Papers
Topics
Authors
Recent
Assistant
AI Research Assistant
Well-researched responses based on relevant abstracts and paper content.
Custom Instructions Pro
Preferences or requirements that you'd like Emergent Mind to consider when generating responses.
Gemini 2.5 Flash
Gemini 2.5 Flash 56 tok/s
Gemini 2.5 Pro 38 tok/s Pro
GPT-5 Medium 26 tok/s Pro
GPT-5 High 22 tok/s Pro
GPT-4o 84 tok/s Pro
Kimi K2 182 tok/s Pro
GPT OSS 120B 420 tok/s Pro
Claude Sonnet 4.5 30 tok/s Pro
2000 character limit reached

How to compute a 256-bit elliptic curve private key with only 50 million Toffoli gates (2306.08585v1)

Published 14 Jun 2023 in quant-ph

Abstract: We use Shor's algorithm for the computation of elliptic curve private keys as a case study for resource estimates in the silicon-photonics-inspired active-volume architecture. Here, a fault-tolerant surface-code quantum computer consists of modules with a logarithmic number of non-local inter-module connections, modifying the algorithmic cost function compared to 2D-local architectures. We find that the non-local connections reduce the cost per key by a factor of 300-700 depending on the operating regime. At 10% threshold, assuming a 10-$\mu$s code cycle and non-local connections, one key can be generated every 10 minutes using 6000 modules with 1152 physical qubits each. By contrast, a device with strict 2D-local connectivity requires more qubits and produces one key every 38 hours. We also find simple architecture-independent algorithmic modifications that reduce the Toffoli count per key by up to a factor of 5. These modifications involve reusing the stored state for multiple keys and spreading the cost of the modular division operation over multiple parallel instances of the algorithm.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (21)
  1. P. Shor, Algorithms for quantum computation: discrete logarithms and factoring, Proceedings 35th Annual Symposium on Foundations of Computer Science , 124 (1994).
  2. P. W. Shor, Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer, SIAM Journal on Computing 26, 1484 (1997).
  3. J. Proos and C. Zalka, Shor’s discrete logarithm quantum algorithm for elliptic curves, arXiv:quant-ph/0301141  (2003).
  4. B. M. Terhal, Quantum error correction for quantum memories, Rev. Mod. Phys. 87, 307 (2015).
  5. A. Y. Kitaev, Fault-tolerant quantum computation by anyons, Ann. Phys. 303, 2 (2003).
  6. S. B. Bravyi and A. Y. Kitaev, Quantum codes on a lattice with boundary, arXiv:quant-ph/9811052  (1998).
  7. D. Litinski, A game of surface codes: Large-scale quantum computing with lattice surgery, Quantum 3, 128 (2019).
  8. A. G. Fowler and C. Gidney, Low overhead quantum computation using lattice surgery, arXiv:1808.06709  (2018).
  9. C. Chamberland and E. T. Campbell, Universal quantum computing with twist-free and temporally encoded lattice surgery, PRX Quantum 3, 010331 (2022).
  10. D. Litinski and N. Nickerson, Active volume: An architecture for efficient fault-tolerant quantum computers with limited non-local connections, arXiv:2211.15465  (2022).
  11. R. P. Brent and P. Zimmermann, Modern computer arithmetic, Vol. 18 (Cambridge University Press, 2010) pp. 67–68.
  12. C. Gidney, Windowed quantum arithmetic, arXiv:1905.07682  (2019a).
  13. C. Gidney and M. Ekerå, How to factor 2048 bit RSA integers in 8 hours using 20 million noisy qubits, Quantum 5, 433 (2021).
  14. P. L. Montgomery, Modular multiplication without trial division, Mathematics of computation 44, 519 (1985).
  15. C. Gidney, Halving the cost of quantum addition, Quantum 2, 74 (2018).
  16. B. S. Kaliski, The montgomery inverse and its applications, IEEE transactions on computers 44, 1064 (1995).
  17. A. G. Fowler, Time-optimal quantum computation, arXiv:1210.4626  (2012).
  18. R. Rines and I. Chuang, High performance quantum modular multipliers, arXiv:1801.01081  (2018).
  19. C. Gidney, Quantum block lookahead adders and the wait for magic states, arXiv:2012.01624  (2020).
  20. C. Gidney, Approximate encoded permutations and piecewise quantum adders, arXiv:1905.08488  (2019b).
  21. C. Gidney and A. G. Fowler, Flexible layout of surface code computations using AutoCCZ states, arXiv:1905.08916  (2018).
Citations (16)
View on Semantic Scholar

Summary

  • The paper introduces an active-volume architecture that, by integrating non-local connections, reduces the required Toffoli counts to as low as 44 million gates.
  • It proposes algorithmic modifications such as state reuse, selective key bit generation, and parallel modular inversion to optimize quantum resources.
  • Results demonstrate a reduction in key generation time from 38 hours to 10 minutes, highlighting significant efficiency gains over traditional 2D-local architectures.

Resource Efficiency in Quantum Computing for Elliptic Curve Cryptography

The paper authored by Daniel Litinski from PsiQuantum addresses the efficiency of quantum resources required for computing 256-bit elliptic curve private keys, using Shor's algorithm as a foundational approach. Specifically, the paper focuses on active-volume architecture inspired by silicon-photonics, which integrates non-local connections to bolster computational speed. This research delineates a clear divergence in required resources between traditional 2D-local architectures and those harnessing active volume techniques.

Active-Volume Architecture vs. Baseline Architectures

The active-volume architecture proposed in this work marks a substantive efficiency gain when compared to traditional 2D-local connectivity models. Central to this architecture are the modules containing logarithmic non-local interconnections, which significantly reduce computational overhead. When the error threshold is at 10% with a 10-μ\mus code cycle, active-volume architecture requires merely 6000 modules to generate a key every 10 minutes, a stark contrast to the 38 hours required by a strictly 2D-local architecture.

Algorithmic Modifications for Resource Optimization

The research presents three critical modifications that enhance the algorithm's performance independent of architecture:

  1. State Reuse: By reusing the computational state, multiple private keys can be generated with marginal additional costs.
  2. Selective Key Bit Generation: The key generation process reduces complexity by only computing 208 of the 256 bits quantumly, leaving the remaining bits to be resolved classically, which is computationally cheaper.
  3. Parallel Modular Inversion: Leveraging classical computation strategies, the quantum process benefits by reducing Toffoli gate usage through shared inversions among parallel computational instances.

Numerical Results

Key results highlight that non-local configurations in the active-volume architecture reduce the cost per key by a factor ranging from 300 to 700, conditional on the specific regime and assumptions made regarding the threshold and cycle time. Specifically, active volume implementations decrease Toffoli counts per key substantially, achieving counts from 44 million gates downward in large-parallel instances.

Implications and Speculative Outlook

This profound reduction in resource use not only optimizes current algorithms but also hints at scalability for more complex tasks. The enhancements may pivot quantum computation from theoretical to practical for breaking elliptic curve cryptography, lighting a path for advancements towards future cryptographic standards. Given the active-volume advantage, future developments could focus on refining non-local connection methods and consolidating large-scale fault-tolerant systems, placed to revolutionize current cryptographic security assumptions.

Conclusion

Litinski's research underscores the tangible benefit of non-traditional architectures in quantum computing, especially for cryptographic applications. The strategic architectural and algorithmic adaptations presented could become precedent, guiding the development of resource-efficient quantum computers. If advancements continue to adhere to these innovative frameworks, the practical computational cost for quantum cryptography will decrease sharply, bringing theoretical quantum advantages into real-world applications.

In summation, this paper not only provides an actionable framework for realizing efficient quantum cryptography but also sets a paradigm for future research in cryptographic applications of quantum computing.

File Document Download Save Streamline Icon: https://streamlinehq.com PDF File Document Download Save Streamline Icon: https://streamlinehq.com Markdown
Lightbulb Streamline Icon: https://streamlinehq.com

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Authors (1)

  1. Daniel Litinski
List To Do Tasks Checklist Streamline Icon: https://streamlinehq.com

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets

This paper has been mentioned in 55 posts and received 494 likes.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up to View