Abstract
Grover’s algorithm has been widely used for quantum key search to attack block ciphers with a quadratic speedup as compared to classical brute-force attacks and also used for evaluating the post-quantum security of block ciphers against quantum computer attack. But, this quantum key search on block ciphers has a high quantum circuit depth and AES-128 is still secure against such attack. In this paper, we introduce a method called the depth–measurement trade-off method that reduces the overall quantum circuit depth of quantum key search to attack block ciphers by increasing the number of measurements of the circuit. This method is to introduce dummy keys in the quantum circuit as part of the correct key. This will reduce both quantum circuit resource and quantum circuit depth. Based on this technique, the quantum circuit depth of AES-128 is less than \(2^{64}\), while NIST suggested circuit depth should be greater than MAXDEPTH, which is \(2^{40}\), \(2^{64}\) and \(2^{96}\) in order to resist the respective attacks. In addition, we also simulated the depth–measurement trade-off method on the reduced SIMON block cipher algorithm as a proof of concept. Furthermore, we also apply the depth–measurement technique on various block ciphers, for example AES, PRESENT, SIMON, GIFT, SPECK, RECTANGLE, LowMC, KNOT, PIPO, etc.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Availability of data and materials
No datasets were generated or analysed during the current study.
References
Amy, M., Maslov, D., Mosca, M., Roetteler, M.: A meet-in-the-middle algorithm for fast synthesis of depth-optimal quantum circuits. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 32(6), 818–830 (2013). https://doi.org/10.1109/TCAD.2013.2244643
Anand, R., Maitra, A., Mukhopadhyay, S.: Grover on SIMON. Quant. Inf. Process. 19(9), 340 (2020). https://doi.org/10.1007/s11128-020-02844-w
Baksi, A., Jang, K., Song, G., Seo, H., Xiang, Z.: Quantum implementation and resource estimates for RECTANGLE and KNOT. Quant. Inf. Process. 20(12), 395 (2021). https://doi.org/10.1007/S11128-021-03307-6
Barenco, A., Bennett, C.H., Cleve, R., DiVincenzo, D.P., Margolus, N., Shor, P., Sleator, T., Smolin, J.A., Weinfurter, H.: Elementary gates for quantum computation. Phys. Rev. A 52(5), 3457 (1995)
Beaulieu, R., Treatman-Clark, S., Shors, D., Weeks, B., Smith, J., Wingers, L.: The SIMON and SPECK lightweight block ciphers. In: 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 1-6. https://doi.org/10.1145/2744769.2747946 (2015)
Boyar, J., Peralta, R.: A new combinational logic minimization technique with applications to cryptology. In: Festa, P. (ed.) Experimental Algorithms, pp. 178–189. Springer, Berlin, Heidelberg (2010)
Boyar, J., Peralta, R.: A small depth-16 circuit for the AES S-box. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) Information Security and Privacy Research, pp. 287–298. Springer, Berlin, Heidelberg (2012)
Chung, D., Lee, S., Choi, D., Lee, J.: Alternative tower field construction for quan-tum implementation of the AES S-box. IEEE Trans. Comput. 71(10), 2553–2564 (2022). https://doi.org/10.1109/TC.2021.3135759
Grassl, M., Langenberg, B., Roettler, M., Steinwandt, R.: Applying Grover’s algorithm to AES: Quantum resource estimates. In: Takagi, T. (ed.) Post-Quantum Cryptography, pp. 29–43. Springer, Cham (2016)
Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Miller, G.L. (ed.) Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, Philadelphia, Pennsylvania, USA, May 22-24, 1996, pp. 212–219. ACM, USA . https://doi.org/10.1145/237814.237866 (1996)
Huang, Z., Sun, S.: Synthesizing quantum circuits of AES with lower T-depth and less qubits. In: Agrawal, S., Lin, D. (eds.) Advances in Cryptology - ASIACRYPT 2022, pp. 614–644. Springer, Cham (2022)
Jang, K., Song, G., Kwon, H., Uhm, S., Kim, H., Lee, W.-K., Seo, H.: Grover on PIPO. Electronics 10, 1194 (2021). https://doi.org/10.3390/electronics10101194
Jang, K., Song, G., Kim, H., Kwon, H., Kim, H., Seo, H.: Efficient implementation of PRESENT and GIFT on quantum computers. Appl. Sci. 11, 4776 (2021). https://doi.org/10.3390/app11114776
Jang, K., Baksi, A., Kim, H., Song, G., Seo, H., Chattopadhyay, A.: Quantum Analysis of AES. Cryptology ePrint Archive, Paper 2022/683. https://eprint.iacr.org/2022/683 (2022)
Jang, K., Baksi, A., Kim, H., Seo, H., Chattopadhyay, A.: Improved quantum analysis of SPECK and LowMC. In: Isobe, T., Sarkar, S. (eds.) Progress in Cryptology - INDOCRYPT 2022, pp. 517–540. Springer, Cham (2022)
Jaques, S., Naehrig, M., Roetteler, M., Virdia, F.: Implementing Grover oracles for quantum key search on AES and LowMC. In: Canteaut, A., Ishai, Y. (eds.) Advances in Cryptology - EUROCRYPT 2020, pp. 280–310. Springer, Cham (2020)
Kim, P., Han, D., Jeong, K.C.: Time-space complexity of quantum search algorithms in symmetric cryptanalysis: applying to AES and SHA-2. Quant. Inf. Process 17, 339 (2018). https://doi.org/10.1007/s11128-018-2107-3
Langenberg, B., Pham, H., Steinwandt, R.: Reducing the cost of implementing the Advanced Encryption Standard as a quantum circuit. IEEE Trans. Quant. Eng. 1, 1–12 (2020). https://doi.org/10.1109/TQE.2020.2965697
NIST: Submission Requirements and Evaluation Criteria for the Post-Quantum Cryptography Standardization Process . https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/call-for-proposals-dig-sig-sept-2022.pdf (2022)
Qiskit contributors, “Qiskit: An open-source framework for quantum computing,” . https://doi.org/10.5281/zenodo.2573505 (2023)
Rahman, M., Paul, G.: Grover on KATAN: quantum resource estimation. IEEE Trans. Quant. Eng. 3, 1–9 (2022). https://doi.org/10.1109/TQE.2022.3140376
Yang, Y., Jang, K., Kim, H., Song, G., Seo, H.: Grover on SPARKLE. In: You, I., Youn, T.-Y. (eds.) Information Security Applications, pp. 44–59. Springer, Cham (2023)
Zou, J., Wei, Z., Sun, S., Liu, X., Wu, W.: Quantum circuit implementations of AES with fewer qubits’. In: Moriai, S., Wang, H. (eds.) Advances in Cryptology - ASIACRYPT 2020, pp. 697–726. Springer, Cham (2020)
Acknowledgements
We would like to thank the anonymous reviewers’ valuable comments, which improved the presentation and quality of this paper.
Author information
Authors and Affiliations
Contributions
CH contributed the idea and read and checked the manuscript. WJ wrote the manuscript and did the implementation for the quantum circuit in Qiskit and simulation. All authors reviewed the manuscript.
Corresponding author
Ethics declarations
Competing interests
The authors declare no competing interests.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Ng, W.J., Tan, C.H. Depth–measurement trade-off for quantum search on block ciphers. Quantum Inf Process 23, 151 (2024). https://doi.org/10.1007/s11128-024-04359-0
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11128-024-04359-0