Original Research Paper link —
Link of GitHub repo —
In this paper, the researchers propose a quantum circuit for the SPEEDY block cipher for the first time and estimate its security strength based on the post-quantum security strength presented by NIST. The strength of post-quantum security for symmetric key cryptography is estimated at the cost of the Grover key retrieval algorithm. Grover’s algorithm in quantum computers reduces the n-bit security of block ciphers to n/2 bits. The implementation of a quantum circuit is required to estimate the Grover’s algorithm cost for the target cipher. They estimated the quantum resource required for Grover’s algorithm by implementing a quantum circuit for SPEEDY in an optimized way and show that SPEEDY provides either 128-bit security (i.e., NIST security level 1) or 192-bit security (i.e., NIST security level 3) depending on the number of rounds. Based on their estimated cost, increasing the number of rounds is insufficient to satisfy the security against quantum attacks on quantum computers.
Here I tried to simulate the pseudocode they provided in their research paper. Because of no access to actual hardware, as the researchers had, I couldn’t evaluate the necessary resource estimation for Grover’s algorithm run against SPEEDY block cipher quantum circuit. Although I succeeded in writing the correct code for the simulation and also the code for resource estimation (commented in corresponding cells).
Here I tried to use simulator_stabilizer ****which has 5000 qubits as mentioned on IBM’s quantum resources page. It uses Clifford gates.
Clifford Gates are crucial for a class of quantum computations known as stabilizer circuits, which are amenable to efficient classical simulation.
The Clifford simulator in IBM Quantum can efficiently simulate quantum circuits that consist of gates such as: