Quantum meet-in-the-middle attack on Feistel construction

Inspired by Hosoyamada and Sasaki (in: International conference on security cryptography for networks, pp 386–403. Springer, 2018), we propose a new quantum meet-in-the-middle (QMITM) attack r-round ( $$r \ge 7$$ ) Feistel construction to reduce the time complexity, which is based Guo et al. (Des Codes Cryptogr 80(3):587–618, 2016) classical (MITM) attack. In our attack, adjust size of truncated differentials balance complexities between constructing tables querying firstly introduce claw finding algorithm solve collision search problem in MITM The total are only $$O({2^{2n/3}} \cdot n)$$ , $$O({2^{19n/24}} $$O({2^{(r - 5)n/4}} when = 8$$ > lower than attacks. Moreover, belongs Q1 model more practical other