Applying Grover's Algorithm to AES: Quantum Resource Estimates
نویسندگان
چکیده
We present quantum circuits to implement an exhaustive key search for the Advanced Encryption Standard (AES) and analyze the quantum resources required to carry out such an attack. We consider the overall circuit size, the number of qubits, and the circuit depth as measures for the cost of the presented quantum algorithms. Throughout, we focus on Clifford+T gates as the underlying fault-tolerant logical quantum gate set. In particular, for all three variants of AES (key size 128, 192, and 256 bit) that are standardized in FIPS-PUB 197, we establish precise bounds for the number of qubits and the number of elementary logical quantum gates that are needed to implement Grover’s quantum algorithm to extract the key from a small number of AES plaintext-ciphertext pairs.
منابع مشابه
Low-Communication Parallel Quantum Multi-Target Preimage Search
The most important pre-quantum threat to AES-128 is the 1994 van Oorschot–Wiener “parallel rho method”, a low-communication parallel pre-quantum multi-target preimage-search algorithm. This algorithm uses a mesh of p small processors, each running for approximately 2/pt fast steps, to find one of t independent AES keys k1, . . . , kt, given the ciphertexts AESk1(0), . . . ,AESkt(0) for a shared...
متن کاملThermodynamic Analysis of Classical and Quantum Search Algorithms
We analyze the performance of classical and quantum search algorithms from a thermodynamic perspective, focusing on resources such as time, energy, and memory size. We consider two examples that are relevant to post-quantum cryptography: Grover’s search algorithm, and the quantum algorithm for collisionfinding. Using Bennett’s “Brownian” model of low-power reversible computation, we show classi...
متن کاملA Lecture on Grover's Quantum Search Algorithm Version 1.1
This paper ia a written version of a one hour lecture given on Lov Grover's quantum database search algorithm. It is based on [4], [5], and [9].
متن کاملQuantum Computing (Recent Developments in Quantum Computational Intelligence)
This paper surveys the recent trends in quantum computational intelligence. Initially we focus on Grover’s search algorithm and its extensions. Next we summarize the current research aimed at applying the search algorithm to create quantum Artificial Neural Networks and look at methods of improving the performance of our newly created quantum neural networks.
متن کاملHypothesis elimination on a quantum computer ∗
Hypothesis elimination is a special case of Bayesian updating, where each piece of new data rules out a set of prior hypotheses. We describe how to use Grover’s algorithm to perform hypothesis elimination for a class of probability distributions encoded on a register of qubits, and establish a lower bound on the required computational resources.
متن کامل