A framework for reducing the overhead of the quantum oracle for use with Grover’s algorithm with applications to cryptanalysis of SIKE

• Published in: Journal of mathematical cryptology Vol. 15; no. 1; pp. 143 - 156
• Main Authors: Biasse, Jean-François, Pring, Benjamin
• Format: Journal Article
• Language: English
• Published: Berlin De Gruyter 01.01.2021; Walter de Gruyter GmbH
• Subjects: 68Q12; Algorithms; Asymptotic properties; Circuits; Complexity; Cryptography; Optimization; Polynomials; Preprocessing; Quantum computing; quantum cryptanalysis; quantum search; Qubits (quantum computing); reversible computation; Search algorithms
• ISSN: 1862-2984; 1862-2976; 1862-2984
• DOI: 10.1515/jmc-2020-0080

In this paper we provide a framework for applying classical search and preprocessing to quantum oracles for use with Grover’s quantum search algorithm in order to lower the quantum circuit-complexity of Grover’s algorithm for single-target search problems. This has the effect (for certain problems) of reducing a portion of the polynomial overhead contributed by the implementation cost of quantum oracles and can be used to provide either strict improvements or advantageous trade-offs in circuit-complexity. Our results indicate that it is possible for quantum oracles for certain single-target preimage search problems to reduce the quantum circuit-size from (where originates from the cost of implementing the quantum oracle) to without the use of quantum ram, whilst also slightly reducing the number of required qubits. This framework captures a previous optimisation of Grover’s algorithm using preprocessing [ ] applied to cryptanalysis, providing new asymptotic analysis. We additionally provide insights and asymptotic improvements on recent cryptanalysis [ ] of SIKE [ ] via Grover’s algorithm, demonstrating that the speedup applies to this attack and impacting upon quantum security estimates [ ] incorporated into the SIKE specification [ ].