Abstract
Supersingular isogeny-based cryptography is one of the more recent families of post-quantum proposals. An interesting feature is the comparatively low bandwidth occupation in key agreement protocols, which stems from the possibility of key compression. However, compression and decompression introduce a significant overhead to the overall processing cost despite recent progress. In this paper we address the main processing bottlenecks involved in key compression and decompression, and suggest substantial improvements for each of them. Some of our techniques may have an independent interest for other, more conventional areas of elliptic curve cryptography as well.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We stress, however, that here the naming is purely analogous: there is no quantum process involved in the construction.
- 2.
This part closely follows the idea behind [8, Chap. 1 (Sect. 4), Theorem 4.1].
References
Azarderakhsh, R., Jao, D., Kalach, K., Koziel, B., Leonardi, C.: Key compression for isogeny-based cryptosystems. In: Proceedings of the 3rd ACM International Workshop on ASIA Public-Key Cryptography, pp. 1–10. ACM (2016)
Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–369. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45708-9_23
Bernstein, D.J., Hamburg, M., Krasnova, A., Lange, T.: Elligator: elliptic-curve points indistinguishable from uniform random strings. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 967–980. ACM (2013)
Bernstein, D.J., Lange, T.: Analysis and optimization of elliptic-curve single-scalar multiplication. In: Finite Fields and Applications: Proceedings of Fq8, Number 461 in Contemporary Mathematics, pp. 1–18. American Mathematical Society, Providence (2008)
Costello, C., Jao, D., Longa, P., Naehrig, M., Renes, J., Urbanik, D.: Efficient compression of SIDH public keys. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 679–706. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56620-7_24
De Feo, L., Jao, D., Plût, J.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. J. Math. Cryptol. 8(3), 209–247 (2014)
Faz-Hernández, A., López, J., Ochoa-Jiménez, E., Rodríguez-Henríquez, F.: A faster software implementation of the supersingular isogeny Diffie-Hellman key exchange protocol. Cryptology ePrint Archive, Report 2017/1015 (2017)
Husemöller, D.: Elliptic Curves: Graduate Texts in Mathematics, vol. 111, 2nd edn. Springer, New York (2004). https://doi.org/10.1007/978-0-387-09494-6
Jao, D., De Feo, L.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 19–34. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-319-56620-7_24
MS SIDH team: SIDH v2.0 (2017). https://github.com/Microsoft/PQCrypto-SIDH
Subramanya Rao, S.R.: Three dimensional montgomery ladder, differential point tripling on montgomery curves and point quintupling on weierstrass’ and edwards curves. In: Pointcheval, D., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2016. LNCS, vol. 9646, pp. 84–106. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31517-1_5
Schaefer, E., Stoll, M.: How to do a \(p\)-descent on an elliptic curve. Trans. Am. Math. Soc. 356(3), 1209–1231 (2004)
Shoup, V.: A Computational Introduction to Number Theory and Algebra. Cambridge University Press, Cambridge (2005)
Silverman, J.H.: The Arithmetic of Elliptic Curves: Graduate Texts in Mathematics, vol. 106, 2nd edn. Springer, New York (2009). https://doi.org/10.1007/b97292
Spiegel, M.R., Liu, J.: Mathematical Handbook of Formulas and Tables. Schaum’s Outline Series, 2nd edn. McGraw-Hill, New York (1999)
Zanon, G.H.M., Simplicio Jr., M.A., Pereira, G.C.C.F., Doliskani, J., Barreto, P.S.L.M.: Faster isogeny-based compressed key agreement. Technical report, Cryptology ePrint Archive, Report 2017/1143 (2017)
Acknowledgment
J. Doliskani and G. Pereira were supported by NSERC, CryptoWorks21, and Public Works and Government Services Canada. M. Simplicio was supported by Brazilian National Council for Scientific and Technological Development (CNPq) under grant 301198/2017-9. M. Simplicio, P. Barreto and G. Zanon were partially supported by the joint São Paulo Research Foundation (FAPESP) / Intel Research grant 2015/50520-6 “Efficient Post-Quantum Cryptography for Building Advanced Security Applications.” M. Simplicio and P. Barreto are also partially supported by the São Paulo Research Foundation (FAPESP) under grant 13/25977-7.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Pairing Algorithms
A Pairing Algorithms
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Zanon, G.H.M., Simplicio, M.A., Pereira, G.C.C.F., Doliskani, J., Barreto, P.S.L.M. (2018). Faster Isogeny-Based Compressed Key Agreement. In: Lange, T., Steinwandt, R. (eds) Post-Quantum Cryptography. PQCrypto 2018. Lecture Notes in Computer Science(), vol 10786. Springer, Cham. https://doi.org/10.1007/978-3-319-79063-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-79063-3_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-79062-6
Online ISBN: 978-3-319-79063-3
eBook Packages: Computer ScienceComputer Science (R0)