15 Hits in 6.6 sec

An Exposure Model for Supersingular Isogeny Diffie-Hellman Key Exchange [chapter]

Brian Koziel, Reza Azarderakhsh, David Jao
2018 Lecture Notes in Computer Science  
In this work, we present an exposure model for the isogeny computation in the quantum-resistant supersingular isogeny Die-Hellman (SIDH) key exchange protocol.  ...  Notably, we propose this exposure model to characterize the severity of new attacks that force an SIDH user to divulge certain intermediate values.  ...  The authors would like to thank the reviewers for their comments. Also, the authors would like to thank Dr. Luca De Feo for discussion and feedback.  ... 
doi:10.1007/978-3-319-76953-0_24 fatcat:ypguzsexp5dzlfjebgxqkr72nu

Towards Post-Quantum Updatable Public-Key Encryption via Supersingular Isogenies [article]

Edward Eaton, David Jao, Chelsea Komlo
2020 IACR Cryptology ePrint Archive  
At a fundamental level, these variants differ in how encryption and decryption keys are updated, and consequently impact the design and security model for quantum-safe constructions.  ...  We focus our assessment on isogeny-based cryptosystems due to their suitability for performing a potentially unbounded number of update operations, a practical requirement for secure messaging where user  ...  We thank Douglas Stebila for his review of our proof and suggestions on modeling an adaptive adversary that can both select update values and compromise a victim's local state.  ... 
dblp:journals/iacr/EatonJK20 fatcat:c4wpeb7f3jfn3nnf4vbou2cfvi

Authenticated key exchange for SIDH [article]

Steven D. Galbraith
2018 IACR Cryptology ePrint Archive  
We survey authenticated key exchange (AKE) in the context of supersingular isogeny Diffie-Hellman key exchange (SIDH).  ...  We explain some challenges that arise in the SIDH setting if one wants to do a "Diffie-Hellman-like" AKE, and present several candidate authenticated key exchange protocols suitable for SIDH.  ...  Supersingular isogeny Diffie-Hellman key exchange (SIDH) allows two parties to generate a shared random key.  ... 
dblp:journals/iacr/Galbraith18 fatcat:nb66jk73czd5fpxnhzwj5tpibe

Post-Quantum Signal Key Agreement with SIDH [article]

Samuel Dobson, Steven D. Galbraith
2021 IACR Cryptology ePrint Archive  
We then propose a secure replacement for the Signal X3DH key exchange protocol based on SIDH, and provide a proof of security in the Signal-adapted-CK model, showing our protocol satisfies all security  ...  It also benefits from the efficiency of SIDH as a key-exchange protocol, compared to other post-quantum key exchange protocols such as CSIDH.  ...  We will then review the supersingular isogeny Diffie-Hellman key exchange (SIDH) in Section 3.  ... 
dblp:journals/iacr/DobsonG21 fatcat:7sbjwanzqbeqnmwfeg5zgrjtva

Strongly Secure Authenticated Key Exchange from Supersingular Isogeny [article]

Xiu Xu, Haiyang Xue, Kunpeng Wang, Song Tian, Bei Liang, Wei Yu
2018 IACR Cryptology ePrint Archive  
Concretely, we present two AKEs based on a double-key PKE in the supersingular isogeny setting secure in the sense of CK + , one of the strongest security models for AKE.  ...  This paper aims to address the open problem, namely, to find new techniques to design and prove security of supersingular isogeny-based authenticated key exchange (AKE) protocols against the widest possible  ...  Supersingular Isogeny Diffie-Hellman Key Exchange (SIDH).  ... 
dblp:journals/iacr/XuXWTLY18 fatcat:louxcoweqbdtzkq74jha35kb2a

A Supersingular Isogeny-Based Ring Signature [article]

Maryam Sheikhi-Garjan, N. Gamze Orhon Kiliç, Murat Cenk
2021 IACR Cryptology ePrint Archive  
In this paper, we first present a post-quantum sigma protocol for a ring that relies on the supersingular isogeny-based interactive zero-knowledge identification scheme proposed by De Feo, Jao, and Plût  ...  In order to reduce the size of the exchanges, we use the Merkle tree and show that the signature size increases logarithmically in the size of the ring.  ...  Supersingular Decision Diffie-Hellman (SSDDH) Problem.  ... 
dblp:journals/iacr/Sheikhi-GarjanK21 fatcat:dycbevn7lrgm3nbp2qsddmee7y

Compact Authenticated Key Exchange in the Quantum Random Oracle Model [article]

Haiyang Xue, Man Ho Au, Rupeng Yang, Bei Liang, Haodong Jiang
2020 IACR Cryptology ePrint Archive  
Several quantum-resistant authenticated key exchange protocols (AKEs) have been proposed from supersingular isogeny and lattice.  ...  ASIACRYPT 2019] based on supersingular isogeny, 2Kyber-AKE based on Module-LWE, and FSXY, we propose a new construction, CSIAKE, based on commutative supersingular isogeny.  ...  CSIAKE from Commutative Supersingular Isogenies Castryck et al. [14] proposed a commutative supersingular isogeny Diffie-Hellman (CSIDH) key exchange.  ... 
dblp:journals/iacr/XueAYLJ20 fatcat:pwktcv6oxncnxlzl2v2w2pknde

Collusion Resistant Revocable Ring Signatures and Group Signatures from Hard Homogeneous Spaces [article]

Yi-Fu Lai, Samuel Dobson
2021 IACR Cryptology ePrint Archive  
This improves on the existing weak security model (e.g. with selfless anonymity) which fails to guarantee anonymity of members whose keys are exposed.  ...  Our stronger notion requires that the scheme remains secure against full key exposure in the anonymity game, and allows collusion among arbitrary members in the revocability game.  ...  This research is funded by the Ministry for Business, Innovation and Employment in New Zealand.  ... 
dblp:journals/iacr/LaiD21 fatcat:dvf5mhva4vhotmpc2yx7orfley

Improved Strongly Deniable Authenticated Key Exchanges for Secure Messaging

Nik Unger, Ian Goldberg
2018 Proceedings on Privacy Enhancing Technologies  
with an insider (online deniability).  ...  A deniable authenticated key exchange (DAKE) protocol establishes a secure channel without producing cryptographic evidence of communication.  ...  our security proofs, Peter Schwabe for his comments on contributiveness and New Hope, and David Jao for his comments on SIDH.  ... 
doi:10.1515/popets-2018-0003 dblp:journals/popets/UngerG18 fatcat:w4k3paha5zcgvkj46gs33zwe4i

CAKE: Code-Based Algorithm for Key Encapsulation [chapter]

Paulo S. L. M. Barreto, Shay Gueron, Tim Güneysu, Rafael Misoczki, Edoardo Persichetti, Nicolas Sendrier, Jean-Pierre Tillich
2017 Lecture Notes in Computer Science  
Then, we present an authenticated key exchange protocol based on CAKE, which is suitable for the Internet Key Exchange (IKE) standard.  ...  Compared to other post-quantum schemes, we believe that CAKE is a promising candidate for post-quantum key exchange standardization.  ...  Recent works [27, 17] have shown that isogenies in supersingular elliptic curves can be used to devise efficient key exchange mechanisms.  ... 
doi:10.1007/978-3-319-71045-7_11 fatcat:pkf3zng6yvfihilcwkvwauh32a

Quantum Computing and the Financial System: Spooky Action at a Distance?

Tahsin Saadi Sedik, Michael Gorbanyov, Majid Malaika, Jose Deodoro
2021 IMF Working Papers  
key encryption based on Discrete Logarithm (El Gamal, 1985) an the Diffie-Hellman key exchange.  ...  MAIN CRYPTOGRAPHIC ALGORITHMS Diffie-Hellman Diffie-Hellman is one of the first public-key exchange methods.  ... 
doi:10.5089/9781513572727.001 fatcat:2qqpcedixff55ikhuyomiwl3f4

Post-Quantum Era Privacy Protection for Intelligent Infrastructures

Lukas Malina, Petr Dzurenda, Sara Ricci, Jan Hajny, Gautam Srivastava, Raimundas Matulevicius, Abasi-amefon O. Affia, Maryline Laurent, Nazatul Haque Sultan, Qiang Tang
2021 IEEE Access  
In this paper, an up-to-date privacy method mapping and relevant use cases are surveyed for II services.  ...  This in-depth survey begins with an overview of security and privacy threats in IoT/IIs.  ...  IBC schemes are usually key exchange protocols such as Supersingular Isogeny Diffie-Hellman (SIDH) [186] and Supersingular Isogeny Key Exchange (SIKE) [187] . • Lattice-Based • Symmetric Quantum-Resistant  ... 
doi:10.1109/access.2021.3062201 fatcat:kqcwwqjfjnds7bzlrid7r6gjlu

Survey of Promising Technologies for Quantum Drones and Networks

Adarsh Kumar, Surbhi Bhatia, Keshav Kaushik, Manjula Gandhi, Gayathri Devi, Diego Pacheco, Arwa Mashat
2021 IEEE Access  
Diffie-Hellman key exchange, or, as well as no encryption.  ...  These approaches fall largely in LWE/R-based Schemes (LPREncrypt PKE Scheme, and Noisy Diffie Hellman Key Exchange), Key Reuse in LWE/R-based Schemes, NTRU-based Schemes, or Use of Error-Correcting Codes  ... 
doi:10.1109/access.2021.3109816 fatcat:gkyevfoqrfertef7j7gjzcstii

Quantum-safe trust for vehicles

CACM Staff
2021 Communications of the ACM  
Also, as far back as 1994, MIT mathematician Peter Shor developed a quantum algorithm capable of solving the discrete logarithm problem central to Diffie-Hellman key exchange and elliptic curve cryptography  ...  And then you have algorithms like supersingular isogenies that have much smaller keys but run much slower.  ... 
doi:10.1145/3466174 fatcat:dd2qfi6kqbectkhzrrqvv5xpxu

Post-quantum Asynchronous Deniable Key Exchange and the Signal Handshake

Jacqueline Brendel, Rune Fiedler, Felix Günther, Christian Janson, Douglas Stebila, Goichiro Hanaoka, Junji Shikata, Yohei Watanabe
While quantum-resistant key encapsulation mechanisms (KEMs) can replace Diffie-Hellman key exchange in some settings, there is no replacement for the Signal handshake solely from KEMs that achieves all  ...  All of these properties emerge from clever use of the highly flexible Diffie-Hellman protocol.  ...  Acknowledgements We thank Shuichi Katsumata and the anonymous reviewers of PKC 2022 for the helpful comments.  ... 
doi:10.3929/ethz-b-000520264 fatcat:nyqwmst4djbgxhwrzws74qqdn4