Quantum attacks on pseudorandom generators. (English) Zbl 1353.81034
Summary: There are advantages in the use of quantum computing in the elaboration of attacks on certain pseudorandom generators when compared with analogous attacks using classical computing. This paper presents a polynomial time quantum attack on the Blum-Micali generator, which is considered secure against threats from classical computers. The proposed attack uses a Grover inspired procedure together with the quantum discrete logarithm, and is able to recover previous and future outputs of the generator under attack, thereby completely compromising its unpredictability. The attack can also be adapted to other generators, such as Blum-Micali generators with multiple hard-core predicates and generators from the Blum-Micali construction, and also to scenarios where the requirements on the bits are relaxed. Such attacks represent a threat to the security of the pseudorandom generators adopted in many real-world cryptosystems.
MSC:
| 81P68 | Quantum computation |
| 68Q12 | Quantum algorithms and complexity in the theory of computing |
| 68Q87 | Probability in computer science (algorithm analysis, random structures, phase transitions, etc.) |
| 65C10 | Random number generation in numerical analysis |
| 94A60 | Cryptography |
References:
| [1] | Encyclopedia of Cryptography and Security (2005) · Zbl 1126.94001 |
| [2] | DOI: 10.1007/3-540-69710-1_12 · Zbl 1385.94048 · doi:10.1007/3-540-69710-1_12 |
| [3] | DOI: 10.1007/11586821_24 · doi:10.1007/11586821_24 |
| [4] | DOI: 10.1109/5992.909000 · doi:10.1109/5992.909000 |
| [5] | DOI: 10.1016/0022-0000(93)90038-X · Zbl 0790.94013 · doi:10.1016/0022-0000(93)90038-X |
| [6] | DOI: 10.1137/S0097539793244708 · Zbl 0940.68048 · doi:10.1137/S0097539793244708 |
| [7] | Explorations in Quantum Computing (2011) |
| [8] | Quantum Computing (2001) · Zbl 0976.68063 |
| [9] | Random Number Generation and Monte Carlo Methods (2003) |
| [10] | DOI: 10.1007/s00145-004-0215-y · Zbl 1084.68046 · doi:10.1007/s00145-004-0215-y |
| [11] | DOI: 10.1103/PhysRevLett.79.325 · doi:10.1103/PhysRevLett.79.325 |
| [12] | DOI: 10.2140/involve.2010.3.197 · Zbl 1269.11123 · doi:10.2140/involve.2010.3.197 |
| [13] | Journal of the Association for Computing Machinery 36 pp 139– (1989) |
| [14] | Foundations of Cryptography–A Primer (2005) · Zbl 1141.94009 |
| [15] | DOI: 10.1137/0213053 · Zbl 0547.68046 · doi:10.1137/0213053 |
| [16] | DOI: 10.1137/0215025 · Zbl 0602.65002 · doi:10.1137/0215025 |
| [17] | SIGACT News 35 pp 22– (2004) |
| [18] | DOI: 10.1137/S0097539795293172 · Zbl 1005.11065 · doi:10.1137/S0097539795293172 |
| [19] | Quantum Information and Computation 3 pp 317– (2004) |
| [20] | DOI: 10.1007/3-540-39805-8_8 · doi:10.1007/3-540-39805-8_8 |
| [21] | DOI: 10.1007/BFb0055737 · doi:10.1007/BFb0055737 |
| [22] | Understanding Cryptography (2010) |
| [23] | Quantum Computation and Information (2005) |
| [24] | DOI: 10.1147/rd.176.0525 · Zbl 0267.68024 · doi:10.1147/rd.176.0525 |
| [25] | DOI: 10.1103/PhysRevA.71.052320 · Zbl 1227.81134 · doi:10.1103/PhysRevA.71.052320 |
| [26] | DOI: 10.1137/0217021 · Zbl 0644.94017 · doi:10.1137/0217021 |
| [27] | DOI: 10.1016/0196-6774(92)90054-G · Zbl 0784.65006 · doi:10.1016/0196-6774(92)90054-G |
| [28] | GI Lecture Notes in Informatics 74 pp 53– (2005) |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
