International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Quantum Lattice Enumeration in Limited Depth

Authors:
Nina Bindel , SandboxAQ, Palo Alto, CA, USA
Xavier Bonnetain , Université de Lorraine, CNRS, Inria, Nancy, France
Marcel Tiepelt , KASTEL, Karlsruhe Institute of Technology, Karlsruhe, Germany
Fernando Virdia , NOVA LINCS, Univerisdade NOVA de Lisboa, Portugal
Download:
DOI: 10.1007/978-3-031-68391-6_3 (login may be required)
Search ePrint
Search Google
Presentation: Slides
Conference: CRYPTO 2024
Abstract: In 2018, Aono et al. (ASIACRYPT 2018) proposed to use quantum backtracking algorithms (Montanaro, TOC 2018; Ambainis and Kokainis, STOC 2017) to speedup lattice point enumeration. Quantum lattice sieving algorithms had already been proposed (Laarhoven et al., PQCRYPTO 2013), being shown to provide an asymptotic speedup over classical counterparts, but also to lose competitiveness at dimensions relevant to cryptography if practical considerations on quantum computer architecture were taken into account (Albrecht et al., ASIACRYPT 2020). Aono et al.'s work argued that quantum walk speedups can be applied to lattice enumeration, achieving at least a quadratic asymptotic speedup à la Grover search while not requiring exponential amounts of quantum accessible classical memory, as it is the case for sieving. In this work, we explore how to lower bound the cost of using Aono et al.'s techniques on lattice enumeration with extreme cylinder pruning, assuming a limit to the maximum depth that a quantum computation can achieve without decohering, with the objective of better understanding the practical applicability of quantum backtracking in lattice cryptanalysis.
BibTeX
@inproceedings{crypto-2024-34334,
  title={Quantum Lattice Enumeration in Limited Depth},
  publisher={Springer-Verlag},
  doi={10.1007/978-3-031-68391-6_3},
  author={Nina Bindel and Xavier Bonnetain and Marcel Tiepelt and Fernando Virdia},
  year=2024
}