Abstract
In this paper, we describe a quantum algorithm for computing an isogeny between any two supersingular elliptic curves defined over a given finite field. The complexity of our method is in \(\tilde{O}(p^{1/4})\) where \(p\) is the characteristic of the base field. Our method is an asymptotic improvement over the previous fastest known method which had complexity \(\tilde{O}(p^{1/2})\) (on both classical and quantum computers). We also discuss the cryptographic relevance of our algorithm.
Keywords
- Elliptic curve cryptography
- Quantum safe cryptography
- Isogenies
- Supersingular curves
This is a preview of subscription content, access via your institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bosma, W., Cannon, J., Playoust, C.: The Magma algebra system. I. the user language. J. Symbolic Comput. 24(3–4), 235–265 (1997)
Boyer, M., Brassard, G.: P. Høyer, and A. Tapp. Tight bounds on quantum searching. Fortschritte Der Physik 46, 493–505 (1998)
Bröker, R.: Constructing supersingular elliptic curves. J. Comb. Number Theory 1(3), 269–273 (2009)
Bröker, R., Charles, D., Lauter, K.: Evaluating Large Degree Isogenies and Applications to Pairing Based Cryptography. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 100–112. Springer, Heidelberg (2008)
Charles, D., Lauter, K., Goren, E.: Cryptographic hash functions from expander graphs. Jornal of Cryptology 22, 93–113 (2009)
Childs, A., Jao, D., Soukharev, V.: Constructing elliptic curve isogenies in quantum subexponential time. Journal of Mathematical Cryptology 8(1), 1–29 (2013)
Couveignes, J.-M.: Hard homgeneous spaces. http://eprint.iacr.org/2006/291
Cox, D. A.: Primes of the form \(x^2+n y^2\). John Wiley & Sons (1989)
Delfs, C., Galbraith, S.: Computing isogenies between supersingular elliptic curves over \(\mathbb{F}_p\). The Proceedings of the 11th Algorithmic Nnumber Theory Symposium (ANTS XI) (to appear)
De Feo, L., Jao, D., Plût, J.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. Journal of Mathematical Cryptology (to appear, 2014). http://eprint.iacr.org/2011/506
Galbraith, S.: Constructing isogenies between elliptic curves over finite fields. LMS Journal of Computation and Mathematics 2, 118–138 (1999)
Galbraith, S., Stolbunov, A.: Improved algorithm for the isogeny problem for ordinary elliptic curves. Applicable Algebra in Engineering, Communication and Computing 24(2), 107–131 (2013)
Grover, L.: A fast quantum mechanical algorithm for database search. In: Proceedings of the Twenty-eighth Annual ACM Symposium on Theory of Computing, STOC 1996, pp. 212–219. ACM, New York (1996)
Littlewood, J.: On the class number of the corpus \(p(\sqrt{k})\). Proc. London Math. Soc. 27, 358–372 (1928)
Jao, D., De Feo, L.: Towards Quantum-Resistant Cryptosystems from Supersingular Elliptic Curve Isogenies. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 19–34. Springer, Heidelberg (2011)
Jao, D., Miller, S.D., Venkatesan, R.: Expander graphs based on GRH with an application to elliptic curve cryptography. J. Number Theory 129(6), 1491–1504 (2009)
Jao, D., Miller, S.D., Venkatesan, R.: Do All Elliptic Curves of the Same Order Have the Same Difficulty of Discrete Log? In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 21–40. Springer, Heidelberg (2005)
Jao, D., Soukharev, V.: Isogeny-Based Quantum-Resistant Undeniable Signatures. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 160–179. Springer, Heidelberg (2014)
Kuperberg, G.: A subexponential-time quantum algorithm for the dihedral hidden subgroup problem. SIAM J. Comput. 35(1), 170–188 (2005)
MAGMA Computational Algebra System. http://magma.maths.usyd.edu.au/
Regev, O.: A subexponential time algorithm for the dihedral hidden subgroup problem with polynomial space. arXiv:quant-ph/0406151
Rostovtsev, A., Stolbunov, A.: Public-key cryptosystem based on isogenies. IACR Cryptology ePrint Archive 2006, 145 (2006)
Schoof, R.: Counting points on elliptic curves over finite fields. Journal de théorie des nombres de Bordeaux 7, 219–254 (1995)
Seiichiro, T.: Claw finding algorithms using quantum walk. Theoretical Computer Science 410(50), 5285–5297 (2009), Mathematical Foundations of Computer Science (MFCS 2007)
Silverman, J.: The arithmetic of elliptic curves, vol. 106. Graduate texts in Mathematics. Springer (1992)
Stolbunov, A.: Constructing public-key cryptographic schemes based on class group action on a set of isogenous elliptic curves. Adv. in Math. of Comm. 4(2), 215–235 (2010)
Sutherland, A.: smoothrelation. http://math.mit.edu/~drew/smooth_relation_v1.2.tar.
Tate, J.: Endomoprhisms of abelian varieties over finite fields. Inventiones Mathematica 2, 134–144 (1966)
Vélu, J.: Isogénies entre courbes elliptiques. C. R. Acad. Sci. Paris Sér. A-B, 273, A238–A241 (1971)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Biasse, JF., Jao, D., Sankar, A. (2014). A Quantum Algorithm for Computing Isogenies between Supersingular Elliptic Curves. In: Meier, W., Mukhopadhyay, D. (eds) Progress in Cryptology -- INDOCRYPT 2014. INDOCRYPT 2014. Lecture Notes in Computer Science(), vol 8885. Springer, Cham. https://doi.org/10.1007/978-3-319-13039-2_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-13039-2_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13038-5
Online ISBN: 978-3-319-13039-2
eBook Packages: Computer ScienceComputer Science (R0)