Quantum Implementation of Linear and Non-Linear Layers

In this paper, we consider the problem of quantum implementation of the symmetric-key ciphers. The typical ciphers in this category have two main components, the linear and the non-linear layers, we consider both. The linear layer can be described as a non-singular matrix over binary operations. The...

Full description

Saved in:
Bibliographic Details
Published inProceedings / IEEE International SOC Conference pp. 1 - 6
Main Authors Baksi, Anubhab, Chakraborty, Sumanta, Chattopadhyay, Anupam, Chun, Matthew, Islam, Sk Hafizul, Jang, Kyungbae, Kim, Hyunji, Oh, Yujin, Roy, Soham, Seo, Hwajeong, Wang, Siyi
Format Conference Proceeding
LanguageEnglish
Published IEEE 16.09.2024
Subjects
Ciphers
Costs
In-place Implementation
Linear Layer
Logic gates
Matrices
Measurement
Optimization
Quantum circuit
Quantum Implementation
Qubit
S-box
Symmetric matrices
System-on-chip
Online AccessGet full text

Cover

More Information
Summary:In this paper, we consider the problem of quantum implementation of the symmetric-key ciphers. The typical ciphers in this category have two main components, the linear and the non-linear layers, we consider both. The linear layer can be described as a non-singular matrix over binary operations. The in-place implementation is one of the main considerations for implementing such layer to minimize the number of qubits. We discuss the research works that have been done to this point on this subject matter and report the improved implementation of some of the matrices. Lists of our modifications include; making it more efficient (specially for the larger matrices), consideration for quantum depth (along with a randomized algorithm for optimization), etc. We report benchmarks for the ASCON and SHA-2 linear matrices. As for the non-linear layer, the constituent block is called an substitution box (an S-box, for short). Our "DORCIS" tool presented in this paper, finds a quantum circuit with an optimized depth for given S-boxes of size 3- and 4-bit. It is a follow-up work on LIGHTER-R (which is applicable for 4-bit S-boxes only) with multiple extensions. Unlike LIGHTER-R, our DORCIS takes a quantum decomposition based on Clifford and T gates. Also, both the full quantum depth and the T depth can be optimized by DORCIS. We compare our implementation with other optimized quantum circuits shown in the other research works and show that we find an implementation with the same cost metric, or find an implementation with lower cost metric, compared other tools proposed in the literature, apart from being simpler and more efficient.
ISSN:2164-1706
DOI:10.1109/SOCC62300.2024.10737862