QUANTUM COMPUTERS AND THEIR APPLICATION TO BREAKING CIPHERS -QUANTUM ALGORITHM RSA ATTACK Present by Huajun Zhang 1
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
QUANTUM COMPUTERS AND THEIR APPLICATION TO BREAKING CIPHERS
-QUANTUM ALGORITHM RSA ATTACK
Present by Huajun Zhang
�1
QUANTUM COMPUTING
Quantum computing >= Classical computing most of time
Quantum computing >>>>>>>>>>> Classical computing sometime
Qubit > Bit States |0> and |1> vs 0 or 1
And vs Or
Qubits can be in a superposition of both!
Example: a register of three classical bits: 000 represent one number from 0-7 a register of three qubit bits: |000> represent 0-7 simultaneously
Quantum algorithm - develop use the quantum’s feature
�2
QUANTUM ATTACK
Private cipher attack DES use Grover’s Algorithm - like brute force attack
• Grover’s Algorithm based on amplitude amplification
• easy to defend by adding the length of key
public cipher attack **** RSA use Shor’s Algorithm - best factoring
• Shor’s Algorithm based on quantum Fourier transform
• Hard to defend , WHY ? �3
RSA REVIEW
RSA is the most well known public key cryptosystem It’s security base on:
1. One way trap door function 2. The hardness of factoring numbers
RSA : public key(e,N), private key(d,N)
Breaking RSA - factor a large Prime N to guess Private key
Factoring Problem!!!!!!
�4
SHOR’S ALGORITHM FIVE STEPS OF SHOR
Question: find a nontrivial factor of a number N?
Step 1: random pick m from (0,N)
if gcd(N,m) = 1 continue , else we done
Step 2: Quantum period finding P of
m^1 mod N, m^2 mod N, m^3 mod N…
Step 3: if P is even continue, else go step 1
Step 4: if continue , else go step 1
Step 5: a non-trivial prime factor is
�5
PERIOD IN SHOR
What is period ?
In Shor’s Alogrithm
m^x mod N, x is an integer
Example: we have m=2 which has a sequence powers of two 2, 4, 8, 16, 32, 64, 128, 256, 512, 1024, … when we mod 15 on this sequence 2, 4, 8, 1, 2, 4, 8, 1, 2, 4, … we can see the sequence of number has period of P = 4
�6
QUANTUM PERIOD FINDING HARDWARE IMPLEMENTATION
1. Apply the Hadamard gate to create a quantum superposition
2. Implement the function into a quantum transform
3. Perform the “quantum Fourier transform” QFT which allows a quantum computer to
perform phase estimation.
�7
QUANTUM PERIOD FINDING 1
What the Quantum period finding actually did?
f(x)=m^x mod N, N=21 and m=2 Let input x output f(x)
we group x with same result together
�8
x 0 1 2 3 4 5 6 7 8 9 10 11 12 …m^x 1 2 4 8 16 32 64 128 256 512 1024 2048 4096 …f(x) 1 2 4 8 16 11 1 2 4 8 16 11 1 …
f(x)=1 x= 0 6 12 18 24…f(x)=2 x= 1 7 13 19 25…f(x)=4 x= 2 8 14 20 26…f(x)=8 x= 3 9 15 21 27…f(x)=16 x= 4 10 16 22 28…f(x)=11 x= 5 11 17 23 29…
QUANTUM PERIOD FINDING 2
Declare 2 quantum registers with 9 quits
1st register |x⟩ 2nd register |f(x)⟩
measure f(x)= 11, x= 5, 11, 17, 23, 29…
quantum function: = (|5⟩+|11⟩+|17⟩+|23⟩+|29⟩… ) superposition
we roughly has 6 this kind of function Perform QFT probability distribution of all possible measurements on x
�9
1
m|ψ⟩
PROBABILITY DISTRIBUTION OF ALL POSSIBLE MEASUREMENTS ON X
�10
Figure 1. Understanding Quantum Computers, Koei University, https://www.futurelearn.com/courses/intro-to-quantum-computing/0/steps/31577
TIME COMPLEXITY-ANALYSIS
�11
GNFS Best in Classical
SHOR Quantum challenger
time complexity
simplify e^n n^3
Exponential vs Polynomial time
CONCLUSION
�12
Quantum Computing will be a huge threat to current RSA cryptosystems. The core idea of shor algorithm is to reduce Factoring to Period-finding. As a result we can not against Shor by adding the key size.
PQRSA-POST QUANTUM RSA(EXTRA)
IDEA1 from pqRSA NIST 1 round submission Instead of using one extremely large RSA key It use a list of small secret primes and small encryption/verification exponent as key. Shor’s algorithm is good for factor large prime. the elliptic-curve method (ECM) methods are even faster than Shor’s method when factors are sufficiently small. Pros:
Using the disadvantage of Shor’s algorithm in factor small number. Cons:
very large key size Quantum computing can do any task that classical computer can do.
IDEA1+ from me build crypto-system recursively and make each iteration of tasks simply. We have to decryptions message dependent last decryption result. Pros:
slow down the quantum computer to breaking cipher. Cons:
encryptions and decryption will take relative long time
�13
WALK THROUGH EXAMPLE OF SHOR’S ALGORITHM
we have N=91=(7*13) we are trying factor it step 1
choose a random integer m=3 since gcd(N, m)=gcd(91,3)=1, move on
step 2 we generate of a sequence of numbers powers of m=3 3, 9, 27, 81, 243, 729, 2187, 6561,19683…… mod 91 3, 9, 27, 81, 61, 1, 3, 9, 27……. find period p=6
step 3 p=6 is even move on step 4
move on step 5
With the Euclidean algorithm, compute
d is a non-trivial factor of N=91
�14
Related Documents
