Pitfalls of the sublinear QAOA-based factorization algorithm

Sergey V. Grebnev,Maxim A. Gavreev,Evgeniy O. Kiktenko,Anton P. Guglya,Albert R. Efimov,Aleksey K. Fedorov
DOI: https://doi.org/10.1109/ACCESS.2023.3336989
2023-12-14
Abstract:Quantum computing devices are believed to be powerful in solving the prime factorization problem, which is at the heart of widely deployed public-key cryptographic tools. However, the implementation of Shor's quantum factorization algorithm requires significant resources scaling linearly with the number size; taking into account an overhead that is required for quantum error correction the estimation is that 20 millions of (noisy) physical qubits are required for factoring 2048-bit RSA key in 8 hours. Recent proposal by Yan et al. claims a possibility of solving the factorization problem with sublinear quantum resources. As we demonstrate in our work, this proposal lacks systematic analysis of the computational complexity of the classical part of the algorithm, which exploits the Schnorr's lattice-based approach. We provide several examples illustrating the need in additional resource analysis for the proposed quantum factorization algorithm.
Quantum Physics,Cryptography and Security
What problem does this paper attempt to address?