Quantum Algorithms for Boolean Equation Solving and Quantum Algebraic Attack on Cryptosystems
This work addresses the challenge of quantum-resistant cryptography by providing a new criterion for designing cryptosystems that can withstand quantum algebraic attacks, which is significant for cybersecurity in the quantum computing era.
The paper tackles the NP-hard problem of solving Boolean equation systems by presenting a quantum algorithm that decides solvability and finds solutions with polynomial runtime complexity dependent on the condition number, and applies it to show that cryptosystems like AES and SHA-3 are secure against quantum attacks only if their equation systems have large condition numbers.
Decision of whether a Boolean equation system has a solution is an NPC problem and finding a solution is NP hard. In this paper, we present a quantum algorithm to decide whether a Boolean equation system FS has a solution and compute one if FS does have solutions with any given success probability. The runtime complexity of the algorithm is polynomial in the size of FS and the condition number of FS. As a consequence, we give a polynomial-time quantum algorithm for solving Boolean equation systems if their condition numbers are small, say polynomial in the size of FS. We apply our quantum algorithm for solving Boolean equations to the cryptanalysis of several important cryptosystems: the stream cipher Trivum, the block cipher AES, the hash function SHA-3/Keccak, and the multivariate public key cryptosystems, and show that they are secure under quantum algebraic attack only if the condition numbers of the corresponding equation systems are large. This leads to a new criterion for designing cryptosystems that can against the attack of quantum computers: their corresponding equation systems must have large condition numbers.