On quantum preimage attacks

TL;DR

This paper introduces a theoretical quantum preimage attack on cryptographic hash functions, combining classical and quantum techniques to potentially undermine hash resistance assuming quantum implementation is feasible.

Contribution

It presents a novel hybrid quantum-classical algorithm for preimage attacks, leveraging quantum parallelism and measurement gates, specifically targeting hash functions like SHA-3.

Findings

Algorithm theoretically finds preimages efficiently

Utilizes quantum parallelism with classical search

Relies on assumptions of quantum hash function implementation

Abstract

We propose a preimage attack against cryptographic hash functions based on the speedup enabled by quantum computing. Preimage resistance is a fundamental property cryptographic hash functions must possess. The motivation behind this work relies in the lack of conventional attacks against newly introduced hash schemes such as the recently elected SHA-3 standard. The proposed algorithm consists of two parts: a classical one running in O(log |S|), where S represents the searched space, and a quantum part that contains the bulk of the Deutsch-Jozsa circuit. The mixed approach we follow makes use of the quantum parallelism concept to check the existence of an argument (preimage) for a given hash value (image) in the preestablished search space. For this purpose, we explain how a non-unitary measurement gate can be used to determine if S contains the target value. Our method is entirely theoretical and is based on the assumptions that a hash function can be implemented by a quantum computer and the key measurement gate we describe is physically realizable. Finally, we present how the algorithm finds a solution on S.