2005
DOI: 10.26421/qic5.6-6
|View full text |Cite
|
Sign up to set email alerts
|

Optimized quantum implementation of elliptic curve arithmetic over binary fields

Abstract: Shor's quantum algorithm for discrete logarithms applied to elliptic curve groups forms the basis of a ``quantum attack'' of elliptic curve cryptosystems. To implement this algorithm on a quantum computer requires the efficient implementation of the elliptic curve group operation. Such an implementation requires we be able to compute inverses in the underlying field. In \cite{PZ03}, Proos and Zalka show how to implement the extended Euclidean algorithm to compute inverses in the prime field $\GF(p)$. They empl… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
29
0

Year Published

2008
2008
2018
2018

Publication Types

Select...
3
3
1

Relationship

0
7

Authors

Journals

citations
Cited by 20 publications
(29 citation statements)
references
References 6 publications
0
29
0
Order By: Relevance
“…Quantum circuits for these tasks are available (cf. [6,14,16,2] Multiplication: Optimizing the field multiplier is outside the scope of this paper, and subsequently we will use a linear-depth construction by Maslov et al [16]. With this method one can multiply two elements a, b ∈ F 2 n with no more than n 2 Toffoli gates and n 2 − 1 CNOT gates.…”
Section: Contributionmentioning
confidence: 99%
See 2 more Smart Citations
“…Quantum circuits for these tasks are available (cf. [6,14,16,2] Multiplication: Optimizing the field multiplier is outside the scope of this paper, and subsequently we will use a linear-depth construction by Maslov et al [16]. With this method one can multiply two elements a, b ∈ F 2 n with no more than n 2 Toffoli gates and n 2 − 1 CNOT gates.…”
Section: Contributionmentioning
confidence: 99%
“…Kaye and Zalka [14] argue that to implement Shor's algorithm it it sufficient to provide a quantum circuit that implements the "generic branch" P 1 = ±P 2 of Algorithm 1 for a fixed point P 2 , and we restrict to this situation. To avoid the (costly) inversion operation, one usually implements this point addition in a projective representation.…”
Section: Adding a Fixed Point With Reduced T -Gate Complexitymentioning
confidence: 99%
See 1 more Smart Citation
“…Having good quantum circuits for arithmetic is indispensable for obtaining good resource estimates and efficient circuit implementations of more complex quantum algorithms. In view of the cryptographic significance, it is not surprising that a number of publications have already explored quantum circuits to implement finite field arithmetic, including [3,15,17,18]. Important special cases are arithmetic operations in finite prime fields and finite binary fields (cf., for instance, [22]).…”
Section: Introductionmentioning
confidence: 99%
“…There are a few quantum dividers known, among them there are some [138,139] which are suitable for multiplicative inversion in the Galois field GF(2 m ) with depth of O(n 3 ) and O(nlog 2 n), respectively. Another divider suitable for integer division appears in [25], it is based in QFT and offers depth of O(n 3 ).…”
Section: Qft Divider By Constant -Gmφdivmentioning
confidence: 99%