U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Presentation

Torsion point attacks on “SIDH-like” cryptosystems

June 7, 2021

Presenters

Péter Kutas - University of Birmingham

Description

Isogeny-based cryptography is a promising approach for post-quantum cryptography. The best-known protocol following that approach is the supersingular isogeny Diffie-Hellman protocol (SIDH); this protocol was turned into the CCA-secure key encapsulation mechanism SIKE submitted to NIST post-quantum standardization process, which has remained in the third round as an “alternate” candidate. Isogeny-based cryptography generally relies on the conjectured hardness of computing an isogeny between two isogenous elliptic curves, and most cryptanalytic work referenced on SIKE’s webpage exclusively focuses on that problem. Interestingly, the hardness of this problem is sufficient for neither SIDH nor SIKE. In particular, these protocols reveal additional information on the secret isogeny, in the form of images of specific torsion points through the isogeny.

This paper surveys existing cryptanalysis approaches exploiting this often called “torsion point information”, summarizes their current impact on SIKE and related algorithms, and suggests some research directions that might lead to further impact.

Event Details

Location

    
                            

Related Topics

Security and Privacy: post-quantum cryptography

Created June 07, 2021, Updated June 10, 2021