Post-quantum distinguishing attack on one block ciphers mode of operation

At the end of 2022, in Russian Federation, standardisation recommendations were adopted that define a block cipher mode of operation for block-oriented storage devices protection. This mode is called Disk Encryption with Counter (DEC). The DEC mode is a modification of CTR mode, where initialization vector and initial counter value are derived from sector and partition numbers. In this paper, we define a provable security model that provides a notion of confidentiality when a quantum oracle is accessible to an adversary. A single-query distinguishing attack on the DEC mode is discussed. The attack relies on the possibility to disentangle plaintext and ciphertext registers from each other when the provided plaintext is encrypted directly, and the impossibility of such a transition when a random permutation is applied to the plaintext before encryption.