Skip to main content
SpringerLink
Log in

Group Key Exchange from CSIDH and Its Application to Trusted Setup in Supersingular Isogeny Cryptosystems

  • Conference paper
  • First Online:
Information Security and Cryptology (Inscrypt 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12020))

Included in the following conference series:

Abstract

In this paper, we propose a multi-party (group) key exchange protocol based on CSIDH (Commutative Supersingular Isogeny Diffie–Hellman), which is a post-quantum Diffie-Hellman type key exchange protocol from a commutative group action. The proposed group key exchange protocol called G-CSIDH uses the same size prime modulus p as that in CSIDH for the same security level, and the security of G-CSIDH is reduced to the security of CSIDH.

In addition, we propose the trusted protocol of generating public parameters of supersingular isogeny cryptosystems by using the proposed G-CSIDH. Trust in the setup based on G-CSIDH is reduced to the security of G-CSIDH, and then that of CSIDH. The trusted protocol can be applied to any supersingular isogeny cryptosystem, which uses a supersingular elliptic curve as a public parameter.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    CSIBD is a Burmester–Desmedt [4] type group key exchange protocol based on CSIDH. It is constructed in a similar manner to SIBD.

  2. 2.

    In fact, (G-)SIDH is considered as more secure than (G-)CSIDH since there is a subexponential-time quantum attack on (G-)CSIDH. It may implies that (G-)CSIDH is more inefficient than (G-)SIDH. However, a recent research [1] shows that CSIDH might not be so worse compared to SIDH when we consider non-asymptotic time estimate (via quantum attack reconsideration).

References

  1. Bernstein, D.J., Lange, T., Martindale, C., Panny, L.: Quantum circuits for the CSIDH: optimizing quantum evaluation of isogenies. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 409–441. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17656-3_15

    Chapter  Google Scholar 

  2. Biasse, J.-F., Jao, D., Sankar, A.: A quantum algorithm for computing isogenies between supersingular elliptic curves. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 428–442. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13039-2_25

    Chapter  Google Scholar 

  3. Bos, J.W., Costello, C., Longa, P., Naehrig, M.: Selecting elliptic curves for cryptography: an efficiency and security analysis. J. Cryptogr. Eng. 6(4), 259–286 (2016)

    Article  Google Scholar 

  4. Burmester, M., Desmedt, Y.: A secure and scalable group key exchange system. Inf. Process. Lett. 94(3), 137–143 (2005)

    Article  MathSciNet  Google Scholar 

  5. Castryck, W., Lange, T., Martindale, C., Panny, L., Renes, J.: CSIDH: an efficient post-quantum commutative group action. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11274, pp. 395–427. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03332-3_15

    Chapter  Google Scholar 

  6. Cervantes-Vázquez, D., Chenu, M., Chi-Domínguez, J.-J., De Feo, L., Rodríguez-Henríquez, F., Smith, B.: Stronger and faster side-channel protections for CSIDH. In: Schwabe, P., Thériault, N. (eds.) LATINCRYPT 2019. LNCS, vol. 11774, pp. 173–193. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-30530-7_9

    Chapter  Google Scholar 

  7. Charles, D.X., Lauter, K.E., Goren, E.Z.: Cryptographic hash functions from expander graphs. J. Cryptol. 22(1), 93–113 (2009)

    Article  MathSciNet  Google Scholar 

  8. Childs, A., Jao, D., Soukharev, V.: Constructing elliptic curve isogenies in quantum subexponential time. J. Math. Cryptol. 8(1), 1–29 (2014)

    Article  MathSciNet  Google Scholar 

  9. Delfs, C., Galbraith, S.D.: Computing isogenies between supersingular elliptic curves over \({\mathbb{F}}_p\). Des. Codes Crypt. 78(2), 425–440 (2016)

    Article  MathSciNet  Google Scholar 

  10. Eisenträger, K., Hallgren, S., Lauter, K., Morrison, T., Petit, C.: Supersingular Isogeny graphs and endomorphism rings: reductions and solutions. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 329–368. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78372-7_11

    Chapter  Google Scholar 

  11. De Feo, L., Galbraith, S.D.: SeaSign: compact isogeny signatures from class group actions. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 759–789. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17659-4_26

    Chapter  Google Scholar 

  12. De Feo, L., Jao, D., Plût, J.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. J. Math. Cryptol. 8(3), 209–247 (2018)

    MathSciNet  MATH  Google Scholar 

  13. Furukawa, S., Kunihiro, N., Takashima, K.: Multi-party key exchange protocols from supersingular isogenies. In: International Symposium on Information Theory and Its Applications (ISITA), pp. 208–212 (2018)

    Google Scholar 

  14. Galbraith, S.D., Petit, C., Shani, B., Ti, Y.B.: On the security of supersingular isogeny cryptosystems. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 63–91. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_3

    Chapter  Google Scholar 

  15. Galbraith, S.D., Petit, C., Silva, J.: Identification protocols and signature schemes based on supersingular isogeny problems. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 3–33. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_1

    Chapter  Google Scholar 

  16. Jao, D., De Feo, L.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 19–34. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25405-5_2

    Chapter  MATH  Google Scholar 

  17. Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)

    Article  MathSciNet  Google Scholar 

  18. Love, J., Boneh, D.: Supersingular curves with small non-integer endomorphisms. arXiv preprint arXiv:1910.03180 (2019)

  19. Meyer, M., Campos, F., Reith, S.: On lions and elligators: an efficient constant-time implementation of CSIDH. In: Ding, J., Steinwandt, R. (eds.) PQCrypto 2019. LNCS, vol. 11505, pp. 307–325. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-25510-7_17

    Chapter  Google Scholar 

  20. Meyer, M., Reith, S.: A faster way to the CSIDH. In: Chakraborty, D., Iwata, T. (eds.) INDOCRYPT 2018. LNCS, vol. 11356, pp. 137–152. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-05378-9_8

    Chapter  Google Scholar 

  21. Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31

    Chapter  Google Scholar 

  22. Onuki, H., Aikawa, Y., Yamazaki, T., Takagi, T.: (Short Paper) a faster constant-time algorithm of CSIDH keeping two points. In: Attrapadung, N., Yagi, T. (eds.) IWSEC 2019. LNCS, vol. 11689, pp. 23–33. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26834-3_2

    Chapter  Google Scholar 

  23. Petit, C.: Faster algorithms for isogeny problems using torsion point images. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 330–353. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_12

    Chapter  Google Scholar 

  24. Renes, J.: Computing isogenies between montgomery curves using the action of (0, 0). In: Lange, T., Steinwandt, R. (eds.) PQCrypto 2018. LNCS, vol. 10786, pp. 229–247. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-79063-3_11

    Chapter  Google Scholar 

  25. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Article  MathSciNet  Google Scholar 

  26. Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999)

    Article  MathSciNet  Google Scholar 

  27. Shumow, D., Ferguson, N.: On the possibility of a back door in the NIST SP800-90 Dual Ec Prng (2007). http://rump2007.cr.yp.to/15-shumow.pdf

  28. Silverman, J.H.: The Arithmetic of Elliptic Curves, 2nd edn. Springer, New York (2009). https://doi.org/10.1007/978-0-387-09494-6

    Book  MATH  Google Scholar 

  29. Steiner, M., Tsudik, G., Waidner, M.: Diffie-Hellman key distribution extended to group communication. In: Proceedings of the 3rd ACM Conference on Computer and Communications Security, pp. 31–37 (1996)

    Google Scholar 

  30. Vélu, J.: Isogénies entre courbes elliptiques. CR Acad. Sci. Paris, Séries A 273, 305–347 (1971)

    MATH  Google Scholar 

  31. Waterhouse, W.C.: Abelian varieties over finite fields. Annales Scientifiques de l’École Normale Supérieure 2, 521–560 (1969)

    Article  MathSciNet  Google Scholar 

Download references

Acknowlegements

This work was supported by JST CREST Grant Number JPMJCR14D6, Japan.

Author information

Authors and Affiliations

  1. Department of Mathematical Informatics, The University of Tokyo, Bunkyo, Japan

    Tomoki Moriya & Tsuyoshi Takagi

  2. Mitsubishi Electric, Kamakura, Japan

    Katsuyuki Takashima

Authors
  1. Tomoki Moriya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Katsuyuki Takashima
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tsuyoshi Takagi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tomoki Moriya .

Editor information

Editors and Affiliations

  1. College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Zhe Liu

  2. Computer Science Department, Columbia University, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Moriya, T., Takashima, K., Takagi, T. (2020). Group Key Exchange from CSIDH and Its Application to Trusted Setup in Supersingular Isogeny Cryptosystems. In: Liu, Z., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2019. Lecture Notes in Computer Science(), vol 12020. Springer, Cham. https://doi.org/10.1007/978-3-030-42921-8_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42921-8_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42920-1

  • Online ISBN: 978-3-030-42921-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation