Due to Grover's algorithm, any exhaustive search attack of block ciphers can achieve a quadratic speed-up. To implement Grover,s exhaustive search and accurately estimate the required resources, one needs to implement the target ciphers as quantum circuits. Recently, there has been increasing interest in quantum circuits implementing lightweight ciphers. In this paper we present the quantum implementations and resource estimates of the lightweight ciphers LBlock and LiCi. We optimize the quantum circuit implementations in the number of gates, required qubits and the circuit depth, and simulate the quantum circuits on ProjectQ. Furthermore, based on the quantum implementations, we analyze the resources required for exhaustive key search attacks of LBlock and LiCi with Grover's algorithm. Finally, we compare the resources for implementing LBlock and LiCi with those of other lightweight ciphers.

翻译：基于Grover算法，分组密码的穷举搜索攻击可实现二次加速。为实现Grover穷举搜索并精确估算所需资源，需将目标密码转化为量子电路实现。近年来，轻量级密码的量子电路实现日益受到关注。本文提出轻量级密码LBlock和LiCi的量子化实现方案及资源评估。我们从门数量、所需量子比特数和电路深度三个维度对量子电路实现进行优化，并在ProjectQ平台上完成电路仿真。进一步地，基于量子实现结果，分析了利用Grover算法对LBlock和LiCi进行穷举密钥搜索攻击所需的资源。最后，将LBlock和LiCi的实现资源与其他轻量级密码进行对比。