International Association for Cryptologic Research (IACR)
Abstract
We fully characterize the post-quantum security of the CBC, CFB, OFB and CTR modes of operation by considering all possible notions of qIND-qCPA security defined by Carstens, Ebrahimi, Tabia and Unruh (TCC 2021), thus extending the work performed by Anand, Targhi, Tabia and Unruh (PQCrypto 2016).
We show that the results obtained by Anand et al. for the qIND-qCPA-P6 security of these modes carry on to the other IND-qCPA notions, namely the qIND-qCPA-P10 and qIND-qCPA-P11 ones. We also show that all of these modes are insecure according to all of the other notions, regardless of the block cipher they are used with.
We also provide two general results concerning the insecurity of commonly used properties of block ciphers, namely those preserving the length of their input and those using the XOR operation as a way to randomize the encryption. Finally, we use these results to highlight the need for new quantum semantic security notions