Resource-efficient Grover-meets-BV Q1 attacks on permutation-based pseudorandom functions
摘要
Owing to their simple and efficient design, permutation-based pseudorandom functions (PRFs) are widely adopted in modern cryptography. In the classical setting, single permutation PRFs typically provide about n/2 bit security, while double permutation variants achieve about 2n/3 bit security. This paper investigates the security of permutation-based PRFs in the Q1 model and proposes a quantum key recovery framework with improved hardware feasibility. To address the high quantum memory cost of existing Grover-meets-Simon attacks, we introduce a Grover-meets-BV approach based on Walsh spectrum sampling using the Bernstein–Vazirani procedure. Our method achieves a substantial constant factor reduction in quantum memory by reducing the qubit footprint of the core verification module from