A subexponential-time, polynomial quantum space algorithm for inverting the CM group action

David Jao, Jason LeGrow, Christopher Leonardi, Luis Ruiz-Lopez
2020 Journal of Mathematical Cryptology  
AbstractWe present a quantum algorithm which computes group action inverses of the complex multiplication group action on isogenous ordinary elliptic curves, using subexponential time, but only polynomial quantum space. One application of this algorithm is that it can be used to find the private key from the public key in the isogeny-based CRS and CSIDH cryptosystems. Prior claims by Childs, Jao, and Soukharev of such a polynomial quantum space algorithm for this problem are false; our
more » ... (along with contemporaneous, independent work by Biasse, Iezzi, and Jacobson) is the first such result.
doi:10.1515/jmc-2015-0057 fatcat:jjectysbanfnzdnbrjcev7zwz4