计算机科学

计算机科学 ›› 2025, Vol. 52 ›› Issue (11A): 250100075-7.doi: 10.11896/jsjkx.250100075

• 信息安全 • 上一篇    下一篇

简化 AES 密码算法的量子电路优化

丁浪1, 罗庆斌1, 吕轶1, 郑圆梦2, 廖颢羽2   

  1. 1 湖北民族大学智能科学与工程学院 湖北 恩施 445000
    2 湖北民族大学数学与统计学院 湖北 恩施 445000
  • 出版日期:2025-11-15 发布日期:2025-11-10
  • 通讯作者: 罗庆斌(qingbinluo@126.com)
  • 作者简介:dinglang1101@163.com
  • 基金资助:
    国家自然科学基金(62262020,12164037);湖北省自然科学基金联合基金项目(2024AFD066);湖北民族大学研究生教育创新项目(MYK2025076)

Quantum Circuit Optimization for Simplified AES Cryptographic Algorithm

DING Lang1, LUO Qingbin1, LYU Yi1, ZHENG Yuanmeng2, LIAO Haoyu2   

  1. 1 College of Intelligent Systems Science and Engineering,Hubei Minzu University,Enshi,Hubei 445000,China
    2 School of Mathematics and Statistics,Hubei Minzu University,Enshi,Hubei 445000,China
  • Online:2025-11-15 Published:2025-11-10
  • Supported by:
    National Natural Science Foundation of China(62262020,12164037),Hubei Provincial Natural Science Foundation Joint Fund(2024AFD066) and Hubei Minzu University Graduate Education Innovation Project(MYK2025076).

PDF (PC)

12

摘要: AES是当前最广泛使用的国际标准化分组密码算法,美国国家标准与技术研究院(NIST)将AES的量子安全强度作为评估后量子密码安全性的参考,因此实现AES算法的量子电路并分析其量子安全性已成为密码学研究的热点。然而,由于AES算法的量子电路实现需耗费数百个量子比特和数万个量子门,简化AES密码算法的量子电路实现与优化成为重要的研究方向。首先,在加密算法中,基于S盒查找表,利用DORCIS工具成功实现S盒的量子电路;其次,通过借用密钥中的一个量子比特,将该量子电路中具有3个控制位的CCCNOT门分解为4个Toffoli门,将使用的量子门控制在NCT门集内;然后,在移位操作中,通过置换变量的方式避免了加密算法中交换门的使用;最后,通过S盒查找表计算出了S盒的布尔表达式,设计并实现了密钥扩展中8量子比特的S盒量子电路。在此基础上优化了简化AES密码算法的量子电路,该量子电路的正确性在Qiskit Aer量子模拟器中得到了验证。量子资源分析结果表明,整体量子电路实现仅需32个量子比特、51个NOT门、220个CNOT门和120个Toffoli门。与已有研究相比,所提方法减少了量子资源的消耗,从而提升了简化AES算法量子电路的实现效率。

关键词: 分组密码, 简化AES, S盒, 量子电路, 布尔表达式

Abstract: AES is currently the most widely used internationally standardized block cipher algorithm.The National Institute of Standards and Technology(NIST) uses the quantum security strength of AES as a reference for evaluating the security of post-quantum cryptography.Therefore,implementing the quantum circuit of the AES algorithm and analyzing its quantum security has become a research hotspot in cryptography.However,since implementing the AES algorithm’s quantum circuit requires hundreds of qubits and tens of thousands of quantum gates,making the implementation and optimization of Simplified AES quantum circuits has become an important research direction.This study successfully implements the S-box quantum circuit using the DORCIS tool based on the S-box lookup table,decomposes the CCCNOT gate into four Toffoli gates by borrowing one qubit,and avoids swap gates in shift operations by permuting variables.Additionally,an 8-qubit S-box quantum circuit for key expansion is designed and implemented using the Boolean expression of the S-box.The optimized S-AES quantum circuit is verified in the Qiskit Aer simulator,requiring only 32 qubits,51 NOT gates,220 CNOT gates,and 120 Toffoli gates.Compared to existing me-thods,this approach significantly reduces quantum resource consumption,enhancing the efficiency of implementing the Simplified AES quantum circuit.

Key words: Block cipher, Simplified AES, S box, Quantum circuit, Boolean expression

中图分类号: 

  • TP309
[1]ELGAMAL T.A public key cryptosystem and a signaturescheme based on discrete logarithms[J].IEEE transactions on information theory,1985,31(4):469-472.
[2]SHOR P W.Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer[J].SIAM review,1999,41(2):303-332.
[3]SIMON D R.On the power of quantum computation[J].SIAM journal on computing,1997,26(5):1474-1483.
[4]KAPLAN M,LEURENT G,LEVERRIER A,et al.Breakingsymmetric cryptosystems using quantum period finding[C]//Advances in Cryptology-CRYPTO 2016:36th Annual International Cryptology Conference,Santa Barbara,CA,USA,August 14-18,2016,Proceedings,Part II 36.Springer Berlin Heidelberg,2016:207-237.
[5]GROVER L K.A fast quantum mechanical algorithm for database search[C]//Proceedings of the twenty-eighth annual ACM symposium on Theory of computing.1996:212-219.
[6]CHUNG D,LEE S,CHOI D,et al.Alternative tower field construction for quantum implementation of the AES S-box[J].IEEE Transactions on Computers,2021,71(10):2553-2564.
[7]LIU Q,PRENEEL B,ZHAO Z,et al.Improved quantum circuits for AES:Reducing the depth and the number of qubits[C]//International Conference on the Theory and Application of Cryptology and Information Security.Singapore:Springer Nature Singapore,2023:67-98.
[8]SHI H,FENG X.Quantum circuits of AES with a low-depthlinear layer and a new structure[C]//International Conference on the Theory and Application of Cryptology and Information Security.Singapore:Springer Nature Singapore,2024:358-395.
[9]O’GORMAN J,CAMPBELL E T.Quantum computation with realistic magic-state factories[J].Physical Review A,2017,95(3):032338.
[10]WANG Z G,WEI S J,LONG G L.A quantum circuit design of AES requiring fewer quantum qubits and gate operations[J].Frontiers of Physics,2022,17(4):41501.
[11]SIMMONS S.Algebraic Cryptanalysis of Simplified AES*[J].Cryptologia,2009,33(4):305-314.
[12]SAEED R,BHERY A.Cryptanalysis of Simplified-AES Using Intelligent Agent[C]//Hybrid Artificial Intelligent Systems:10th International Conference,HAIS 2015,Bilbao,Spain,June 22-24,2015,Proceedings 10.Springer International Publishing,2015:173-187.
[13]CAMPBELL S,GRINCHENKO M,SMITH W.Linear cryptanalysis of simplified AES under change of S-Box[J].Cryptologia,2013,37(2):120-138.
[14]MUSA M A,SCHAEFER E F,WEDIG S.A simplified AES algorithm and its linear and differential cryptanalyses[J].Cryptologia,2003,27(2):148-177.
[15]ALMAZROOIE M,ABDULLAH R,SAMSUDIN A,et al.Quantum grover attack on the simplified aes[C]//Proceedings of the 2018 7th International Conference on Software and Computer Applica tions.2018:204-211.
[16]JANG K B,SONG G J,KIM H J,et al.Grover on simplified aes[C]//2021 IEEE International Confer ence on Consumer Electronics-Asia(ICCE-Asia).IEEE,2021:1-4.
[17]JEAN J,PEYRIN T,SIM S M,et al.Optimizing implementa-tions of lightweight building blocks[J].Cryptology ePrint Archive,2017,4:130-168.
[18]CHUN M,BAKSI A,CHATTOPADHYAY A.Dorcis:depthoptimized quantum implementation of substitution boxes[J].Cryptology ePrint Archive,2023,2(8):6-16.
[19]SHENDE V V,BULLOCK S S,MARKOV I L.Synthesis ofquantum logic circuits[C]//Proceedings of the 2005 Asia and South Pacific Design Automation Conference.2005:272-275.
[20]LUO Q,LI Q,LI X,et al.Quantum circuit implementations of SM4 block cipher optimizing the number of qubits[J].Quantum Information Processing,2024,23(5):177.
[21]NIELSEN M A,CHUANG I L.Quantum computation andquantum information[M].Cambridge University Press,2010.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发