Simon's Algorithm for the Even-Mansour Cipher on Quantum Hardware
Anina K\"ohler, Jakob Murauer, Tim Heine, Stefan Rosemann, Tobias Hemmert
TL;DR
This paper demonstrates the practical application of Simon's quantum algorithm to cryptanalyze the Even-Mansour cipher on current NISQ hardware, successfully recovering small keys and highlighting scalability challenges.
Contribution
It provides the first proof of concept quantum cryptanalysis of the Even-Mansour cipher on NISQ devices, with experimental results for small key sizes and insights into scalability issues.
Findings
Successfully recovered secret keys for N=3 and N=4 on ibm_miami.
Identified memory bottleneck in circuit optimization at N=5.
Showed Simon's algorithm is effective for small-scale quantum cryptanalysis.
Abstract
Simon's algorithm is a polynomial period-finding algorithm that has been used to exploit the algebraic structure of specific symmetric ciphers, showing that exponential speedups in their cryptanalysis are theoretically possible. While the theoretical framework for an attack using Simon's algorithm on the Even-Mansour cipher is well-established, practical implementations on noisy intermediate-scale quantum (NISQ) hardware remain limited. This paper presents a proof of concept quantum cryptanalysis of the Even-Mansour cipher using Simon's period-finding algorithm on NISQ hardware. For N = 3 and N = 4, we successfully demonstrate secret key recovery for N-bit constructions on the ibm_miami processor. Our experiments also identify a scaling limitation in the classical pre-processing stage: The DORCIS circuit optimization tool encountered a memory bottleneck at N = 5, preventing the…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.