A Quantum Algorithm for Computing Isogenies between Supersingular Elliptic Curves
نویسندگان
چکیده
In this paper, we describe a quantum algorithm for computing an isogeny between any two supersingular elliptic curves defined over a given finite field. The complexity of our method is in Õ(p) where p is the characteristic of the base field. Our method is an asymptotic improvement over the previous fastest known method which had complexity Õ(p) (on both classical and quantum computers). We also discuss the cryptographic relevance of our algorithm.
منابع مشابه
Diffie-Hellman type key exchange protocols based on isogenies
In this paper, we propose some Diffie-Hellman type key exchange protocols using isogenies of elliptic curves. The first method which uses the endomorphism ring of an ordinary elliptic curve $ E $, is a straightforward generalization of elliptic curve Diffie-Hellman key exchange. The method uses commutativity of the endomorphism ring $ End(E) $. Then using dual isogenies, we propose...
متن کاملQuantum-Resistant Diffie-Hellman Key Exchange from Supersingular Elliptic Curve Isogenies
Possibility of the emergence of quantum computers in the near future, pose a serious threat against the security of widely-used public key cryptosystems such as RSA or Elliptic Curve Cryptography (ECC). Algorithms involving isogeny computations on supersingular elliptic curves have been shown to be difficult to break, even to quantum computers. Thus, isogeny-based protocols represent promising ...
متن کاملTowards Quantum-Resistant Cryptosystems from Supersingular Elliptic Curve Isogenies
We present new candidates for quantum-resistant public-key cryptosystems based on the conjectured difficulty of finding isogenies between supersingular elliptic curves. The main technical idea in our scheme is that we transmit the images of torsion bases under the isogeny in order to allow the two parties to arrive at a common shared key despite the noncommutativity of the endomorphism ring. Ou...
متن کاملOn the Hardness of Computing Endomorphism Rings of Supersingular Elliptic Curves
Cryptosystems based on supersingular isogenies have been proposed recently for use in post-quantum cryptography. Three problems have emerged related to their hardness: computing an isogeny between two curves, computing the endomorphism ring of a curve, and computing a maximal order associated to it. While some of these problems are believed to be polynomial-time equivalent based on heuristics, ...
متن کاملComputational problems in supersingular elliptic curve isogenies
We give a brief survey of elliptic curve isogenies and the computational problems relevant for supersingular isogeny crypto. Supersingular isogeny cryptography is attracting attention due to the fact that there are no quantum attacks known against it that are significantly faster than classical attacks. However, the underlying computational problems have not been sufficiently studied by quantum...
متن کامل