Papers
Topics
Authors
Recent
Search
2000 character limit reached

QGCL: Quantum-Guided Clause Learning for Cryptanalytic SAT

Published 25 May 2026 in quant-ph | (2605.25756v1)

Abstract: Power side-channel attacks on AES exploit data-dependent physical leakage to recover secret keys, but turning noisy leakage observations into a verified AES-128 key remains a hard combinational search problem. SAT-assisted power side-channel cryptanalysis addresses this challenge by encoding AES semantics, key constraints, plaintext/ciphertext consistency, and leakage predicates as CNF, so that candidate keys must satisfy the exact cryptographic specification. These cryptanalytic SAT formulas are large and highly structured; our largest controlled AES-oriented power-SCA instances contain up to 39,389 variables and 137,712 clauses, making a full-formula Grover search well beyond the scale studied here and beyond currently practical near-term implementations. We propose QGCL, a Quantum-Guided Conflict-Driven Clause Learning (CDCL) framework in which Grover search is invoked only on small subformulas extracted dynamically around CDCL conflict cores. The quantum subsolver returns candidate assignments and violation scores that bias branching heuristics, while final SAT/UNSAT decisions and key verification remain classical. We evaluate QGCL on AES-oriented cryptanalytic SAT instances derived from power side-channel CNFs with leakage-derived hint configurations, measuring conflicts, restarts, decisions, and propagations. The experiments show consistent reductions in these solver-internal statistics on harder instances, with up to an 86% reduction in conflicts compared with the classical conflict-learning baseline. Parameter sweeps over the number of Grover oracle calls and the subproblem size identify a regime in which a modest quantum resource allocation captures most of the observed improvement.

Summary

  • The paper demonstrates a hybrid quantum-classical methodology by integrating Grover search within CDCL solvers to enhance cryptanalytic SAT on AES power side-channel instances.
  • It employs localized conflict-core extraction using BFS and simplified subformula construction, enabling tractable Grover search under NISQ constraints.
  • Experiments on AES CNFs reveal up to an 86% reduction in conflicts and improved search metrics, highlighting the framework's efficiency and noise resilience.

Quantum-Guided Clause Learning: A Hybrid Approach for Cryptanalytic SAT

Problem Context and Motivation

Power side-channel attacks exploit physical leakages during AES encryption to recover secret keys. In practical cryptanalytic workflows, converting noisy leakage traces into verified keys necessitates encoding AES semantics, key schedule, plaintext/ciphertext relations, and leakage models as large CNF SAT instances—posing a search problem with scale and structure far beyond brute-force or naive quantum approaches. A full Grover search over the entire key space or CNF is impractical due to circuit resource constraints and scaling issues. The central bottleneck is not merely the exponential search space, but also the repeated projection and verification of partial/noisy leakage against complex, highly structured AES/SCA constraints.

Hybrid quantum-classical models offer selective quantum acceleration without sacrificing classical scalability or logical guarantees. QGCL addresses this by leveraging Grover search locally on conflict-driven CNF subformulas inside CDCL solvers, targeting the hardest conflict cores dynamically and restricting quantum resource usage to manageable subproblems. Figure 1

Figure 1: Asymptotic scaling illustrates the crossover where Grover search outperforms classical exhaustive search for extracted CNF subformulas, motivating localized quantum acceleration.

QGCL Framework

QGCL integrates Grover search as a callable heuristic within classical CDCL solvers. The solver workflow is as follows:

  • After predefined conflict intervals, a local conflict core is detected via conflict analysis.
  • Subformula extraction uses BFS-based clause expansion from high-activity seed clauses, simplified under the trail, yielding bounded CNFs for quantum processing.
  • Grover search (BBHT-style schedule) is invoked on the extracted subformula, amplifying satisfying assignments and returning candidate bitstrings with violation scores.
  • These results update VSIDS activities and polarity preferences in the CDCL heuristic state, guiding future branching decisions.
  • All SAT/UNSAT decisions and key verification remain strictly classical. Figure 2

    Figure 2: SAT-assisted AES-128 power side-channel key-recovery workflow with power traces translated into hard leakage predicates and weighted hints, encoded as CNF for exact SAT solving.

    Figure 3

    Figure 3: High-level control of QGCL showing integration of Grover subsolver within the CDCL loop, with quantum calls affecting heuristic updates only.

Quantum Circuit Construction for CNF SAT

The Grover oracle is engineered for CNF SAT subformulas:

  • Registers: Variable bits, clause ancillas (indicate clause violation), single formula flag.
  • For each clause, ancilla circuits fire when the clause is violated.
  • Clause ancillas are ANDed to flag satisfying assignments; a controlled-phase flip applies Grover amplification.
  • All ancillas are uncomputed post-phase application.

This design enables compact, efficient quantum evaluation of conflict-local CNFs. Oracle width is budgeted by variable and clause count in the extracted subformula, ensuring compatibility with NISQ limitations. Figure 4

Figure 4: SAT-oracle circuit blocks encode clause violation and aggregate via Toffoli/controlled-Z for Grover's phase; ancillas are cleaned after each Grover iteration.

Conflict-Core Extraction and Subformula Simplification

QGCL’s clause extraction selectively targets regions of the formula with dense conflict activity, facilitating efficient quantum evaluation and maximizing the guidance potential.

  • BFS expansion from high-activity seed clauses traverses the clause-variable graph, assembling subformulas rich in local conflict structure.
  • Subformula simplification under partial assignments reduces clause complexity and variable domain, balancing quantum scale and informativeness. Figure 5

    Figure 5: BFS-based clause extraction schematic demonstrates localization of conflict-rich subgraphs and simplification under partial assignment, yielding tractable subformulas for Grover search.

Heuristic Feedback Loop and Robustness

Grover outputs are utilized as soft guidance:

  • The best candidate assignment and its violation score inform updates to the polarity and activity vectors for the next branching phase.
  • QGCL increases variable activity for conflict-rich regions, applies polarity bias for low-violation candidates, and adapts feedback robustness to quantum noise and uncertainty.

The quantum layer never modifies the clause database or logical semantics; it enhances search efficiency while preserving certification integrity. Figure 6

Figure 6: Grover-subsolver output distributions for small CNF formulas (ideal and noisy), demonstrating amplification of satisfying assignments and robustness to quantum noise.

Experimental Results and Quantitative Impact

The framework was evaluated on AES-oriented power SCA CNFs, ranging up to $39,389$ variables and $137,712$ clauses:

  • QGCL consistently reduced conflicts (up to 86%86\%), restarts, decisions, and propagations versus baseline CDCL on hard instances, especially as structural complexity increased.
  • Parameter sweeps identified favorable regimes: moderate budgets and sufficient quantum calls optimize guidance without unnecessary quantum simulation overhead.
  • Simulated wall times were lower for QGCL than CDCL in ideal environments, demonstrating overhead compensation by conflict reduction.
  • Noisy backend experiments preserved reductions in search statistics but increased wall time due to quantum noise and simulation cost. Figure 7

    Figure 7: CDCL baseline (blue) vs QGCL hybrid solver (orange) across benchmark family; QGCL achieves substantial reductions in decisions, propagations, conflicts, and restarts.

    Figure 8

    Figure 8: QGCL performance as a function of maximum allowed Grover calls, showing monotonic conflict reduction with increased quantum guidance.

Practical and Theoretical Implications

QGCL exemplifies a NISQ-compatible cryptanalytic SAT solver:

  • Restricts quantum workloads to subformula-localized, resource-manageable circuits.
  • Maintains strict classical verification and logical soundness.
  • Demonstrates that targeted quantum guidance can efficiently steer classical solvers toward productive conflict cores, with practical reductions in runtime and search effort in simulator settings.

The approach bridges the gap between global quantum SAT paradigms (Grover/QAOA/annealing) and solver-level hybrid methods (e.g., HyQSAT), providing a model for practical quantum acceleration without full quantum replacement or deep circuit embedding. Figure 5

Figure 5: Extraction of conflict-local subformulas with BFS yields more focused, informative quantum subproblems—with measured improvements in search metrics.

Future Directions

Extending QGCL will require:

  • Applying to richer cipher CNFs, realistic leakage models, and learned guidance policies.
  • Benchmarking against other quantum paradigms under fixed hardware budgets.
  • Noise-aware oracle synthesis, adaptive BBHT iteration schedules, efficient error-mitigation strategies for deployment on noisy hardware.
  • Integration with machine learning for dynamic tuning of extraction strategies and feedback policies. Figure 7

    Figure 7: Extraction strategy impact; structured (activity-BFS, variable-frontier) methods deliver superior performance compared to random extraction.

Conclusion

QGCL demonstrates that judicious quantum guidance applied to localized, conflict-rich subformulas within classical CDCL solvers can significantly reduce search effort in cryptanalytic SAT on structured AES power-SCA instances. Moderate quantum budgets and targeted Grover calls are most effective, with ideal-simulator wall times favoring hybrid approaches. Although wall-time performance on noisy hardware remains limited, robustness to quantum noise is achievable via conservative feedback mechanisms. The research provides a concrete pathway for quantum resources to enhance classical cryptanalysis, focusing on steering solvers toward productive regions of the search space rather than wholesale quantum replacement.

Paper to Video (Beta)

No one has generated a video about this paper yet.

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Collections

Sign up for free to add this paper to one or more collections.

Tweets

Sign up for free to view the 2 tweets with 3 likes about this paper.