bibtex.bib

@inproceedings{DBLP:conf/qce/PerrielloBP21,
  title = {A Complete Quantum Circuit to Solve the Information Set Decoding Problem},
  booktitle = {{{IEEE International Conference}} on {{Quantum Computing}} and {{Engineering}}, {{QCE}} 2021, {{Broomfield}}, {{CO}}, {{USA}}, {{October}} 17-22, 2021},
  author = {Perriello, Simone and Barenghi, Alessandro and Pelosi, Gerardo},
  editor = {M{\"u}ller, Hausi A. and Byrd, Greg and Culhane, Candace and Humble, Travis},
  year = {2021},
  pages = {366--377},
  publisher = {{IEEE}},
  doi = {10.1109/QCE52317.2021.00056},
  url = {https://doi.org/10.1109/QCE52317.2021.00056},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  biburl = {https://dblp.org/rec/conf/qce/PerrielloBP21.bib},
  abstract = {Providing strong security margins ag ainst cryptanalytic attackers
                  equipped with quantum computers is a major research direction
                  fostered by the US National Institute of Standards and
                  Technology (NIST) Post-quantum Cryptography Standardization
                  process. Among the viable candidates, code-based asymmetric
                  cryptosystems are one of the prominent approaches. In this
                  work, we propose the first fully detailed quantum circuit to
                  compute the solution to the Information Set Decoding problem,
                  the main cryptanalytic tool against such cryptosystems. We
                  evaluate the cryptanalytic effort with our circuit design on
                  actual parameters from cryptosystems admitted to the final
                  stage of the NIST standardization process and compare it with
                  the previous conservative asymptotic estimates. We show that
                  the actual computational effort of our solution is smaller
                  than the one estimated via asymptotics by a factor of \(2^4\) . We
                  also perform a comparison of our results with the
                  quantum-computational effort of breaking the AES cipher,
                  following the guidelines of the US NIST in evaluating the
                  security of the ciphers. To do this, we translate our design
                  on gates of the Clifford+T gate set only, one of the most
                  promising candidate for fault-tolerant quantum computation,
                  and report that the parameter choices for Classic McEliece and
                  BIKE, two candidates admitted to the final round of the NIST
                  standardization process provide an adequate security margin
                  with respect to our ISD solution technique.},
}