Quantum Analysis of AES
Authors
Kyungbae Jang, Anubhab Baksi, Hyunji Kim, Gyeongju Song, Hwajeong Seo, Anupam Chattopadhyay
Kyungbae Jang
Hansung University, Seoul, South Korea
starj1023 at gmail dot com
starj1023 at gmail dot com
Anubhab Baksi
Lund University, Lund, Sweden
anubhab dot baksi at eit dot lth dot se
anubhab dot baksi at eit dot lth dot se
Hyunji Kim
Hansung University, Seoul, South Korea
khj1594012 at gmail dot com
khj1594012 at gmail dot com
Gyeongju Song
Hansung University, Seoul, South Korea
thdrudwn98 at gmail dot com
thdrudwn98 at gmail dot com
Hwajeong Seo
Hansung University, Seoul, South Korea
hwajeong84 at gmail dot com
hwajeong84 at gmail dot com
Anupam Chattopadhyay
Nanyang Technological University, Singapore
anupam at ntu dot edu dot sg
anupam at ntu dot edu dot sg
Abstract
Our work explores the key recovery attack using the Grover's search on the three variants of AES (-128, -192, -256). In total, we develop a pool of 26 implementations per AES variant (totaling 78), by taking the state-of-the-art advancements in the relevant fields into account.
We present the least Toffoli depth and full depth implementations of AES, thereby improving from Zou et al.'s Asiacrypt'20 paper by more than 97 percent for each variant of AES. We show that the qubit count - Toffoli depth product is reduced from theirs by more than 87 percent. Furthermore, we analyze the Jaques et al.'s Eurocrypt'20 implementations in detail, fix the bugs (arising from some problem of the quantum computing tool used), and report corrected benchmarks (which seem to improve from the authors' own bug-fixing, thanks to our architecture consideration). To the best of our finding, our work improves from all the previous works (including the Asiacrypt'22 paper by Huang and Sun, the Asiacrypt'23 paper by Liu et al. and the Asiacrypt'24 paper by Shi and Feng) in terms of various quantum circuit complexity metrics. To be more precise, we estimate the currently best-known quantum attack complexities for AES-128 ($2^{156.2630}$), AES-192 ($2^{221.5801}$) and AES-256 ($2^{286.0731}$). Additionally, we achieve the least Toffoli depth - qubit count product for AES-128 ($121920$, improving from $130720$ by Shi and Feng in Asiacrypt'24), AES-192 ($161664$, improving from $188880$ by Liu et al. in Asiacrypt'23) and AES-256 ($206528$, improving from $248024$ by Liu et al. in Asiacrypt'23) so far.
We further investigate the prospect of the Grover's search. We propose four new implementations of the S-box, one new implementation of the MixColumn; as well as five new architecture (one is motivated by the architecture by Jaques et al. in Eurocrypt'20, and the rest four are entirely our innovation). Under the MAXDEPTH constraint (specified by NIST), the circuit depth metrics (Toffoli depth, $T$-depth and full depth) become crucial factors and parallelization for often becomes necessary. We provide the least depth implementation in this respect that offers the best performance in terms of metrics like depth-squared - qubit count product, depth - gate count product.
References
[ADMG+17]
Matthew Amy, Olivia Di Matteo, Vlad Gheorghiu, Michele Mosca, Alex Parent, and John Schanck. Estimating the Cost of Generic Quantum Pre-image Attacks on SHA-2 and SHA-3. In Roberto Avanzi and Howard Heys, editors, Selected Areas in Cryptography – SAC 2016, pages 317–337, Cham. 2017. Springer International Publishing. DOI: 10.1007/978-3-319-69453-5_18
[AMM+13]
Matthew Amy, Dmitri Maslov, Michele Mosca, Martin Roetteler, and Martin Roetteler. A Meet-in-the-Middle Algorithm for Fast Synthesis of Depth-Optimal Quantum Circuits. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 32(6):818–830, June 2013. DOI: 10.1109/tcad.2013.2244643
[ASAM18]
Mishal Almazrooie, Azman Samsudin, Rosni Abdullah, and Kussay N. Mutter. Quantum Reversible Circuit of AES-128. Quantum Information Processing, 17(5):1–30, May 2018. DOI: 10.1007/s11128-018-1864-3
[Bak21]
Anubhab Baksi. Classical and Physical Security of Symmetric Key Cryptographic Algorithms. PhD thesis, School of Computer Science & Engineering, Nanyang Technological University, Singapore, 2021.
[BBHT98]
Michel Boyer, Gilles Brassard, Peter Høyer, and Alain Tapp. Tight bounds on quantum searching. Fortschritte der Physik: Progress of Physics, 46(4-5):493–505, 1998. DOI: 10.1002/3527603093.ch10
[BC17]
Debjyoti Bhattacharjee and Anupam Chattopadhyay. Depth-Optimal Quantum Circuit Placement for Arbitrary Topologies. 2017.
[BCC+24]
Anubhab Baksi, Sumanta Chakraborty, Anupam Chattopadhyay, Matthew Chun, SK Hafizul Islam, Kyungbae Jang, Hyunji Kim, Yujin Oh, Soham Roy, Hwajeong Seo, and Siyi Wang. Quantum Implementation of Linear and Non-Linear Layers. IEEE International System-on-Chip Conference (SOCC), 2024. DOI: 10.1109/SOCC62300.2024.10737862
[BDK+21]
Anubhab Baksi, Vishnu Asutosh Dasu, Banashri Karmakar, Anupam Chattopadhyay, and Takanori Isobe. Three Input Exclusive-OR Gate Support for Boyar-Peralta's Algorithm. In Avishek Adhikari, Ralf Küsters, and Bart Preneel, editors, Progress in Cryptology - INDOCRYPT 2021, Jaipur, India, December 12-15, 2021, Proceedings, volume 13143 of Lecture Notes in Computer Science, pages 141–158. 2021. Springer. DOI: 10.1007/978-3-030-92518-5_7
[BFI21]
Subhadeep Banik, Yuki Funabiki, and Takanori Isobe. Further results on efficient implementations of block cipher linear layers. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 104(1):213–225, 2021. DOI: 10.1587/transfun.2020CIP0013
[BJ24]
Anubhab Baksi and Kyungbae Jang. Implementation and Analysis of Ciphers in Quantum Computing. Springer 2024. DOI: 10.1007/978-981-97-0025-7
[BJS+21]
Anubhab Baksi, Kyungbae Jang, Gyeongju Song, Hwajeong Seo, and Zejun Xiang. Quantum Implementation and Resource Estimates for Rectangle and Knot. Quantum Information Processing, 20(12), December 2021. DOI: 10.1007/s11128-021-03307-6
[BKD21]
Anubhab Baksi, Banashri Karmakar, and Vishnu Asutosh Dasu. POSTER: Optimizing Device Implementation of Linear Layers with Automated Tools. In Applied Cryptography and Network Security Workshops, pages 500–504, Cham. 2021. Springer International Publishing. DOI: 10.1007/978-3-030-81645-2_30
[BNPS19]
Xavier Bonnetain, María Naya-Plasencia, and André Schrottenloher. Quantum Security Analysis of AES. IACR Transactions on Symmetric Cryptology, 2019(2):55–93, Jun. 2019. DOI: 10.13154/tosc.v2019.i2.55-93
[BP10]
Joan Boyar and René Peralta. A New Combinational Logic Minimization Technique with Applications to Cryptology. In Paola Festa, editor, Experimental Algorithms, pages 178–189, Berlin, Heidelberg. 2010. Springer Berlin Heidelberg. DOI: 10.1007/978-3-642-13193-6_16
[BP12]
Joan Boyar and René Peralta. A small depth-16 circuit for the AES S-box. In IFIP International Information Security Conference, pages 287–298. 2012. Springer. DOI: 10.1007/978-3-642-30436-1_24
[CBC23]
Matthew Chun, Anubhab Baksi, and Anupam Chattopadhyay. DORCIS: Depth Optimized Quantum Implementation of Substitution Boxes. IACR Cryptol. ePrint Arch., 2023.
[CS20]
Amit Kumar Chauhan and Somitra Kumar Sanadhya. Quantum resource estimates of grover’s key search on aria. In International Conference on Security, Privacy, and Applied Cryptography Engineering, pages 238–258. 2020. Springer. DOI: 10.1007/978-3-030-66626-2_13
[Dan17]
Marcus Dansarie. Cryptanalysis of the SoDark family of cipher algorithms. PhD thesis, Naval Postgraduate School, Dudley Knox Library, 2017.
[Dan21]
Marcus Dansarie. sboxgates: A program for finding low gate count implementations of S-boxes. Journal of Open Source Software, 6(62):2946, 2021. DOI: 10.21105/joss.02946
[DBSC19]
Vishnu Asutosh Dasu, Anubhab Baksi, Sumanta Sarkar, and Anupam Chattopadhyay. LIGHTER-R: Optimized Reversible Circuit Implementation For SBoxes. In 32nd IEEE International System-on-Chip Conference, SOCC 2019, Singapore, September 3-6, 2019, pages 260–265. 2019. DOI: 10.1109/SOCC46988.2019.1570548320
[DP21]
James H. Davenport and Benjamin Pring. Improvements to Quantum Search Techniques for Block-Ciphers, with Applications to AES. In Orr Dunkelman, Michael J. Jacobson Jr., and Colin O'Flynn, editors, Selected Areas in Cryptography, pages 360–384, Cham. 2021. Springer International Publishing. DOI: 10.1007/978-3-030-81652-0_14
[DR02]
Joan Daemen and Vincent Rijmen. The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer 2002. DOI: 10.1007/978-3-662-04722-4
[GH19]
Emily Grumbling and Mark Horowitz. Quantum Computing: Progress and Prospects. The National Academies Press, Washington DC 2019.
[Gid18]
Craig Gidney. Halving the cost of quantum addition. Quantum, 2:74, June 2018. DOI: 10.22331/q-2018-06-18-74
[GLRS16]
Markus Grassl, Brandon Langenberg, Martin Roetteler, and Rainer Steinwandt. Applying Grover's Algorithm to AES: Quantum Resource Estimates. In Tsuyoshi Takagi, editor, Post-Quantum Cryptography, pages 29–43, Cham. 2016. Springer International Publishing. DOI: 10.1007/978-3-319-29360-8_3
[Gro96]
Lov K Grover. A fast quantum mechanical algorithm for database search. In Proceedings of the twenty-eighth annual ACM symposium on Theory of computing, pages 212–219. 1996. DOI: 10.1145/237814.237866
[HB24]
Vedad Hadžic and Roderick Bloem. Efficient and Composable Masked AES S-Box Designs Using Optimized Inverters. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2025(1):656–683, Dec. 2024. DOI: 10.46586/tches.v2025.i1.656-683
[HLZ+17]
Yong He, Ming-Xing Luo, E Zhang, Hong-Ke Wang, and Xiao-Feng Wang. Decompositions of n-qubit Toffoli gates with linear circuit complexity. International Journal of Theoretical Physics, 56(7):2350–2361, 2017. DOI: 10.1007/s10773-017-3389-4
[HS22]
Zhenyu Huang and Siwei Sun. Synthesizing Quantum Circuits of AES with Lower T-depth and Less Qubits. In Shweta Agrawal and Dongdai Lin, editors, Advances in Cryptology - ASIACRYPT 2022 - 28th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, Taiwan, December 5-9, 2022, Proceedings, Part III, volume 13793 of Lecture Notes in Computer Science, pages 614–644. 2022. Springer. DOI: 10.1007/978-3-031-22969-5_21
[JBB+23]
Kyungbae Jang, Anubhab Baksi, Jakub Breier, Hwajeong Seo, and Anupam Chattopadhyay. Quantum implementation and analysis of default. Cryptography and Communications, 2023. DOI: 10.1007/s12095-023-00666-y
[JBK+22a]
Kyungbae Jang, Anubhab Baksi, Hyunji Kim, Hwajeong Seo, and Anupam Chattopadhyay. Improved Quantum Analysis of SPECK and LowMC. In Takanori Isobe and Santanu Sarkar, editors, Progress in Cryptology - INDOCRYPT 2022, Kolkata, India, December 11-14, 2022, Proceedings, volume 13774 of Lecture Notes in Computer Science, pages 517–540. 2022. Springer. DOI: 10.1007/978-3-031-22912-1_23
[JBK+22b]
Kyungbae Jang, Anubhab Baksi, Hyunji Kim, Gyeongju Song, Hwajeong Seo, and Anupam Chattopadhyay. Quantum Analysis of AES. Cryptology ePrint Archive, Paper 2022/683. 2022.
[JBKK24]
Yongjin Jeon, Seungjun Baek, Giyoon Kim, and Jongsung Kim. A Framework for Generating S-Box Circuits with Boyar–Peralta Algorithm-Based Heuristics, and Its Applications to AES, SNOW3G, and Saturnin. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2025(1):586–631, Dec. 2024. DOI: 10.46586/tches.v2025.i1.586-631
[JCK+20]
Kyoungbae Jang, Seungju Choi, Hyeokdong Kwon, Hyunji Kim, Jaehoon Park, and Hwajeong Seo. Grover on Korean Block Ciphers. Applied Sciences, 10(18), 2020. DOI: 10.3390/app10186407
[JLO+25]
Kyungbae Jang, Sejin Lim, Yujin Oh, Hyunjun Kim, Anubhab Baksi, Sumanta Chakraborty, and Hwajeong Seo. Quantum Implementation and Analysis of SHA-2 and SHA-3. IEEE Transactions on Emerging Topics in Computing, 2025. DOI: 10.1109/TETC.2025.3546648
[JNRV19]
Samuel Jaques, Michael Naehrig, Martin Roetteler, and Fernando Virdia. Implementing Grover oracles for quantum key search on AES and LowMC. Cryptology ePrint Archive, Paper 2019/1146. 2019.
[JNRV20]
Samuel Jaques, Michael Naehrig, Martin Roetteler, and Fernando Virdia. Implementing Grover Oracles for Quantum Key Search on AES and LowMC. In Anne Canteaut and Yuval Ishai, editors, Advances in Cryptology - EUROCRYPT 2020, Zagreb, Croatia, May 10-14, 2020, Proceedings, Part II, volume 12106 of Lecture Notes in Computer Science, pages 280–310. 2020. Springer. DOI: 10.1007/978-3-030-45724-2_10
[JSB+25]
Kyungbae Jang, Vikas Srivastava, Anubhab Baksi, Santanu Sarkar, and Hwajeong Seo. New Quantum Cryptanalysis of Binary Elliptic Curves (Extended Version). Cryptology ePrint Archive, Paper 2025/017. 2025.
[JSK+21a]
Kyungbae Jang, Gyeongju Song, Hyunjun Kim, Hyeokdong Kwon, Hyunji Kim, and Hwajeong Seo. Efficient Implementation of PRESENT and GIFT on Quantum Computers. Applied Sciences, 11(11), 2021. DOI: 10.3390/app11114776
[JSK+21b]
Kyungbae Jang, Gyeongju Song, Hyeokdong Kwon, Siwoo Uhm, Hyunji Kim, Wai-Kong Lee, and Hwajeong Seo. Grover on PIPO. Electronics, 10(10):1194, 2021. DOI: 10.3390/electronics10101194
[JSK+22]
Kyungbae Jang, Gyeongju Song, Hyunjun Kim, Hyeokdong Kwon, Hyunji Kim, and Hwajeong Seo. Parallel quantum addition for Korean block ciphers. Quantum Information Processing, 21(11):373, 2022. DOI: 10.1007/s11128-022-03714-3
[KHJ18]
Panjin Kim, Daewan Han, and Kyung Chul Jeong. Time–space complexity of quantum search algorithms in symmetric cryptanalysis: applying to AES and SHA-2. Quantum Information Processing, 17(12):1–39, 2018. https://doi.org/10.1007/s11128-018-2107-3 DOI: 10.1007/s11128-018-2107-3
[KJB+24]
Hyunji Kim, Kyungbae Jang, Anubhab Baksi, Sumanta Chakraborty, and Hwajeong Seo. Concrete Quantum Cryptanalysis of Shortest Vector Problem. Cryptology ePrint Archive, Paper 2024/712. 2024.
[KLSW17]
Thorsten Kranz, Gregor Leander, Ko Stoffelen, and Friedrich Wiemer. Shorter Linear Straight-Line Programs for MDS Matrices. IACR Transactions on Symmetric Cryptology, 2017(4):188–211, Dec. 2017. DOI: 10.13154/tosc.v2017.i4.188-211
[LGQW23]
Zhenqiang Li, Fei Gao, Sujuan Qin, and Qiaoyan Wen. New record in the number of qubits for a quantum implementation of AES. 2023.
[LPS20]
Brandon Langenberg, Hai Pham, and Rainer Steinwandt. Reducing the Cost of Implementing the Advanced Encryption Standard as a Quantum Circuit. IEEE Transactions on Quantum Engineering, 1:1-12, January 2020. DOI: 10.1109/TQE.2020.2965697
[LPZW23]
Qun Liu, Bart Preneel, Zheng Zhao, and Meiqin Wang. Improved quantum circuits for AES: Reducing the depth and the number of qubits. In International Conference on the Theory and Application of Cryptology and Information Security, pages 67–98. 2023. Springer. DOI: 10.1007/978-981-99-8727-6_3
[LSL+19]
Shun Li, Siwei Sun, Chaoyun Li, Zihao Wei, and Lei Hu. Constructing Low-latency Involutory MDS Matrices with Lightweight Circuits. IACR Transactions on Symmetric Cryptology, 2019(1):84–117, Mar. 2019. DOI: 10.13154/tosc.v2019.i1.84-117
[LWF+22]
Qun Liu, Weijia Wang, Yanhong Fan, Lixuan Wu, Ling Sun, and Meiqin Wang. Towards Low-Latency Implementation of Linear Layers. IACR Transactions on Symmetric Cryptology, 2022(1):158–182, Mar. 2022. DOI: 10.46586/tosc.v2022.i1.158-182
[LWS+22]
Qun Liu, Weijia Wang, Ling Sun, Yanhong Fan, Lixuan Wu, and Meiqin Wang. More Inputs Makes Difference: Implementations of Linear Layers Using Gates with More Than Two Inputs. IACR Transactions on Symmetric Cryptology, 2022(2):351–378, Jun. 2022. DOI: 10.46586/tosc.v2022.i2.351-378
[LXX+23]
Da Lin, Zejun Xiang, Runqing Xu, Shasha Zhang, and Xiangyong Zeng. Optimized quantum implementation of AES. Quantum Information Processing, 22(9):352, 2023. DOI: 10.1007/s11128-023-04043-9
[LXZZ21]
Da Lin, Zejun Xiang, Xiangyong Zeng, and Shasha Zhang. A Framework to Optimize Implementations of Matrices. In Kenneth G. Paterson, editor, Topics in Cryptology - CT-RSA 2021 - Cryptographers' Track at the RSA Conference 2021, Virtual Event, May 17-20, 2021, Proceedings, volume 12704 of Lecture Notes in Computer Science, pages 609–632. 2021. Springer. DOI: 10.1007/978-3-030-75539-3_25
[LYLL22]
Qing-bin Luo, Guo-wu Yang, Xiao-yu Li, and Qiang Li. Quantum reversible circuits for $\mathrm{GF}(2^{8})$multiplicative inverse. EPJ Quantum Technology, 2022. DOI: 10.1140/epjqt/s40507-022-00144-z
[LZW23]
Qun Liu, Zheng Zhao, and Meiqin Wang. Improved Heuristics for Low-Latency Implementations of Linear Layers. In Cryptographers’ Track at the RSA Conference, pages 524–550. 2023. Springer. DOI: 10.1007/978-3-031-30872-7_20
[MAR+24]
Surajit Mandal, Ravi Anand, Mostafizar Rahman, Santanu Sarkar, and Takanori Isobe. Implementing Grover’s on AES-based AEAD schemes. Scientific Reports, 14, September 2024. DOI: 10.1038/s41598-024-69188-8
[Max19]
Alexander Maximov. AES MixColumn with 92 XOR gates. Cryptology ePrint Archive, Paper 2019/833. 2019.
[NIS16]
[NIS22]
[OJBS23]
Yujin Oh, Kyungbae Jang, Anubhab Baksi, and Hwajeong Seo. Depth-Optimized Implementation of ASCON Quantum Circuit. Cryptology ePrint Archive, Paper 2023/1030. 2023.
[OJS25]
Yujin Oh, Kyungbae Jang, and Hwajeong Seo. Quantum Security Evaluation of ASCON. Cryptology ePrint Archive, Paper 2025/260. 2025.
[PD24]
Meltem Kurt Pehlivanoğlu and Mehmet Ali Demir. Optimizing implementations of linear layers using two and higher input XOR gates. PeerJ Computer Science, 10:e1820, 2024. DOI: 10.7717/peerj-cs.1820
[Per19]
Simone Perriello. Design and development of a quantum circuit to solve the Information Set Decoding problem. PhD thesis, Politecnico di Milano, Scuola di Ingegneria Industriale e dell'Informazione, 2019.
[RBC23]
Soham Roy, Anubhab Baksi, and Anupam Chattopadhyay. Quantum Implementation of ASCON Linear Layer. NIST Lightweight Cryptography Workshop. 2023.
[Sel13]
Peter Selinger. Quantum circuits of T-depth one. Physical Review A, 87(4):042302, 2013. DOI: 10.1103/PhysRevA.87.042302
[SF24]
Haotian Shi and Xiutao Feng. Quantum circuits of AES with a low-depth linear layer and a new structure. In International Conference on the Theory and Application of Cryptology and Information Security, pages 358–395. 2024. Springer. DOI: 10.1007/978-981-96-0944-4_12
[SFX23]
Haotian Shi, Xiutao Feng, and Shengyuan Xu. A Framework with Improved Heuristics to Optimize Low-Latency Implementations of Linear Layers. IACR Transactions on Symmetric Cryptology, 2023(4):489–510, Dec. 2023. DOI: 10.46586/tosc.v2023.i4.489-510
[SJK+21]
Gyeongju Song, Kyungbae Jang, Hyunji Kim, Wai-Kong Lee, Zhi Hu, and Hwajeong Seo. Grover on SM3. In International Conference on Information Security and Cryptology, pages 421–433. 2021. Springer. DOI: 10.1007/978-3-031-08896-4_22
[TP19]
Quan Quan Tan and Thomas Peyrin. Improved Heuristics for Short Linear Programs. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020(1):203–230, Nov. 2019. DOI: 10.13154/tches.v2020.i1.203-230
[WJB+24]
Siyi Wang, Kyungbae Jang, Anubhab Baksi, Sumanta Chakraborty, Bryan Lee, Anupam Chattopadhyay, and Hwajeong Seo. New Results in Quantum Analysis of LED: Featuring One and Two Oracle Attacks. Cryptology ePrint Archive, Paper 2024/1982. 2024.
[WR14]
Nathan Wiebe and Martin Roetteler. Quantum arithmetic and numerical analysis using Repeat-Until-Success circuits. 2014.
[WWL22]
Ze-Guo Wang, Shi-Jie Wei, and Gui-Lu Long. A quantum circuit design of AES requiring fewer quantum qubits and gate operations. Frontiers of Physics, 17(4):1–7, 2022. DOI: 10.1007/s11467-021-1141-2
[XZL+20]
Zejun Xiang, Xiangyoung Zeng, Da Lin, Zhenzhen Bao, and Shasha Zhang. Optimizing Implementations of Linear Layers. IACR Transactions on Symmetric Cryptology, 2020(2):120–145, Jul. 2020. DOI: 10.13154/tosc.v2020.i2.120-145
[YJBS23]
Yujin Yang, Kyungbae Jang, Anubhab Baksi, and Hwajeong Seo. Optimized Implementation and Analysis of CHAM in Quantum Computing. Applied Sciences, 13(8), 2023. DOI: 10.3390/app13085156
[YWS+24]
Yufei Yuan, Wenling Wu, Tairong Shi, Lei Zhang, and Yu Zhang. A Framework to Improve the Implementations of Linear Layers. IACR Transactions on Symmetric Cryptology, 2024(2):322–347, Jun. 2024. DOI: 10.46586/tosc.v2024.i2.322-347
[Zal99]
Christof Zalka. Grover’s quantum searching algorithm is optimal. Physical Review A, 60(4):2746, 1999. https://doi.org/10.1103/physreva.60.2746 DOI: 10.1103/PhysRevA.60.2746
[ZH22]
Chengkai Zhu and Zhenyu Huang. Optimizing the Depth of Quantum Implementations of Linear Layers. In Inscrypt 2022, Beijing, China, December 11-13, 2022, volume 13837 of Lecture Notes in Computer Science, pages 129–147. 2022. Springer. DOI: 10.1007/978-3-031-26553-2_7
[ZLD+19]
Jian Zou, Yongyang Liu, Chen Dong, Wenling Wu, and Le Dong. Observations on the Quantum Circuit of the SBox of AES. Cryptology ePrint Archive, Paper 2019/1245. 2019.
[ZLW+22]
Jian Zou, Liji Li, Zihao Wei, Yiyuan Luo, Qian Liu, and Wenling Wu. New quantum circuit implementations of SM4 and SM3. Quantum Information Processing, 21(5):1–38, 2022. DOI: 10.1007/s11128-022-03518-5
[ZWS+20]
Jian Zou, Zihao Wei, Siwei Sun, Ximeng Liu, and Wenling Wu. Quantum Circuit Implementations of AES with Fewer Qubits. In Shiho Moriai and Huaxiong Wang, editors, Advances in Cryptology – ASIACRYPT 2020, pages 697–726, Cham. 2020. Springer International Publishing. DOI: 10.1007/978-3-030-64834-3_24
PDF
History
Submitted: 2025-01-12
Accepted: 2025-03-11
Published: 2025-04-08
Accepted: 2025-03-11
Published: 2025-04-08
How to cite
Kyungbae Jang, Anubhab Baksi, Hyunji Kim, Gyeongju Song, Hwajeong Seo, and Anupam Chattopadhyay, Quantum Analysis of AES. IACR Communications in Cryptology, vol. 2, no. 1, Apr 08, 2025, doi: 10.62056/ay11zo-3y.
License
Copyright is held by the author(s)
This work is licensed under a Creative Commons Attribution (CC BY) license.