Time-Space Complexity of Quantum Search Algorithms in Symmetric Cryptanalysis

TL;DR

This paper introduces a framework for analyzing the time-space complexity of quantum search algorithms in cryptanalysis, accounting for implementation overheads and parallelization, to better evaluate cryptographic security.

Contribution

It provides a novel method to estimate quantum cryptanalytic complexity considering hardware and algorithmic factors, improving security assessment accuracy.

Findings

Reassessed security levels of AES and SHA-2 using the new framework.

Derived time-space trade-off curves for quantum search algorithms.

Guided ranking of circuit designs based on efficiency.

Abstract

Performance of cryptanalytic quantum search algorithms is mainly inferred from query complexity which hides overhead induced by an implementation. To shed light on quantitative complexity analysis removing hidden factors, we provide a framework for estimating time-space complexity, with carefully accounting for characteristics of target cryptographic functions. Processor and circuit parallelization methods are taken into account, resulting in the time-space trade-offs curves in terms of depth and qubit. The method guides how to rank different circuit designs in order of their efficiency. The framework is applied to representative cryptosystems NIST referred to as a guideline for security parameters, reassessing the security strengths of AES and SHA-2.