A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Filters
Supersingular Isogeny Graphs and Endomorphism Rings: Reductions and Solutions
[chapter]
2018
Lecture Notes in Computer Science
Preserved Fulltext
We prove reductions between the problem of path finding in the -isogeny graph, computing maximal orders isomorphic to the endomorphism ring of a supersingular elliptic curve, and computing the endomorphism ...
In this paper, we study several related computational problems for supersingular elliptic curves, their isogeny graphs, and their endomorphism rings. ...
We thank John Voight for many helpful discussions regarding orders in quaternion algebras and their connection with supersingular elliptic curves. ...
doi:10.1007/978-3-319-78372-7_11
fatcat:wvs4ee46hbak3plxmpmmlnqsmm
The supersingular isogeny path and endomorphism ring problems are equivalent
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
We prove that the path-finding problem in ℓ-isogeny graphs and the endomorphism ring problem for supersingular elliptic curves are equivalent under reductions of polynomial expected time, assuming the ...
The presumed hardness of these problems is foundational for isogeny-based cryptography. ...
As an application we prove that the path-finding problem in ℓ-isogeny graphs and the endomorphism ring problem for supersingular elliptic curves are equivalent under reductions of polynomial expected time ...
arXiv:2111.01481v1
fatcat:l56uyhwrmzbv7gxqhmnme4mx3a
The supersingular isogeny path and endomorphism ring problems are equivalent
2022
2021 IEEE 62nd Annual Symposium on Foundations of Computer Science (FOCS)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
We prove that the path-finding problem in -isogeny graphs and the endomorphism ring problem for supersingular elliptic curves are equivalent under reductions of polynomial expected time, assuming the generalised ...
The presumed hardness of these problems is foundational for isogeny-based cryptography. ...
As an application we prove that the path-finding problem in -isogeny graphs and the endomorphism ring problem for supersingular elliptic curves are equivalent under reductions of polynomial expected time ...
doi:10.1109/focs52979.2021.00109
fatcat:uxtllin6djfizn3qsmgydudhm4
Computing isogenies between supersingular elliptic curves over F_p
[article]
2013
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Let p>3 be a prime and let E, E' be supersingular elliptic curves over F_p. We want to construct an isogeny phi: E --> E'. ...
In this paper we consider the structure of the isogeny graph of supersingular elliptic curves over F_p. ...
Acknowledgements We thank David Kohel and Drew Sutherland for helpful conversations and Marco Streng for the idea of the proof of Proposition 2.6. ...
arXiv:1310.7789v1
fatcat:pvbpmuwzrvgoncxbqfzaje72nm
Computational problems in supersingular elliptic curve isogenies
2018
Quantum Information Processing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We give a brief survey of elliptic curve isogenies and the computational problems relevant for supersingular isogeny crypto. ...
Supersingular isogeny cryptography is attracting attention due to the fact that there are no quantum attacks known against it that are significantly faster than classical attacks. ...
Acknowledgement We thank Sean Hallgren, Christophe Petit and Drew Sutherland for discussions and comments. ...
doi:10.1007/s11128-018-2023-6
fatcat:7zlqrtmefffapbfax5qqwzc42u
Higher-degree supersingular group actions
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
We investigate the isogeny graphs of supersingular elliptic curves over 𝔽_p^2 equipped with a d-isogeny to their Galois conjugate. ...
We investigate constructive and destructive aspects of these graphs in isogeny-based cryptography, including generalizations of the CSIDH cryptosystem and the Delfs-Galbraith algorithm. ...
F -endomorphism rings of these curves are an imaginary quadratic ring, and the ideal class group of this ring has a convenient and efficiently-computable commutative action on the F -subgraph. ...
arXiv:2107.08832v1
fatcat:gt2tkvnnprdmrfsupvtcl6sbya
Orienting supersingular isogeny graphs
2020
Journal of Mathematical Cryptology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
AbstractWe introduce a category of 𝓞-oriented supersingular elliptic curves and derive properties of the associated oriented and nonoriented ℓ-isogeny supersingular isogeny graphs. ...
As an application we introduce an oriented supersingular isogeny Diffie-Hellman protocol (OSIDH), analogous to the supersingular isogeny Diffie-Hellman (SIDH) protocol and generalizing the commutative ...
We study some theoretical and practical aspects of the endomorphism ring of a supersingular elliptic curve and their connection with isogeny graphs. ...
doi:10.1515/jmc-2019-0034
fatcat:ecrikykih5e45pf46q4kpxm2iq
Orienteering with one endomorphism
[article]
2022
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2022 pre-print arXiv:2201.11079v1 fatcat:2wogqwxznbfexpro64ndkhv52i
We use the theory of oriented supersingular isogeny graphs and algorithms for taking ascending/descending/horizontal steps on such graphs. ...
In supersingular isogeny-based cryptography, the path-finding problem reduces to the endomorphism ring problem. Can path-finding be reduced to knowing just one endomorphism? ...
Central are the path-finding problem (to find a path between two specified elliptic curves in a supersingular -isogeny graph), and the endomorphism ring problem (to compute the endomorphism ring of a supersingular ...
arXiv:2201.11079v2
fatcat:hmlhxcrp4jfh5b4vnnojcldg4e
Supersingular Curves With Small Non-integer Endomorphisms
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
searching on ℓ-isogeny graphs. ...
We introduce a special class of supersingular curves over F_p^2, characterized by the existence of non-integer endomorphisms of small degree. A number of properties of this set is proved. ...
We would like to thank John Voight for fruitful discussion without which we would not have found the algorithms in Section 7, and Akshay Venkatesh for pointing us towards the key ideas in Section 5. ...
arXiv:1910.03180v3
fatcat:hhyzslzqpvg35ftz2rdfkl5elm
Failing to hash into supersingular isogeny graphs
[article]
2022
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Or, even better, to produce a hash function to the vertices of the supersingular ℓ-isogeny graph which does not reveal the endomorphism ring, or a path to a curve of known endomorphism ring. ...
for which computing the endomorphism ring is as difficult as it is for random supersingular curves. ...
The supersingular endomorphism ring problem and the supersingular isogeny problem are related [26, 31, 54] . ...
arXiv:2205.00135v1
fatcat:e3dpuq3cpbhexj46rhjivxs6vu
On oriented supersingular elliptic curves
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
We revisit theoretical background on OSIDH, that is an isogeny-based key-exchange protocol proposed by Col\'o and Kohel at NutMiC 2019. We give a proof of a fundamental theorem for OSIDH. ...
The theorem was stated by Col\'o and Kohel without proof. ...
The endomorphism ring of a supersingular elliptic curve is isomorphic to a maximal order of a quaternion algebra. The isogeny problem is closely related the structure of the endomorphism ring. ...
arXiv:2002.09894v3
fatcat:kdw7ne4fanc2dcn3sp47smftyy
Supersingular curves with small noninteger endomorphisms
2020
The Open Book Series
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
LOVE AND DAN BONEH (b) The endomorphism rings of M-small supersingular curves, and isogenies between any two of them, can heuristically be computed in time polynomial in M and log p (Section 7). ...
found by searching on -isogeny graphs. ...
and constructive feedback. ...
doi:10.2140/obs.2020.4.7
fatcat:5kzqtmlfe5aztg2kodiiffiqai
Cryptographic Hash Functions from Expander Graphs
2007
Journal of Cryptology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
from hardness of computing isogenies between supersingular elliptic curves. ...
We estimate the cost per bit to compute these hash functions, and we implement our hash function for several members of the Pizer and LPS graph families and give actual timings. ...
We claim that the graph G(p, ) for ≡ 3 (mod 4) cannot have small cycles starting from any vertex representing a supersingular elliptic curve with endomorphism ring m. ...
doi:10.1007/s00145-007-9002-x
fatcat:aeu37cl6fvhmpdlrc5pu22wp7e
Verifiable Delay Functions from Supersingular Isogenies and Pairings
[chapter]
2019
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
We discuss both the advantages and drawbacks of our constructions, we study their security and we demonstrate their practicality with a proof-of-concept implementation. ...
We are grateful to the anonymous reviewers for their attentive reading and their helpful comments. ...
Barbulescu, Jeff Burdges, Wouter Castryck, Jeroen Demeyer, Andreas Enge, Steven Galbraith, Matthew Green, Philipp Jovanovic, Jean Kieffer, Enea Milio, Aurel Page, Lorenz Panny, Damien Robert, Barak Shani and ...
doi:10.1007/978-3-030-34578-5_10
fatcat:xz5fbejjdngk7glu5vp7w5gp44
Mathematics of Isogeny Based Cryptography
[article]
2017
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The reader will excuse us for the inaccuracies and the omissions. ...
They try to provide a guide for Masters' students to get through the vast literature on elliptic curves, without getting lost on their way to learning isogeny based cryptography. ...
The endomorphism ring We have already defined an endomorphism as an isogeny from a curve to itself. ...
arXiv:1711.04062v1
fatcat:i5l6qyzxezhxxbj3a2cee3klwm
« Previous
Showing results 1 — 15 out of 156 results