A chosen-plaintext attack on quantum permutation pad

The quantum permutation pad (QPP) is a cryptographic primitive, functionally similar to the one-time pad (OTP). Unlike OTP, QPP promises to remain secure even when the encryption key is used multiple times (Kuang and Barbeau in Quantum Inf Process 21(6):211, 2022. https://doi.org/10.1007/s11128-022-03557-y). QPP has emerged as a relatively recent proposal, with many aspects of its functionality yet to be explored. One such aspect is ensuring the security of this primitive against chosen-plaintext attacks. This study reveals that an eavesdropper can gain access to the encryption key under such an attack paradigm. Additionally, the security of a proposed practical encryption device built around PRNG and QPP primitives is examined (Kuang and Perepechaenko in EPJ Quantum Technol 9(1):26, 2022. https://doi.org/10.1140/epjqt/s40507-022-00145-y). We have found that simplified versions, in which the attacker has access to the input data of the QPP block, are vulnerable. It is crucial to note, however, that the described attack does not undermine the security of a complete implementation, as it requires a combined attack on both the PRNG and QPP.