Quantum cryptanalysis of hash and claw-free functions

Invited paper
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1380)


We give a quantum algorithm that finds collisions in arbitrary r-to-one functions after only O(3√N/r) expected evaluations of the function, where N is the cardinality of the domain. Assuming the function is given by a black box, this is more efficient than the best possible classical algorithm, even allowing probabilism. We also give a similar algorithm for finding claws in pairs of functions. Further, we exhibit a space-time tradeoff for our technique. Our approach uses Grover's quantum searching algorithm in a novel way.


Expected Number Quantum Algorithm Quantum Cryptanalysis Classical Algorithm Cryptographic Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Michel Boyer, Gilles Brassard, Peter HØyer and Alain Tapp, “Tight bounds on quantum searching”, Proceedings of Fourth Workshop on Physics and Computation — PhysComp '96, November 1996, pp. 36–43. Final version to appear in Fortschritte Der Physik.Google Scholar
  2. 2.
    Gilles Brassard, David Chaum and Claude Crépeau, “Minimum disclosure proofs of knowledge”, Journal of Computer and System Sciences, Vol. 37, no. 2, October 1988, pp. 156–189.CrossRefMathSciNetGoogle Scholar
  3. 3.
    Gilles Brassard and Peter HØyer, “An exact quantum polynomial-time algorithm for Simon's problem”, Proceedings of Fifth Israeli Symposium on Theory of Computing and Systems — ISTCS '97, June 1997, IEEE Computer Society Press, pp. 12–23.Google Scholar
  4. 4.
    J. Larry Carter and Mark N. Wegman, “Universal classes of hash functions”, Journal of Computer and System Sciences, Vol. 18, no. 2, 1979, pp. 143–154.CrossRefMathSciNetGoogle Scholar
  5. 5.
    Shafi Goldwasser, Silvio Micali and Ronald L. Rivest, “A digital signature scheme secure against adaptive chosen-message attacks”, SIAM Journal on Computing, Vol. 17, 1988, pp. 281–308.CrossRefMathSciNetGoogle Scholar
  6. 6.
    Lov K. Grover, “A fast quantum mechanical algorithm for database search”, Proceedings of the 28th Annual ACM Symposium on Theory of Computing, 1996, pp. 212–219.Google Scholar
  7. 7.
    Lov K. Grover, “Quantum mechanics helps in searching for a needle in a haystack”, Physical Review Letters, Vol. 79, no. 2, 14 July 1997, pp. 325–328.CrossRefGoogle Scholar
  8. 8.
    Eric Rains, talk given at AT&T, Murray Hill, New Jersey, 12 March 1997.Google Scholar
  9. 9.
    Daniel R. Simon, “On the power of quantum computation”, SI AM Journal on Computing, Vol. 26, no. 5, October 1997, pp. 1474–1483.zbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  1. 1.Département IROUniversité de MontréalMontréalCanada
  2. 2.Department of Mathematics and Computer ScienceOdense UniversityOdense MDenmark

Personalised recommendations