Efficient quantum circuits for binary elliptic curve arithmetic: reducing T-gate complexity

Elliptic curves over finite fields F2n play a prominent role in modern cryptography. Published quantum algorithms dealing with such curves build on a short Weierstrass form in combination with affine or projective coordinates. In this paper we show that changing the curve representation allows a substantial reduction in the number of T-gates needed to implement the curve arithmetic. As a tool, we present a quantum circuit for computing multiplicative inverses in F2n in depth O(n log2 n) using a polynomial basis representation, which may be of independent interest.

[1]  Martin Rötteler,et al.  Quantum binary field inversion: improved circuit depth via choice of basis representation , 2012, Quantum Inf. Comput..

[2]  Ricardo Dahab,et al.  Improved Algorithms for Elliptic Curve Arithmetic in GF(2n) , 1998, Selected Areas in Cryptography.

[3]  Gilles Brassard,et al.  Quantum Arithmetic on Galois Fields , 2003, quant-ph/0301163.

[4]  Dhiraj K. Pradhan,et al.  An O(m2)-depth quantum algorithm for the elliptic curve discrete logarithm problem over GF(2m)a , 2009, Quantum Inf. Comput..

[5]  M. Mosca,et al.  A Meet-in-the-Middle Algorithm for Fast Synthesis of Depth-Optimal Quantum Circuits , 2012, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[6]  J. Mathew,et al.  An O(m 2 )-depth quantum algorithm for the elliptic curve discrete logarithm problem over GF(2 m ) a , 2009 .

[7]  Naofumi Takagi,et al.  A fast addition algorithm for elliptic curve arithmetic in GF(2n) using projective coordinates , 2000, Inf. Process. Lett..

[8]  M. Anwar Hasan,et al.  Low complexity bit parallel architectures for polynomial basis multiplication over GF(2m) , 2004, IEEE Transactions on Computers.

[9]  Jorge Guajardo,et al.  Itoh-Tsujii Inversion Algorithm , 2005, Encyclopedia of Cryptography and Security.

[10]  Phillip Kaye Optimized quantum implementation of elliptic curve arithmetic over binary fields , 2005, Quantum Inf. Comput..

[11]  A. Fowler,et al.  High-threshold universal quantum computation on the surface code , 2008, 0803.0272.

[12]  Tanja Lange,et al.  Binary Edwards Curves , 2008, CHES.

[13]  Edoardo D. Mastrovito,et al.  VLSI Designs for Multiplication over Finite Fields GF (2m) , 1988, AAECC.

[14]  Jerome A. Solinas An Improved Algorithm for Arithmetic on a Family of Elliptic Curves , 1997, CRYPTO.

[15]  今井 浩 20世紀の名著名論:Peter Shor : Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 2004 .

[16]  Dhiraj K. Pradhan,et al.  On the Design and Optimization of a Quantum Polynomial-Time Attack on Elliptic Curve Cryptography , 2007, TQC.

[17]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[18]  A. Kitaev,et al.  Universal quantum computation with ideal Clifford gates and noisy ancillas (14 pages) , 2004, quant-ph/0403025.

[19]  Francisco Rodríguez-Henríquez,et al.  A fast implementation of multiplicative inversion over GF(2/sup m/) , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[20]  Ben Reichardt,et al.  Quantum universality by state distillation , 2006, Quantum Inf. Comput..

[21]  Kazuyoshi Takagi,et al.  A Fast Algorithm for Multiplicative Inversion in GF(2m) Using Normal Basis , 2001, IEEE Trans. Computers.

[22]  Toshiya Itoh,et al.  Structure of Parallel Multipliers for a Class of Fields GF(2^m) , 1989, Inf. Comput..

[23]  Ricardo Dahaby Improved Algorithms for Elliptic Curve Arithmetic in Gf(2 N ) Improved Algorithms for Elliptic Curve Arithmetic in Gf (2 N ) , 1998 .