Filters








49 Hits in 5.2 sec

Faster Algorithms for Isogeny Problems Using Torsion Point Images [chapter]

Christophe Petit
2017 Lecture Notes in Computer Science  
There is a recent trend in cryptography to construct protocols based on the hardness of computing isogenies between supersingular elliptic curves.  ...  One particularity of the isogeny problems underlying these protocols is that some additional information is given as input, namely the image of some torsion points with order coprime to the isogeny.  ...  This work was developed while the author was at the Mathematical Institute of the University of Oxford, funded by a research grant from the UK government.  ... 
doi:10.1007/978-3-319-70697-9_12 fatcat:uup5luv7b5hmbah6awwolbnjmi

Improved torsion point attacks on SIDH variants [article]

Victoria de Quehen, Péter Kutas, Chris Leonardi, Chloe Martindale, Lorenz Panny, Christophe Petit, Katherine E. Stange
2021 arXiv   pre-print
SIDH is a post-quantum key exchange algorithm based on the presumed difficulty of finding isogenies between supersingular elliptic curves.  ...  improves on the best known asymptotic complexity.  ...  SSI-T is a generalization of the "Computational Supersingular Isogeny problem", or CSSI for short, defined in [21] .  ... 
arXiv:2005.14681v3 fatcat:w3oplqvwufeuhlcm2n3yodetva

Isogeny-Based Quantum-Resistant Undeniable Signatures [chapter]

David Jao, Vladimir Soukharev
2014 Lecture Notes in Computer Science  
We propose an undeniable signature scheme based on elliptic curve isogenies, and prove its security under certain reasonable number-theoretic computational assumptions for which no efficient quantum algorithms  ...  Our proposal represents only the second known quantum-resistant undeniable signature scheme, and the first such scheme secure under a number-theoretic complexity assumption.  ...  Acknowledgments We thank the anonymous referees for providing extensive feedback and assistance in improving our article and our presentation. We also thank Andrew M.  ... 
doi:10.1007/978-3-319-11659-4_10 fatcat:fteoeqwvnzhklct5prvn6d7pja

A framework for reducing the overhead of the quantum oracle for use with Grover's algorithm with applications to cryptanalysis of SIKE

Jean-François Biasse, Benjamin Pring
2020 Journal of Mathematical Cryptology  
This has the effect (for certain problems) of reducing a portion of the polynomial overhead contributed by the implementation cost of quantum oracles and can be used to provide either strict improvements  ...  We additionally provide insights and asymptotic improvements on recent cryptanalysis [16] of SIKE [14] via Grover's algorithm, demonstrating that the speedup applies to this attack and impacting upon quantum  ...  Given E 1 , E 2 , p and e, the Computational SuperSingular Isogeny (CSSI) problem is to find an isogeny between E 1 and E 2 .  ... 
doi:10.1515/jmc-2020-0080 fatcat:63ncoc2opre2xo7y2p6cmund2y

Algebraic approaches for solving isogeny problems of prime power degrees

Yasushi Takahashi, Momonari Kudo, Ryoya Fukasaku, Yasuhiko Ikematsu, Masaya Yasuda, Kazuhiro Yokoyama
2020 Journal of Mathematical Cryptology  
The meet-in-the-middle approach seems the most practical to solve isogeny problems with classical computers.  ...  Their security relies on the hardness of solving isogeny problems over supersingular elliptic curves.  ...  A variant of this problem is when the degree of ϕ is known, and it arises from the cryptanalysis of the hash function of [9] , which requires computing isogenies of degree ℓ e 0 for some small ℓ 0 and  ... 
doi:10.1515/jmc-2020-0072 fatcat:xdqxyn5vszanvnwwupmknekwpi

A trade-off between classical and quantum circuit size for an attack against CSIDH

Jean-François Biasse, Xavier Bonnetain, Benjamin Pring, André Schrottenloher, William Youmans
2020 Journal of Mathematical Cryptology  
The required classical circuit remains subexponential, which is a superpolynomial improvement over the classical state-of-the-art exponential solutions to these problems.  ...  AbstractWe propose a heuristic algorithm to solve the underlying hard problem of the CSIDH cryptosystem (and other isogeny-based cryptosystems using elliptic curves with endomorphism ring isomorphic to  ...  We propose a different trade-off between classical and quantum circuits in the cryptanalysis of CRS and CSIDH relying on the resolution of the Hidden Shift Problem.  ... 
doi:10.1515/jmc-2020-0070 fatcat:43atkedtcjdndmjttt7lknmigu

Efficient Algorithms for Supersingular Isogeny Diffie-Hellman [chapter]

Craig Costello, Patrick Longa, Michael Naehrig
2016 Lecture Notes in Computer Science  
We propose a new suite of algorithms that significantly improve the performance of supersingular isogeny Diffie-Hellman (SIDH) key exchange.  ...  Subsequently, we present a full-fledged implementation of SIDH that is geared towards the 128-bit quantum and 192-bit classical security levels.  ...  We built a software library around a supersingular isogeny class determined by a fixed base curve that was chosen to target 128 bits of quantum security, and showed that these techniques give rise to a  ... 
doi:10.1007/978-3-662-53018-4_21 fatcat:p2zqtbzorjbvpcpyf7gyh2eicq

Towards Quantum-Resistant Cryptosystems from Supersingular Elliptic Curve Isogenies [chapter]

David Jao, Luca De Feo
2011 Lecture Notes in Computer Science  
We present new candidates for quantum-resistant public-key cryptosystems based on the conjectured difficulty of finding isogenies between supersingular elliptic curves.  ...  We give a precise formulation of the necessary computational assumptions along with a discussion of their validity, and prove the security of our protocols under these assumptions.  ...  This work is supported in part by NSERC CRD Grant CRDPJ 405857-10 and by the French Agence Nationale de la Recherche through the ECLIPSES project under Contract ANR-09-VERS-018.  ... 
doi:10.1007/978-3-642-25405-5_2 fatcat:jhygvcc3xnadvhgy5auorab2ey

Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies

Luca De Feo, David Jao, Jérôme Plût
2014 Journal of Mathematical Cryptology  
AbstractWe present new candidates for quantum-resistant public-key cryptosystems based on the conjectured difficulty of finding isogenies between supersingular elliptic curves.  ...  We give a precise formulation of the necessary computational assumptions along with a discussion of their validity, and prove the security of our protocols under these assumptions.  ...  This work is supported in part by NSERC CRD Grant CRDPJ 405857-10 and by the French Agence Nationale de la Recherche through the ECLIPSES project under Contract ANR-09-VERS-018.  ... 
doi:10.1515/jmc-2012-0015 fatcat:rvwrwr7azndrbmbjy5ln3ylxfq

Pre- and Post-quantum Diffie–Hellman from Groups, Actions, and Isogenies [chapter]

Benjamin Smith
2018 Lecture Notes in Computer Science  
number-theoretic structures formed by isogenies of elliptic curves.  ...  A range of "post-quantum Diffie-Hellman" protocols have been proposed to mitigate this threat, including the Couveignes, Rostovtsev-Stolbunov, SIDH, and CSIDH schemes, all based on the combinatorial and  ...  Now consider the supersingular isogeny class over F ℓ nA A -isogeny φ A : E 0 → E A ∼ = E 0 / P A + [a] Q A , which she computes as a series of ℓ A -isogenies.  ... 
doi:10.1007/978-3-030-05153-2_1 fatcat:hrtt6eon7fhnlpfkwxmzwtgd4a

Pre- and post-quantum Diffie-Hellman from groups, actions, and isogenies [article]

Benjamin Smith
2019 arXiv   pre-print
number-theoretic structures formed by isogenies of elliptic curves.  ...  A range of "post-quantum Diffie-Hellman" protocols have been proposed to mitigate this threat, including the Couveignes, Rostovtsev-Stolbunov, SIDH, and CSIDH schemes, all based on the combinatorial and  ...  Now consider the supersingular isogeny class over F ℓ nA A -isogeny φ A : E 0 → E A ∼ = E 0 / P A + [a] Q A , which she computes as a series of ℓ A -isogenies.  ... 
arXiv:1809.04803v3 fatcat:feyexp5afbdurg5rbtbp75rvgq

On the Security of Supersingular Isogeny Cryptosystems [chapter]

Steven D. Galbraith, Christophe Petit, Barak Shani, Yan Bo Ti
2016 Lecture Notes in Computer Science  
A corollary of this work is the first bit security result for the supersingular isogeny key exchange: Computing any component of the j-invariant is as hard as computing the whole j-invariant.  ...  This result gives significant insight into the difficulty of the isogeny problem that underlies the security of these schemes.  ...  This problem has been studied in a number of previous works. The cryptanalysis of Charles-Lauter-Goren's hash function requires computing isogenies of degree e for some small, fixed prime .  ... 
doi:10.1007/978-3-662-53887-6_3 fatcat:q6lleoo7vbdf7l2ya46z64n5ty

Supersingular Isogeny Graphs and Endomorphism Rings: Reductions and Solutions [chapter]

Kirsten Eisenträger, Sean Hallgren, Kristin Lauter, Travis Morrison, Christophe Petit
2018 Lecture Notes in Computer Science  
We prove reductions between the problem of path finding in the -isogeny graph, computing maximal orders isomorphic to the endomorphism ring of a supersingular elliptic curve, and computing the endomorphism  ...  In this paper, we study several related computational problems for supersingular elliptic curves, their isogeny graphs, and their endomorphism rings.  ...  We would also like to thank the anonymous referees for their helpful suggestions and corrections.  ... 
doi:10.1007/978-3-319-78372-7_11 fatcat:wvs4ee46hbak3plxmpmmlnqsmm

Mathematics of Isogeny Based Cryptography [article]

Luca De Feo
2017 arXiv   pre-print
They are by no means a reference text on the theory of elliptic curves, nor on cryptography; students are encouraged to complement these notes with some of the books recommended in the bibliography.  ...  We often prefer to have the main ideas flow smoothly, rather than having a rigorous presentation as one would have in a more classical book.  ...  In general, isogeny graphs are much less flexible than the classical discrete logarithm problem.  ... 
arXiv:1711.04062v1 fatcat:i5l6qyzxezhxxbj3a2cee3klwm

A Contemporary Study on Quantum-Computing Security Mechanisms in 5G Networks

Rydhm Beri , Et. al.
2021 Turkish Journal of Computer and Mathematics Education  
The study discussing about the cryptographic algorithm used in 5G, and what are the various consequences of involvement of quantum computing.  ...  The study focussing on the comprehensive consequences of quantum computing on security implementations of 5G mobile communications.  ...  In 2012, analysts demonstrated that supersingular elliptic bends and supersingular isogeny diagrams can be utilized to make a post-quantum Diffie-Hellman-type figure, yet these methodologies remain moderately  ... 
doi:10.17762/turcomat.v12i2.835 fatcat:re6h6z4pvbblfa5e3cjqxojxsu
« Previous Showing results 1 — 15 out of 49 results