Quantum Key-Recovery Attacks on FBC Algorithm

TL;DR

This paper analyzes the security of the FBC cryptographic algorithm against quantum attacks, introducing new quantum distinguishers and key-recovery methods that significantly reduce attack complexity in both Q1 and Q2 models.

Contribution

It presents novel quantum distinguishers and key-recovery attacks for FBC, reducing attack complexity and exploring both classical and quantum query models.

Findings

Quantum attacks reduce complexity by a factor of 2^{4.5n}

New 6-round quantum distinguisher for FBC-FK structure

Low-data quantum key-recovery attacks require only constant plaintext-ciphertext pairs

Abstract

With the advancement of quantum computing, symmetric cryptography faces new challenges from quantum attacks. These attacks are typically classified into two models: Q1 (classical queries) and Q2 (quantum superposition queries). In this context, we present a comprehensive security analysis of the FBC algorithm considering quantum adversaries with different query capabilities. In the Q2 model, we first design 4-round polynomial-time quantum distinguishers for FBC-F and FBC-KF structures, and then perform $r(r>6)$-round quantum key-recovery attacks. Our attacks require $O(2^{(2n(r-6)+3n)/2})$ quantum queries, reducing the time complexity by a factor of $2^{4.5n}$ compared with quantum brute-force search, where $n$ denotes the subkey length. Moreover, we give a new 6-round polynomial-time quantum distinguisher for FBC-FK structure. Based on this, we construct an $r(r>6)$-round quantum key-recovery attack with complexity $O(2^{n(r-6)})$. Considering an adversary with classical queries and quantum computing capabilities, we demonstrate low-data quantum key-recovery attacks on FBC-KF/FK structures in the Q1 model. These attacks require only a constant number of plaintext-ciphertext pairs, then use the Grover algorithm to search the intermediate states, thereby recovering all keys in $O(2^{n/2})$ time.