Classical and Quantum Algorithms for Isogeny-based Cryptography

نویسنده

  • Anirudh Sankar
چکیده

Isogeny-based cryptography using supersingular elliptic curves — most prominently, the constructions of De Feo-Jao-Plut — is one of the few practical candidates for post-quantum public key cryptography. Its formidable security claim is earned through the continual exploration of quantum algorithms for ‘isogeny problems’ and the assessment of the threat they pose to supersingular isogeny-based cryptography. We survey the rich history of classical and quantum algorithms for isogeny problems, and close with an original result — a quantum algorithm for the general supersingular isogeny problem, based on the discovery of Delfs and Galbraith in 2013 — that has exponential-complexity in general and subexponential complexity in an important sub-case. As yet, this algorithm poses a limited threat to the schemes of De Feo-Jao-Plut; however, it is an important algorithm to consider, for it provides insight into the structure of supersingular curves and the isogenies between them, and may lead to newer destructive quantum algorithms.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Constructing elliptic curve isogenies in quantum subexponential time

Given two elliptic curves over a finite field having the same cardinality and endomorphism ring, it is known that the curves admit an isogeny between them, but finding such an isogeny is believed to be computationally difficult. The fastest known classical algorithm takes exponential time, and prior to our work no faster quantum algorithm was known. Recently, public-key cryptosystems based on t...

متن کامل

Computational problems in supersingular elliptic curve isogenies

We give a brief survey of elliptic curve isogenies and the computational problems relevant for supersingular isogeny crypto. Supersingular isogeny cryptography is attracting attention due to the fact that there are no quantum attacks known against it that are significantly faster than classical attacks. However, the underlying computational problems have not been sufficiently studied by quantum...

متن کامل

FPGA-SIDH: High-Performance Implementation of Supersingular Isogeny Diffie-Hellman Key-Exchange Protocol on FPGA

To the best of our knowledge, we present the first hardware implementation of isogeny-based cryptography available in the literature. Particularly, we present the first implementation of the supersingular isogeny Diffie-Hellman (SIDH) key exchange, which features quantum-resistance. We optimize this design for speed by creating a high throughput multiplier unit, taking advantage of parallelizat...

متن کامل

Efficient Algorithms for Supersingular Isogeny Diffie-Hellman

We propose a new suite of algorithms that significantly improve the performance of supersingular isogeny Diffie-Hellman (SIDH) key exchange. Subsequently, we present a full-fledged implementation of SIDH that is geared towards the 128-bit quantum and 192bit classical security levels. Our library is the first constant-time SIDH implementation and is up to 2.9 times faster than the previous best ...

متن کامل

Pairing Cryptography Meets Isogeny: A New Framework of Isogenous Pairing Groups

We put forth a new mathematical framework called Isogenous Pairing Groups (IPG) and new intractable assumptions in the framework, the Isogenous DBDH (Isog-DBDH) assumption and its variants. Three operations, i.e., exponentiation, pairing and isogeny on elliptic curves are treated under a unified notion of trapdoor homomorphisms, and combinations of the operations have potential new cryptographi...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2015