Skip to main content
Log in

Quantum Algorithm for Boolean Equation Solving and Quantum Algebraic Attack on Cryptosystems

  • Published:
Journal of Systems Science and Complexity Aims and scope Submit manuscript

Abstract

This paper presents a quantum algorithm to decide whether a Boolean equation system \(\mathcal{F}\) has a solution and to compute one if \(\mathcal{F}\) does have solutions with any given success probability. The runtime complexity of the algorithm is polynomial in the size of \(\mathcal{F}\) and the condition number of certain Macaulay matrix associated with \(\mathcal{F}\). As a consequence, the authors give a polynomial-time quantum algorithm for solving Boolean equation systems if their condition numbers are polynomial in the size of \(\mathcal{F}\). The authors apply the proposed quantum algorithm to the cryptanalysis of several important cryptosystems: The stream cipher Trivum, the block cipher AES, the hash function SHA-3/Keccak, the multivariate public key cryptosystems, and show that they are secure under quantum algebraic attack only if the corresponding condition numbers are large. This leads to a new criterion for designing such cryptosystems which are safe against the attack of quantum computers: The corresponding condition number.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Harrow A W, Hassidim A, and Lloyd S, Quantum algorithm for linear systems of equations, Physical Review Letters, 2009, 103(15): 150502.

    Article  MathSciNet  Google Scholar 

  2. Ambainis A, Variable time amplitude amplification and a faster quantum algorithm for solving systems of linear equations, Proc. STACS, 2012, 636–647.

  3. Childs A M, Kothari R, and Somma R D, Quantum algorithm for systems of linear equations with exponentially improved dependence on precision, SIAM J. Comput., 2017, 46(6): 1920–1950.

    Article  MathSciNet  Google Scholar 

  4. Ding J, Gower J E, and Schmidt D S, Multivariate Public Key Cryptosystems, Springer, New York, 2006.

    MATH  Google Scholar 

  5. Murphy S and Robshaw M, Essential algebraic structure within the AES, CRYPTO’02, 2002, 1–16.

  6. Teo S G, Wong K K H, Bartlett H, et al., Algebraic analysis of Trivium-like ciphers, Proceedings of the Twelfth Australasian Information Security Conference-Volume 149 Australian Computer Society, Inc., 2014, 77–81.

  7. Wu C K and Feng D, Boolean Functions and Their Applications in Cryptography, Springer, New York, 2016.

    Book  Google Scholar 

  8. Macaulay F S, Some formulas in elimination, Proc. of the London Mathematical Society, 1902, 35(1): 3–38.

    Article  MathSciNet  Google Scholar 

  9. Faugere J C, A new efficient algorithm for computing Gröbner bases (F4), J. Pure. Appl. Algebra, 1999, 139: 61–88.

    Article  MathSciNet  Google Scholar 

  10. Courtois N, Klimov A, Patarin J, et al., Efficient algorithms for solving overdefined systems of multivariate polynomial equations, Eurocrypt’00, LNCS, Springer, Berlin, 2000, 1807: 392–407.

    MathSciNet  MATH  Google Scholar 

  11. Lazard D, Gröbner bases, Gaussian elimination and resolution of systems of algebraic equations, Proc. Eurocal 83, LNCS, Springer, Berlin, 1983, 162: 146–156.

    MATH  Google Scholar 

  12. Caminata A and Gorla E, Solving multivariate polynomial systems and an invariant from commutative algebra, 2017, arXiv: 1706.06319.

  13. Aharonov D and Ta-Shma A, Adiabatic quantum state generation and statistical zero knowledge, Proc. STOC’03, ACM Press, New York, 2003, 20–29.

    Google Scholar 

  14. Cao Y, Daskin A, Frankel S, et al., Quantum circuit design for solving linear systems of equations, Molecular Physics, 2012, 110: 1675–1680.

    Article  Google Scholar 

  15. Grover L K, A fast quantum mechanical algorithm for database search, Proc. STOC’96, ACM Press, 1996, 212–219.

  16. Schwabe P and Westerbaan B, Solving binary MQ with Grover’s algorithm, SPACE’16, LNCS, 2016, 10076: 303–322.

    MATH  Google Scholar 

  17. Faugere J C, Horan K, Kahrobaei D, et al., Fast quantum algorithm for solving multivariate quadratic equations, 2017, arXiv: 1712.07211.

  18. Grassl M, Langenberg B, Roetteler M, et al., Applying Grover’s algorithm to AES: Quantum resource estimates, International Workshop on Post-Quantum Cryptography Post-Quantum Cryptography, Springer, New York, 2016, 29–43.

    Chapter  Google Scholar 

  19. Berry D W, Childs A M, and Kothari R, Hamiltonian simulation with nearly optimal dependence on all parameters, Proc. 56th FOCS, 2015, 792–809.

  20. Berry D W, Ahokas G, Cleve R, et al., Efficient quantum algorithms for simulating sparse Hamiltonians, Communications in Mathematical Physics, 2007, 270(2): 359–371.

    Article  MathSciNet  Google Scholar 

  21. Cox D, Little J, and O’Shea D, Using Algebraic Geometry, Springer, New York, 1998.

    Book  Google Scholar 

  22. Daemen J and Rijmen V, AES Proposal: Rijndael, NIST, Maryland, 1999.

    MATH  Google Scholar 

  23. Chen Y A and Gao X S, Quantum algorithms for Boolean equation solving and quantum algebraic attack on cryptosystems, 2017, arXiv: 1712.06239.

  24. Canniére C D and Preneel B, Trivium, New Stream Cipher Designs: The eSTREAM Finalists, LNCS, Springer, 2008, 4986: 244–266.

    Article  Google Scholar 

  25. Bertoni G, Daemen J, Peeters M, et al., Keccak sponge function family main document, Submission to NIST (Round 2), 2009, 3: 30.

    Google Scholar 

  26. Song L, Liao G, and Guo J, Non-full Sbox linearization: Applications to collision attacks on round-reduced Keccak, CRYPTO’17, Springer, 2017, 428–451.

  27. Huang S, Wang X, Xu G, et al., Conditional cube attack on reduced-round Keccak sponge function, EUROCRYPT 2017, Springer, 2017, 259–288.

  28. Yasuda T, Dahan X, Huang Y J, et al., MQ Challenge: Hardness evaluation of solving multivariate quadratic problems, The NIST Workshop on Cybersecurity in a Post-Quantum World, 2015, https://www.mqchallenge.org/.

  29. Bardet M, Faugere J C, Salvy B, et al., On the complexity of solving quadratic Boolean systems, Journal of Complexity, 2013, 29(1): 53–75.

    Article  MathSciNet  Google Scholar 

  30. Gao X S and Huang Z, Characteristic set algorithms for equation solving in finite fields, Journal of Symbolic Computation, 2012, 47: 655–679.

    Article  MathSciNet  Google Scholar 

  31. Chen Y A, Gao X S, and Yuan C M, Quantum algorithms for optimization and polynomial systems Sslving over finite fields, 2018, arXiv: 1802.03856.

  32. Chung F R and Graham F C, Spectral Graph Theory, American Mathematical Soc., Providence, 1997.

    Google Scholar 

  33. Fiedler M, Algebraic connectivity of graphs, Czechoslovak Mathematical Journal, 1973, 23(2): 298–305.

    Article  MathSciNet  Google Scholar 

  34. De Abreu N M M, Old and new results on algebraic connectivity of graphs, Linear Algebra and Its Applications, 2007, 423(1): 53–73.

    Article  MathSciNet  Google Scholar 

  35. Anderson W N and Morley T D, Eigenvalues of the Laplacian of a graph, Linear and Multilinear Algebra, 1985, 18(2): 141–145.

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Xiao-Shan Gao.

Additional information

This research was supported by the National Natural Science Foundation of China under Grant No. 11688101 and NKRDP 2018YFA0704705.

This paper was recommended for publication by Editor LI Hongbo.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chen, YA., Gao, XS. Quantum Algorithm for Boolean Equation Solving and Quantum Algebraic Attack on Cryptosystems. J Syst Sci Complex 35, 373–412 (2022). https://doi.org/10.1007/s11424-020-0028-6

Download citation

  • Received:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11424-020-0028-6

Keywords

Navigation