{"title":"计算二元椭圆曲线离散对数的量子资源估计","authors":"Michael Garn;Angus Kan","doi":"10.1109/TQE.2025.3586541","DOIUrl":null,"url":null,"abstract":"We perform logical and physical resource estimation for computing binary elliptic curve discrete logarithms using Shor's algorithm on fault-tolerant quantum computers. We adopt a windowed approach to design our circuit implementation of the algorithm, which comprises repeated applications of elliptic curve point addition operations and table look-ups. Unlike previous work, the point addition operation is implemented exactly, including all exceptional cases. We provide exact logical gate and qubit counts of our algorithm for cryptographically relevant binary field sizes. Furthermore, we estimate the hardware footprint and runtime of our algorithm executed on surface-code matter-based quantum computers with a baseline architecture, where logical qubits have nearest-neighbor connectivity, and on a surface-code photonic fusion-based quantum computer with an active-volume architecture, which enjoys a logarithmic number of nonlocal connections between logical qubits. At 10<inline-formula><tex-math>$\\%$</tex-math></inline-formula> threshold and compared to a baseline device with a 1-<inline-formula><tex-math>$\\mu \\text{s}$</tex-math></inline-formula> code cycle, our algorithm runs <inline-formula><tex-math>$\\gtrsim$</tex-math></inline-formula> 2–20 times faster, depending on the operating regime of the hardware and over all considered field sizes, on a photonic active-volume device.","PeriodicalId":100644,"journal":{"name":"IEEE Transactions on Quantum Engineering","volume":"6 ","pages":"1-23"},"PeriodicalIF":4.6000,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11072281","citationCount":"0","resultStr":"{\"title\":\"Quantum Resource Estimates for Computing Binary Elliptic Curve Discrete Logarithms\",\"authors\":\"Michael Garn;Angus Kan\",\"doi\":\"10.1109/TQE.2025.3586541\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We perform logical and physical resource estimation for computing binary elliptic curve discrete logarithms using Shor's algorithm on fault-tolerant quantum computers. We adopt a windowed approach to design our circuit implementation of the algorithm, which comprises repeated applications of elliptic curve point addition operations and table look-ups. Unlike previous work, the point addition operation is implemented exactly, including all exceptional cases. We provide exact logical gate and qubit counts of our algorithm for cryptographically relevant binary field sizes. Furthermore, we estimate the hardware footprint and runtime of our algorithm executed on surface-code matter-based quantum computers with a baseline architecture, where logical qubits have nearest-neighbor connectivity, and on a surface-code photonic fusion-based quantum computer with an active-volume architecture, which enjoys a logarithmic number of nonlocal connections between logical qubits. At 10<inline-formula><tex-math>$\\\\%$</tex-math></inline-formula> threshold and compared to a baseline device with a 1-<inline-formula><tex-math>$\\\\mu \\\\text{s}$</tex-math></inline-formula> code cycle, our algorithm runs <inline-formula><tex-math>$\\\\gtrsim$</tex-math></inline-formula> 2–20 times faster, depending on the operating regime of the hardware and over all considered field sizes, on a photonic active-volume device.\",\"PeriodicalId\":100644,\"journal\":{\"name\":\"IEEE Transactions on Quantum Engineering\",\"volume\":\"6 \",\"pages\":\"1-23\"},\"PeriodicalIF\":4.6000,\"publicationDate\":\"2025-07-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11072281\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Quantum Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/11072281/\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Quantum Engineering","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/11072281/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Quantum Resource Estimates for Computing Binary Elliptic Curve Discrete Logarithms
We perform logical and physical resource estimation for computing binary elliptic curve discrete logarithms using Shor's algorithm on fault-tolerant quantum computers. We adopt a windowed approach to design our circuit implementation of the algorithm, which comprises repeated applications of elliptic curve point addition operations and table look-ups. Unlike previous work, the point addition operation is implemented exactly, including all exceptional cases. We provide exact logical gate and qubit counts of our algorithm for cryptographically relevant binary field sizes. Furthermore, we estimate the hardware footprint and runtime of our algorithm executed on surface-code matter-based quantum computers with a baseline architecture, where logical qubits have nearest-neighbor connectivity, and on a surface-code photonic fusion-based quantum computer with an active-volume architecture, which enjoys a logarithmic number of nonlocal connections between logical qubits. At 10$\%$ threshold and compared to a baseline device with a 1-$\mu \text{s}$ code cycle, our algorithm runs $\gtrsim$ 2–20 times faster, depending on the operating regime of the hardware and over all considered field sizes, on a photonic active-volume device.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
