAC (2020)
Dey, S., Sarkar, S.: Improved analysis for reduced round Salsa and Chacha. Discrete Appl. Math. 227, 58–69 (2017). https://doi.org/10.1016/j.dam.2017.04.034
Jaques, S., Naehrig, M., Roetteler, M. and Virdia, F.: Implementing Grover oracles for quantum key search on AES and LowMC. Advances in Cryptology—EUROCRYPT 2020, volume 12106 of Lecture Notes in Computer Science, pp. 280–310. Springer (2020)
Kim, P., Han, D., Jeong, K.C.: Time-space complexity of quantum search algorithms in symmetric cryptanalysis: applying to AES and SHA-2. Quantum Inf. Process. 17(12), 1–39 (2018)
Langenberg, B., Pham, H., Steinwandt, R.: Reducing the cost of implementing the advanced encryption standard as a quantum circuit. IEEE Trans. Quantum Eng. 1, 1–12 (2020). https://doi.org/10.1109/TQE.2020.2965697
Maitra, S.: Chosen IV cryptanalysis on reduced round ChaCha and Salsa. Discrete Appl. Math. 208, 88–97 (2016)
Maitra, S., Paul, G., Meier, W.: Salsa20 cryptanalysis: new moves and revisiting old styles. In: The 9th International Workshop on Coding and Cryptography 2015 WCC2015, Anne Canteaut, Gaëtan Leurent, Maria Naya-Plasencia, Paris, France. ffhal-01276506f (2015)
Grassl, M., Langenberg, B., Roetteler, M., Steinwandt, R.: Applying Grover’s algorithm to AES: quantum resource estimates. In: Takagi, T. (ed.) Post-quantum Cryptography. PQCrypto. Lecture Notes in Computer Science, vol. 9606, pp. 29–43. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29360-8_3
Ramos-Calderer, S., Bellini, E., Latorre, J.I., Manzano, M., Mateu, V.: Quantum search for scaled hash function preimages. arXiv preprint arXiv:2009.00621. (2020)
Shi, Z., Zhang, B., Feng, D., Wu, W.: Improved key recovery attacks on reduced-round Salsa20 and ChaCha. In: Information Security and Cryptology—ICISC, pp. 337–351 (2012)
Takahashi, Y., Tani, S., Kunihiro, N.: Quantum addition circuits and unbounded fan-out. Quantum Inf. Comput. 10(9), 872–890 (2010)
NIST. Submission requirements and evaluation criteria for the post-quantum cryptography standardization process (2016). https://csrc.nist.gov/CSRC/media/Projects/Post-Quantum-Cryptography/documents/call-for-proposals-final-dec-2016.pdf
Wiebe, N., Roetteler, M.: Quantum arithmetic and numerical analysis using repeat-until-success circuits. Quantum Inf. Comput. 16(1–2), 134–178 (2014)
Funding
Not Applicable.
Author information
Authors and Affiliations
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Bathe, B., Anand, R. & Dutta, S. Evaluation of Grover’s algorithm toward quantum cryptanalysis on ChaCha. Quantum Inf Process 20, 394 (2021). https://doi.org/10.1007/s11128-021-03322-7
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11128-021-03322-7