Quantum-Resistant Hashes

Understanding Quantum Threats to Hashes

Grover's Algorithm: This quantum algorithm can search an unstructured database with quadratic speedup, reducing the security of a hash from n bits to about n/2 bits. For instance, SHA-256 would be equivalent to 128-bit security.
Collision Attacks: No known quantum algorithm significantly reduces the difficulty of finding hash collisions beyond classical limits for most hash functions.

Characteristics of Quantum-Resistant Hashes

Collision Resistance: Should remain hard even for quantum computers.
Preimage Resistance: Finding the original input from the hash should be computationally infeasible.
Second Preimage Resistance: Given one input, finding another with the same hash should be difficult.

Current Quantum-Resistant Hash Functions

SHA-3 (Keccak): Designed for quantum resistance, considered secure due to its sponge construction.
SHA-2 Variants (SHA-256, SHA-384, SHA-512): Doubling output size is recommended for quantum resistance.
BLAKE2 and BLAKE3: High-speed, aiming for post-quantum security.
Hash-based Digital Signatures: Systems like SPHINCS+ use hash functions for quantum-resistant signatures.

Research and Development

NIST's Post-Quantum Cryptography: Standardizing quantum-resistant algorithms, including hash-based signatures.
Academic Work: Exploring new hash functions or modifications for better quantum resistance.

Implementation Considerations

Key Size Increase: Doubling hash/key size for equivalent security.
Transition Strategy: Planning for transition to post-quantum cryptography.

Quantum-Resistant Hash Summary

While no hash function is currently known to be completely broken by quantum computers, the consensus is to prepare for quantum computing by using or migrating to hash functions with security assurances in quantum contexts. SHA-3, along with higher-bit versions of SHA-2, are commonly cited as being quantum-resistant, but the cryptographic community continues to monitor and adapt to new findings in quantum computing research.