Quantum Algorithm for Finding Impossible Differentials and Zero-Correlation Linear Hulls of Symmetric Ciphers.

In this paper, we present quantum algorithms for finding impossible differentials and zero-correlation linear hulls, which are distinguishers for the two powerful attacks against symmetric ciphers of impossible differential attack and zero-correlation linear attack. Compared to classical methods, the proposed quantum algorithms possess many advantages. Firstly, our quantum algorithm for finding impossible differentials obtains the input and output differences by solving linear equation systems instead of searching in a limited space; Secondly, our quantum algorithm for zero-correlation linear hulls can investigate the key schedule’s effect; Thirdly, the only computation cost of our algorithms is solving linear equation systems, and the size of the systems is not increasing as the round number increases. The core idea of our method is to use the Berstein-Vazirani algorithm to find 1-linear structures of Boolean functions. We check the validity of the proposed quantum algorithm with the SIMON block cipher family and RC5 block cipher. We show that the proposed algorithms can discover some 11-round, 12-round, 13-round, 16-round, and 19-round impossible differentials and zero-correlation linear hulls of SIMON cipher when considering the key schedules and 2.5-round impossible differential of RC5 when considering the round subkeys.