Quantum computing developments hold the promise of transforming the IT security landscape. Advances in quantum processors have introduced new theoretical threats to traditional cryptographic primitives through algorithms such as Grover's search and Shor's factorization, which can be used to cryptanalyze symmetric and asymmetric ciphers, respectively; however, the practical realization of these attacks depends critically on the availability of Cryptographically Relevant Quantum Computers (CRQCs). While current quantum hardware is still a considerable distance from achieving this threshold, the steady progress in technology suggests that the realization of CRQCs depends fundamentally on ongoing advances in scaling and engineering. In response to this emerging long-term threat, NIST has revised traditional encryption standards by introducing post-quantum cipher suites. While post-quantum cryptography research has primarily focused on conventional asymmetric cryptosystems, symmetric ultralightweight ciphers-commonly employed in resource-constrained environments such as RFID systems-remain an underexplored target of quantum cryptanalysis. This work takes an initial step toward addressing this gap by demonstrating full disclosure attacks on three ultralightweight mutual authentication protocols: the Ultra-Lightweight RFID Authentication and Renewal Protocol (ULRARP+), the Lightweight RFID Authentication Protocol (LRAP), and the Ultra-Lightweight RFID Authentication Protocol (URAP). Based on these findings, the paper proposes a set of design principles to guide the development of quantum-resilient minimalist ciphers for the post-quantum era.
Shahzadi et al. (Thu,) studied this question.