405 research outputs found
Isogeny-based post-quantum key exchange protocols
The goal of this project is to understand and analyze the supersingular isogeny Diffie Hellman (SIDH), a post-quantum key exchange protocol which security lies on the isogeny-finding problem between supersingular elliptic curves. In order to do so, we first introduce the reader to cryptography focusing on key agreement protocols and motivate the rise of post-quantum cryptography as a necessity with the existence of the model of quantum computation. We review some of the known attacks on the SIDH and finally study some algorithmic aspects to understand how the protocol can be implemented
Easy decision-Diffie-Hellman groups
The decision-Diffie-Hellman problem (DDH) is a central computational problem
in cryptography. It is known that the Weil and Tate pairings can be used to
solve many DDH problems on elliptic curves. Distortion maps are an important
tool for solving DDH problems using pairings and it is known that distortion
maps exist for all supersingular elliptic curves. We present an algorithm to
construct suitable distortion maps. The algorithm is efficient on the curves
usable in practice, and hence all DDH problems on these curves are easy. We
also discuss the issue of which DDH problems on ordinary curves are easy
Ramanujan graphs in cryptography
In this paper we study the security of a proposal for Post-Quantum
Cryptography from both a number theoretic and cryptographic perspective.
Charles-Goren-Lauter in 2006 [CGL06] proposed two hash functions based on the
hardness of finding paths in Ramanujan graphs. One is based on
Lubotzky-Phillips-Sarnak (LPS) graphs and the other one is based on
Supersingular Isogeny Graphs. A 2008 paper by Petit-Lauter-Quisquater breaks
the hash function based on LPS graphs. On the Supersingular Isogeny Graphs
proposal, recent work has continued to build cryptographic applications on the
hardness of finding isogenies between supersingular elliptic curves. A 2011
paper by De Feo-Jao-Pl\^{u}t proposed a cryptographic system based on
Supersingular Isogeny Diffie-Hellman as well as a set of five hard problems. In
this paper we show that the security of the SIDH proposal relies on the
hardness of the SIG path-finding problem introduced in [CGL06]. In addition,
similarities between the number theoretic ingredients in the LPS and Pizer
constructions suggest that the hardness of the path-finding problem in the two
graphs may be linked. By viewing both graphs from a number theoretic
perspective, we identify the similarities and differences between the Pizer and
LPS graphs.Comment: 33 page
Computational problems in supersingular elliptic curve isogenies
We present an overview of supersingular isogeny cryptography and how it fits into the broad theme of post-quantum public key crypto. The paper also gives a brief tutorial of elliptic curve isogenies and the computational problems relevant for supersingular isogeny crypto.
Supersingular isogeny crypto is attracting attention due to the fact that the best attacks, both classical and quantum, require exponential time. However, the underlying computational problems have not been sufficiently studied by quantum algorithm researchers, especially since there are significant mathematical preliminaries needed to fully understand isogeny crypto. The main goal of the paper is to advertise various related computational problems, and to explain the relationships between them, in a way that is accessible to experts in quantum algorithms.
This is a post-peer-review, pre-copyedit version of an article to be published as a perspective paper in the journal Quantum Information Processing
Post-Quantum Cryptography from Supersingular Isogenies (Theory and Applications of Supersingular Curves and Supersingular Abelian Varieties)
This paper is based on a presentation made at RIMS conference on “Theory and Applications of Supersingular Curves and Supersingular Abelian Varieties”, so-called “Supersingular 2020”. Post-quantum cryptography is a next-generation public-key cryptosystem that resistant to cryptoanalysis by both classical and quantum computers. Isogenies between supersingular elliptic curves present one promising candidate, which is called isogeny-based cryptography. In this paper, we give an introduction to two isogeny-based key exchange protocols, SIDH [17] and CSIDH [2], which are considered as a standard in the subject so far. Moreover, we explain briefly our recent result [24] about cycles in the isogeny graphs used in some parameters of SIKE, which is a key encapsulation mechanism based on SIDH
Introduction to algebraic approaches for solving isogeny path-finding problems (Theory and Applications of Supersingular Curves and Supersingular Abelian Varieties)
The isogeny path-finding is a computational problem that finds an isogeny connecting two given isogenous elliptic curves. The hardness of the isogeny path-finding problem supports the fundamental security of isogeny-based cryptosystems. In this paper, we introduce an algebraic approach for solving the isogeny path-finding problem. The basic idea is to reduce the isogeny problem to a system of algebraic equations using modular polynomials, and to solve the system by Gröbner basis computation. We report running time of the algebraic approach for solving the isogeny path-finding problem of 3-power isogeny degrees on supersingular elliptic curves. This is a brief summary of [16] with implementation codes
- …