Quantum cryptanalysis of SPN ciphers with known plaintext

Key recovery attack on SPN ciphers such as AES is NP hard in complexity. Previous studies have estimated the quantum resources required for implementing Grover’s key search for AES, but these are largely theoretical in nature. The key challenges to implement Grover’s algorithm on current quantum hardware include the number of available qubits, noise, and decoherence. However, the rapid advancement of hardware has brought us closer to practical realization for the cryptanalysis of light-weight SPN ciphers. This study presents an efficient quantum circuit implementation of Mini-AES, a 16-bit variant of AES, employing standard CNOT and Toffoli gates. To the best of our knowledge, our work provides the first complete quantum implementations of all core Mini-AES components for the quantum oracle. The effects of noise are emulated for each module of the quantum oracle and quantified. Furthermore, Grover’s algorithm is applied to Mini-AES to perform successful key recovery through a known-plaintext attack, demonstrating significant amplitude amplification while using near-optimal Grover’s iterations, thereby reducing the total quantum volume. The optimal Grover’s iterations have been obtained empirically as well as validated with finite-shot analysis. Notably, the application of Grover’s algorithm reveals key clustering behavior in Mini-AES, which has been corroborated through classical simulation.