Skip to main content
SpringerLink
Log in

Optimizing the Depth of Quantum Implementations of Linear Layers

  • Conference paper
  • First Online:
Information Security and Cryptology (Inscrypt 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13837))

Included in the following conference series:

Abstract

Synthesis and optimization of quantum circuits are important and fundamental research topics in quantum computation, due to the fact that qubits are very precious and decoherence time which determines the computation time available is very limited. Specifically in cryptography, identifying the minimum quantum resources for implementing an encryption process is crucial in evaluating the quantum security of symmetric-key ciphers. In this work, we investigate the problem of optimizing the depth of quantum circuits for linear layers while utilizing a small number of qubits and quantum gates. To this end, we present a framework for the implementation and optimization of linear Boolean functions, by which we significantly reduce the depth of quantum circuits for many linear layers used in symmetric-key ciphers without increasing the gate count.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    This operation can also be implemented by 3 CNOT gates, but this will cost more quantum resources, since we think the cost of rewiring is free in most cases.

References

  1. Microsoftt q#. quantum development. https://devblogs.microsoft.com/qsharp/

  2. Aaronson, S., Gottesman, D.: Improved simulation of stabilizer circuits. Phys. Rev. A 70(5), 052328 (2004). https://doi.org/10.1103/physreva.70.052328

    Article  Google Scholar 

  3. Albrecht, M.R., Driessen, B., Kavun, E.B., Leander, G., Paar, C., Yaln, T.: Block ciphers - focus on the linear layer (feat. PRIDE). In: Annual Cryptology Conference (2014)

    Google Scholar 

  4. Almazrooie, M., Samsudin, A., Abdullah, R., Mutter, K.N.: Quantum reversible circuit of AES-128. Quantum Inf. Process. 17(5), 1–30 (2018)

    Article  MathSciNet  MATH  Google Scholar 

  5. Amy, M., Maslov, D., Mosca, M., Roetteler, M.: A meet-in-the-middle algorithm for fast synthesis of depth-optimal quantum circuits. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 32(6), 818–830 (2013)

    Article  Google Scholar 

  6. Avanzi, R.: The QARMA block cipher family. Almost MDS matrices over rings with zero divisors, nearly symmetric even-mansour constructions with non-involutory central rounds, and search heuristics for low-latency s-boxes. IACR Trans. Symmetric Cryptol. 2017(1), 4–44 (2017)

    Google Scholar 

  7. Banik, S., et al.: Midori: a block cipher for low energy. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9453, pp. 411–436. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48800-3_17

    Chapter  Google Scholar 

  8. Barreto, P., Nikov, V., Nikova, S., Rijmen, V., Tischhauser, E.: Whirlwind: a new cryptographic hash function. Des. Codes Crypt. 56(2–3), 141–162 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  9. Barreto, P., Rijmen, V.: The Khazad legacy-level block cipher. Submission to the NESSIE project (2000)

    Google Scholar 

  10. Beierle, C., Jean, J., Kölbl, S., Leander, G., Sim, S.M.: The skinny family of block ciphers and its low-latency variant mantis. In: Annual Cryptology Conference (2016)

    Google Scholar 

  11. Beierle, C., Kranz, T., Leander, G.: Lightweight multiplication in \(GF(2^n)\) with applications to MDS matrices. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 625–653. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_23

    Chapter  MATH  Google Scholar 

  12. Bonnetain, X., Leurent, G., Naya-Plasencia, M., Schrottenloher, A.: Quantum linearization attacks. Cryptology ePrint Archive, Paper 2021/1239 (2021). https://eprint.iacr.org/2021/1239

  13. Bonnetain, X., Naya-Plasencia, M., Schrottenloher, A.: Quantum security analysis of AES. IACR Trans. Symmetric Cryptol. 2019(2), 55–93 (2019)

    Article  MATH  Google Scholar 

  14. Bonnetain, X., Naya-Plasencia, M., Schrottenloher, A.: On quantum slide attacks. Cryptology ePrint Archive, Paper 2018/1067 (2018). https://eprint.iacr.org/2018/1067

  15. Borghoff, J., et al.: PRINCE – a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_14

    Chapter  Google Scholar 

  16. Boyar, J., Peralta, R.: A small depth-16 circuit for the AES S-box. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IAICT, vol. 376, pp. 287–298. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30436-1_24

    Chapter  Google Scholar 

  17. de Brugiere, T.G., Baboulin, M., Valiron, B., Martiel, S., Allouche, C.: Reducing the depth of linear reversible quantum circuits. IEEE Trans. Quantum Eng. 2, 1–22 (2021). https://doi.org/10.1109/tqe.2021.3091648

    Article  Google Scholar 

  18. Brugière, T.G.D., Baboulin, M., Valiron, B., Martiel, S., Allouche, C.: Gaussian elimination versus greedy methods for the synthesis of linear reversible circuits. ACM Trans. Quantum Comput. 2(3), 1–26 (2021). https://doi.org/10.1145/3474226

    Article  MathSciNet  Google Scholar 

  19. Cid, C., Murphy, S., Robshaw, M.: Small scale variants of the AES. In: International Conference on Fast Software Encryption (2005)

    Google Scholar 

  20. Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. The Design of Rijndael: AES - The Advanced Encryption Standard (2002)

    Google Scholar 

  21. Grassl, M., Langenberg, B., Roetteler, M., Steinwandt, R.: Applying Grover’s algorithm to AES: quantum resource estimates. In: Takagi, T. (ed.) PQCrypto 2016. LNCS, vol. 9606, pp. 29–43. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29360-8_3

    Chapter  MATH  Google Scholar 

  22. Grover, L.K.: A fast quantum mechanical algorithm for database search (1996)

    Google Scholar 

  23. Hosoyamada, A., Sasaki, Yu.: Quantum Demiric-Selçuk meet-in-the-middle attacks: applications to 6-round generic Feistel constructions. In: Catalano, D., De Prisco, R. (eds.) SCN 2018. LNCS, vol. 11035, pp. 386–403. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98113-0_21

    Chapter  Google Scholar 

  24. Huang, Z., Sun, S.: Synthesizing quantum circuits of AES with lower T-depth and less qubits. Cryptology ePrint Archive, Paper 2022/620 (2022). https://eprint.iacr.org/2022/620

  25. Jaques, S., Naehrig, M., Roetteler, M., Virdia, F.: Implementing Grover oracles for quantum key search on AES and LowMC. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12106, pp. 280–310. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45724-2_10

    Chapter  Google Scholar 

  26. Jean, J., Nikolić, I., Peyrin, T.: Joltik. Submission to the CAESAR competition (2014)

    Google Scholar 

  27. Jean, J., Peyrin, T., Sim, S.M., Tourteaux, J.: Optimizing implementations of lightweight building blocks. Cryptology ePrint Archive (2017)

    Google Scholar 

  28. Jiang, J., Sun, X., Teng, S.H., Wu, B., Wu, K., Zhang, J.: Optimal space-depth trade-off of CNOT circuits in quantum logic synthesis. In: Proceedings of the Fourteenth Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 213–229. SIAM (2020)

    Google Scholar 

  29. Junod, P., Vaudenay, S.: FOX: a new family of block ciphers. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 114–129. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30564-4_8

    Chapter  Google Scholar 

  30. Kaplan, M., Leurent, G., Leverrier, A., Naya-Plasencia, M.: Quantum differential and linear cryptanalysis. arXiv preprint arXiv:1510.05836 (2015)

  31. Kelsey, B., Whiting, D., Wagner, D., Hall, C., Ferguson, N.: Twofish: a 128bit block cipher (1998)

    Google Scholar 

  32. Kranz, T., Leander, G., Stoffelen, K., Wiemer, F.: Shorter linear straight-line programs for MDS matrices (2017)

    Google Scholar 

  33. Langenberg, B., Pham, H., Steinwandt, R.: Reducing the cost of implementing the advanced encryption standard as a quantum circuit. IEEE Trans. Quantum Eng. 1, 1–12 (2020)

    Article  Google Scholar 

  34. Li, Y., Wang, M.: On the construction of lightweight circulant involutory MDS matrices. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 121–139. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_7

    Chapter  Google Scholar 

  35. Liu, M., Sim, S.M.: Lightweight MDS generalized circulant matrices. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 101–120. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_6

    Chapter  Google Scholar 

  36. Miller, D., Maslov, D., Dueck, G.: A transformation based algorithm for reversible logic synthesis, pp. 318–323 (2003). https://doi.org/10.1109/dac.2003.1219016

  37. Patel, K.N., Markov, I.L., Hayes, J.P.: Optimal synthesis of linear reversible circuits. Quantum Inf. Comput. 8(3), 282–294 (2008)

    MathSciNet  MATH  Google Scholar 

  38. Saeedi, M., Markov, I.L.: Synthesis and optimization of reversible circuits-a survey. ACM Comput. Surv. 45(2), 1–34 (2013). https://doi.org/10.1145/2431211.2431220

    Article  MATH  Google Scholar 

  39. Sarkar, S., Syed, H.: Lightweight diffusion layer: importance of Toeplitz matrices (2016)

    Google Scholar 

  40. Sarkar, S., Syed, H.: Analysis of Toeplitz MDS matrices. In: Pieprzyk, J., Suriadi, S. (eds.) ACISP 2017. LNCS, vol. 10343, pp. 3–18. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59870-3_1

    Chapter  Google Scholar 

  41. Shende, V.V., Prasad, A.K., Markov, I.L., Hayes, J.P.: Reversible logic circuit synthesis. In: IEEE/ACM International Conference on Computer-Aided Design, Digest of Technical Papers, pp. 353–360 (2002). https://doi.org/10.1145/774572.774625

  42. Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-bit blockcipher CLEFIA (extended abstract). In: International Workshop on Fast Software Encryption (2007)

    Google Scholar 

  43. Sim, S.M., Khoo, K., Oggier, F., Peyrin, T.: Lightweight MDS involution matrices. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 471–493. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48116-5_23

    Chapter  Google Scholar 

  44. Barreto, P., Rijmen, V.: The anubis block cipher (2000)

    Google Scholar 

  45. Wille, R., Große, D., Teuber, L., Dueck, G.W., Drechsler, R.: RevLib: an online resource for reversible functions and reversible circuits. In: 38th International Symposium on Multiple Valued Logic (ISMVL 2008), pp. 220–225. IEEE (2008)

    Google Scholar 

  46. Xiang, Z., Zeng, X., Lin, D., Bao, Z., Zhang, S.: Optimizing implementations of linear layers. IACR Trans. Symmetric Cryptol. 120–145 (2020)

    Google Scholar 

  47. Zakablukov, D.V.: Application of permutation group theory in reversible logic synthesis. In: Devitt, S., Lanese, I. (eds.) RC 2016. LNCS, vol. 9720, pp. 223–238. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40578-0_17

    Chapter  MATH  Google Scholar 

  48. Zou, J., Wei, Z., Sun, S., Liu, X., Wu, W.: Quantum circuit implementations of AES with fewer qubits. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12492, pp. 697–726. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64834-3_24

    Chapter  Google Scholar 

Download references

Acknowledgements

This work is supported by the National Natural Science Foundation of China (Grant No. 61977060).

Author information

Authors and Affiliations

  1. SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Chengkai Zhu & Zhenyu Huang

  2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China

    Chengkai Zhu & Zhenyu Huang

Authors
  1. Chengkai Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhenyu Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zhenyu Huang .

Editor information

Editors and Affiliations

  1. Institute of Information Engineering, CAS, Beijing, China

    Yi Deng

  2. Columbia University, New York, NY, USA

    Moti Yung

Appendix

Appendix

In the following, we present the CNOT circuit for AES MixColumns using 92 CNOT gates, which keeps the gate count the same as the implementation with classical XOR gates in [46]. After our optimization, the circuit depth is reduced from 41 to 28, compared with direct sequence depth; from 30 to 28, compared with move-equivalent circuit depth (Table 3).

Table 3. A quantum circuit for AES MixColumns with depth 28, where each XOR operation is corresponding to a CNOT gate.
Full size table

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhu, C., Huang, Z. (2023). Optimizing the Depth of Quantum Implementations of Linear Layers. In: Deng, Y., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2022. Lecture Notes in Computer Science, vol 13837. Springer, Cham. https://doi.org/10.1007/978-3-031-26553-2_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-26553-2_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-26552-5

  • Online ISBN: 978-3-031-26553-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation