AUTHOR=Cai BinBin , Gao Fei , Leander Gregor 

TITLE=Quantum attacks on two-round even-mansour

JOURNAL=Frontiers in Physics

VOLUME=10

YEAR=2022

URL=https://www.frontiersin.org/journals/physics/articles/10.3389/fphy.2022.1028014

DOI=10.3389/fphy.2022.1028014

ISSN=2296-424X

ABSTRACT=<p>Even-Mansour is one of the most important constructions in symmetric cryptography, both from a theoretical and practical perspective. With the rapid development of quantum computing, the security of Even-Mansour construction in quantum setting needs to be considered. For one round Even-Mansour construction, it is well settled by classical and quantum attacks. While for the iterated scheme, the situation is much more complex. In this paper, we study the next case in line in detail and depth: quantum attacks against two rounds case. We first make an asymptotic comparison with existing classical and quantum attacks. Then we give concrete resource estimation for the proposed quantum attacks on round reduced LED cipher and AES<sup>2</sup>. The resource estimation allows to deduce the most efficient attacks based on the trade-off of the number of qubits and Toffoli depth.</p>