Quantum Key-Recovery Attacks on FBC Algorithm

Abstract

With the advancement of quantum computing, symmetric cryptography faces new challenges from quantum attacks. These attacks are typically classified into two models: Q1 (classical queries) and Q2 (quantum superposition queries). In this context, we present a comprehensive security analysis of the FBC algorithm considering quantum adversaries with different query capabilities. In the Q2 model, we first design 4-round polynomial-time quantum distinguishers for FBC-F and FBC-KF structures, and then perform r(r>6)-round quantum key-recovery attacks. Our attacks require O(2(2n(r-6)+3n)/2) quantum queries, reducing the time complexity by a factor of 24.5n compared with quantum brute-force search, where n denotes the subkey length. Moreover, we give a new 6-round polynomial-time quantum distinguisher for FBC-FK structure. Based on this, we construct an r(r>6)-round quantum key-recovery attack with complexity O(2n(r-6)). Considering an adversary with classical queries and quantum computing capabilities, we demonstrate low-data quantum key-recovery attacks on FBC-KF/FK structures in the Q1 model. These attacks require only a constant number of plaintext-ciphertext pairs, then use the Grover algorithm to search the intermediate states, thereby recovering all keys in O(2n/2) time.