Paper 2020/941
Alternative Tower Field Construction for Quantum Implementation of the AES S-box
Doyoung Chung, Seungkwang Lee, Dooho choi, and Jooyoung Lee
Abstract
Grover’s search algorithm allows a quantum adversary to find a k-bit secret key of a block cipher by making O(2k/2) block cipher queries. Resistance of a block cipher to such an attack is evaluated by quantum resources required to implement Grover’s oracle for the target cipher. The quantum resources are typically estimated by the T-depth of its circuit implementation (time) and the number of qubits used by the circuit (space). Since the AES S-box is the only component which requires T-gates in the quantum implementation of AES, recent research has put its focus on efficient implementation of the AES S-box. However, any efficient implementation with low T-depth will not be practical in the real world without considering qubit consumption of the implementation. In this work, we propose four methods of trade-off between time and space for the quantum implementation of the AES S-box. In particular,one of our methods turns out to use the smallest number of qubits among the existing methods, significantly reducing its T-depth.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Quantum implementationquantum cryptanalysisGrover's algorithmAESmultiplicative inversion
- Contact author(s)
- thisisdoyoung @ etri re kr
- History
- 2021-09-16: last of 4 revisions
- 2020-07-31: received
- See all versions
- Short URL
- https://ia.cr/2020/941
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/941,
author = {Doyoung Chung and Seungkwang Lee and Dooho choi and Jooyoung Lee},
title = {Alternative Tower Field Construction for Quantum Implementation of the {AES} S-box},
howpublished = {Cryptology {ePrint} Archive, Paper 2020/941},
year = {2020},
url = {https://eprint.iacr.org/2020/941}
}
