Skip to main content
SpringerLink
Log in

Quantum LLL with an Application to Mersenne Number Cryptosystems

  • Conference paper
  • First Online:
Progress in Cryptology – LATINCRYPT 2019 (LATINCRYPT 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11774))

Abstract

In this work we analyze the impact of translating the well-known LLL algorithm for lattice reduction into the quantum setting. We present the first (to the best of our knowledge) quantum circuit representation of a lattice reduction algorithm in the form of explicit quantum circuits implementing the textbook LLL algorithm. Our analysis identifies a set of challenges arising from constructing reversible lattice reduction as well as solutions to these challenges. We give a detailed resource estimate with the Toffoli gate count and the number of logical qubits as complexity metrics.

As an application of the previous, we attack Mersenne number cryptosystems by Groverizing an attack due to Beunardeau et al. that uses LLL as a subprocedure. While Grover’s quantum algorithm promises a quadratic speedup over exhaustive search given access to a oracle that distinguishes solutions from non-solutions, we show that in our case, realizing the oracle comes at the cost of a large number of qubits. When an adversary translates the attack by Beunardeau et al. into the quantum setting, the overhead of the quantum LLL circuit may be as large as \( 2^{52} \) qubits for the text-book implementation and \( 2^{33} \) for a floating-point variant.

Part of this work was conducted at the Computer Security and Industrial Cryptography group (COSIC) at KU Leuven, Leuven, Belgium.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 74.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aggarwal, D., Joux, A., Prakash, A., Santha, M.: A new public-key cryptosystem via mersenne numbers. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 459–482. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_16

    Chapter  Google Scholar 

  2. Bennett, C.H., Bernstein, E., Brassard, G., Vazirani, U.: Strengths and weaknesses of quantum computing. SIAM J. Comput. 26(5), 1510–1523 (1997). https://doi.org/10.1137/S0097539796300933

    Article  MathSciNet  MATH  Google Scholar 

  3. Beunardeau, M., Connolly, A., Géraud, R., Naccache, D.: On the hardness of the Mersenne low hamming ratio assumption. IACR Cryptology ePrint Arch. 2017, 522 (2017)

    Google Scholar 

  4. de Boer, K., Ducas, L., Jeffery, S., de Wolf, R.: Attacks on the AJPS Mersenne-based cryptosystem. In: Lange, T., Steinwandt, R. (eds.) PQCrypto 2018. LNCS, vol. 10786, pp. 101–120. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-79063-3_5

    Chapter  Google Scholar 

  5. Cuccaro, S.A., Draper, T.G., Kutin, S.A., Moulton, D.P.: A new quantum ripple-carry addition circuit. arXiv. arXiv:quant-ph/0410184 (2004)

  6. Duc Nguyen, T., Van Meter, R.: A space-efficient design for reversible floating point adder in quantum computing. ACM J. Emerg. Technol. Comput. Syst. 11, 3 (2013). https://doi.org/10.1145/2629525

    Article  Google Scholar 

  7. Fowler, A.G., Mariantoni, M., Martinis, J.M., Cleland, A.N.: Surface codes: towards practical large-scale quantum computation. Phys. Rev. A 86, 032324 (2012). https://doi.org/10.1103/PhysRevA.86.032324

    Article  Google Scholar 

  8. Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 31–51. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78967-3_3

    Chapter  Google Scholar 

  9. Gidney, C.: Windowed quantum arithmetic. arXiv:1905.07682 (2019)

  10. Grover, L.K.: A fast quantum mechanical algorithm for database search. In: ACM STOC, pp. 212–219. STOC 1996. ACM, New York (1996). https://doi.org/10.1145/237814.237866

  11. Bennett, C.H.: Time/space trade-offs for reversible computation. SIAM J. Comput. 18, 766–776 (1989). https://doi.org/10.1137/0218053

    Article  MathSciNet  MATH  Google Scholar 

  12. Joux, A.: Algorithmic Cryptanalysis, 1st edn. Chapman & Hall/CRC, Boca Raton (2009)

    Book  Google Scholar 

  13. Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261(4), 515–534 (1982). https://doi.org/10.1007/BF01457454

    Article  MathSciNet  MATH  Google Scholar 

  14. Nachtigal, M., Thapliyal, H., Ranganathan, N.: Design of a reversible single precision floating point multiplier based on operand decomposition. In: 10th IEEE International Conference on Nanotechnology, pp. 233–237 (August 2010). https://doi.org/10.1109/NANO.2010.5697746

  15. Nachtigal, M., Thapliyal, H., Ranganathan, N.: Design of a reversible floating-point adder architecture. In: 2011 11th IEEE International Conference on Nanotechnology, pp. 451–456 (August 2011). https://doi.org/10.1109/NANO.2011.6144358

  16. Nguên, P.Q., Stehlé, D.: Floating-point LLL revisited. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 215–233. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_13

    Chapter  Google Scholar 

  17. Nguyen, P.Q., Stehlé, D.: LLL on the average. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 238–256. Springer, Heidelberg (2006). https://doi.org/10.1007/11792086_18

    Chapter  Google Scholar 

  18. Nguyen, P.Q., Valle, B.: The LLL Algorithm: Survey and Applications, 1st edn. Springer, Berlin (2009). https://doi.org/10.1007/978-3-642-02295-1

    Book  Google Scholar 

  19. Nielsen, M.A., Chuang, I.L.: Quantum Computation and Quantum Information, 10th edn. Cambridge University Press, New York (2011)

    MATH  Google Scholar 

  20. Rines, R., Chuang, I.: High performance quantum modular multipliers. arXiv arXiv:1801.01081 (2018)

  21. Roetteler, M., Naehrig, M., Svore, K.M., Lauter, K.: Quantum resource estimates for computing elliptic curve discrete logarithms. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 241–270. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_9

    Chapter  Google Scholar 

  22. Schnorr, C.P.: A more efficient algorithm for lattice basis reduction. J. Algorithms 9(1), 47–62 (1988). https://doi.org/10.1016/0196-6774(88)90004-1

    Article  MathSciNet  MATH  Google Scholar 

  23. Selinger, P.: Quantum circuits of \(t\)-depth one. Phys. Rev. A 87, 042302 (2013). https://doi.org/10.1103/PhysRevA.87.042302

    Article  Google Scholar 

  24. Shor, P.W.: Algorithms for quantum computation: Discrete logarithms and factoring. In: FOCS, pp. 124–134. SFCS 1994. IEEE Computer Society, Washington, D.C. (1994). https://doi.org/10.1109/SFCS.1994.365700

  25. Szepieniec, A.: Ramstake. NIST Submission (2017) https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions

  26. Wiebe, N., Kliuchnikov, V.: Floating point representations in quantum circuit synthesis. New J. Phys. 15(9), 093041 (2013). https://doi.org/10.1088/1367-2630/15/9/093041

    Article  Google Scholar 

Download references

Acknowledgements

The authors should like to thank the anonymous reviewers for their helpful feedback and suggestions. This work was supported in part by the Research Council KU Leuven: C16/15/058. In addition, this work was supported by the European Commission through the Horizon 2020 research and innovation programme under grant agreement H2020-DS-LEIT-2017-780108 FENTEC, by the Flemish Government through FWO SBO project SNIPPET S007619N and by the IF/C1 on Cryptanalysis of post-quantum cryptography. Alan Szepieniec was supported by a research grant of the Institute for the Promotion of Innovation through Science and Technology in Flanders (IWT-Vlaanderen), and is now supported by the Nervos Foundation.

Author information

Authors and Affiliations

  1. Karlsruhe Institute of Technology, Karlsruhe, Germany

    Marcel Tiepelt

  2. Nervos Foundation, Hangzhou, China

    Alan Szepieniec

Authors
  1. Marcel Tiepelt
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alan Szepieniec
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Marcel Tiepelt .

Editor information

Editors and Affiliations

  1. Radboud University Nijmegen, Nijmegen, The Netherlands

    Peter Schwabe

  2. Universidad de Santiago de Chile, Santiago, Chile

    Nicolas Thériault

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Tiepelt, M., Szepieniec, A. (2019). Quantum LLL with an Application to Mersenne Number Cryptosystems. In: Schwabe, P., Thériault, N. (eds) Progress in Cryptology – LATINCRYPT 2019. LATINCRYPT 2019. Lecture Notes in Computer Science(), vol 11774. Springer, Cham. https://doi.org/10.1007/978-3-030-30530-7_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-30530-7_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-30529-1

  • Online ISBN: 978-3-030-30530-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation