A framework for reducing the overhead of the quantum oracle for use with Grover's algorithm with applications to cryptanalysis of SIKE

Jean-François Biasse, Benjamin Pring
2020 Journal of Mathematical Cryptology  
AbstractIn this paper we provide a framework for applying classical search and preprocessing to quantum oracles for use with Grover's quantum search algorithm in order to lower the quantum circuit-complexity of Grover's algorithm for single-target search problems. This has the effect (for certain problems) of reducing a portion of the polynomial overhead contributed by the implementation cost of quantum oracles and can be used to provide either strict improvements or advantageous trade-offs in
more » ... ircuit-complexity. Our results indicate that it is possible for quantum oracles for certain single-target preimage search problems to reduce the quantum circuit-size from $O\left(2^{n/2}\cdot mC\right)$ (where C originates from the cost of implementing the quantum oracle) to $O(2^{n/2} \cdot m\sqrt{C})$ without the use of quantum ram, whilst also slightly reducing the number of required qubits.This framework captures a previous optimisation of Grover's algorithm using preprocessing [21] applied to cryptanalysis, providing new asymptotic analysis. We additionally provide insights and asymptotic improvements on recent cryptanalysis [16] of SIKE [14] via Grover's algorithm, demonstrating that the speedup applies to this attack and impacting upon quantum security estimates [16] incorporated into the SIKE specification [14].
doi:10.1515/jmc-2020-0080 fatcat:63ncoc2opre2xo7y2p6cmund2y