Abstract
For an odd prime p, let \(E_0\) be a supersingular elliptic curve over \(\mathbb {F}_{p^2}\) with 
. The Deuring correspondence gives a one-to-one correspondence between isogenies \(E_0 \longrightarrow E\) and left 
-ideals. In 2014, Kohel–Lauter–Petit–Tignol provided a probabilistic algorithm, called the KLPT algorithm, that finds an equivalent ideal of a given left 
-ideal with some powersmooth norm. It is useful for both cryptanalyses and constructions in supersingular isogeny-based cryptography. In this paper, we modify the original KLPT algorithm to improve its output quality so that an output ideal has smaller norm. This would give an efficiency for the constructive Deuring correspondence, in which we compute the supersingular elliptic curve corresponding to a given left 
-ideal via the Deuring correspondence. We also report implementation results of our modified KLPT algorithm for primes p up to around 45 bits. This is the largest scale of implementation reports for the original KLPT algorithm in the literature.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Alternatively, we can define \(E_0[I]\) to be the scheme-theoretic intersection \(\bigcap _{\alpha \in I} \ker \alpha \) as a group scheme over \(\overline{\mathbb {F}}_p\).
- 2.
For a positive integer n, a basis \(\{ \alpha _1, \dots , \alpha _n \}\) of a lattice L of rank n is said to be Minkowski-reduced if the first basis element \(\alpha _1\) is a shortest non-zero vector in L and the basis element \(\alpha _i\) is a shortest lattice vector which is linearly independent of \(\alpha _1, \dots , \alpha _{i-1}\) for all \(i = 2, \dots , n\).
References
Babai L (1986) On Lovász’ lattice reduction and the nearest lattice point problem. Combinatorica 6(1):1–13
Charles D, Lauter K, Goren E (2009) Cryptographic hash functions from expander graphs. J Cryptol 22(1):93–113
Cornacchia G (1903) Su di un metodo per la risoluzione in numeri interi dell’ equazione \(\sum _{h=0}^n c_h x^{n-h} y^h = p\). Giornale di Mathematiche di Battaglini 46:33–90
Deuring M (1941) Die Typen der Multiplikatorenringe elliptischer Funktionenkörper. Abhandlungen aus dem Mathematischen Seminar der Universität Hamburg 14:197–272
De Feo L, Kohel D, Leroux A, Petit C, Wesolowski B (2020) SQISign: Compact post-quantum signatures from quaternions and isogenies. In: Advances in Cryptology–ASIACRYPT 2020 (To appear). https://eprint.iacr.org/2020/1240.pdf
Eisenträger K, Hallgren S, Lauter K, Morrison T, Petit C (2018) Supersingular isogeny graphs and endomorphism rings: Reductions and solutions. In: Advances in Cryptology–EUROCRYPT 2018, LNCS, vol 10822. Springer, pp 329–368
Jao D, De Feo L (2011) Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: International Workshop on Post-Quantum Cryptography (PQCrypto 2011), LNCS, vol 7071. Springer, pp 19–34
Jao D et al (2021) SIKE: Supersingular Isogeny Key Encapsulation, Submission to the NIST standardization process on post-quantum cryptography. https://sike.org/
Kohel D (1996) Endomorphism rings of elliptic curves over finite fields, PhD thesis, University of California, Berkeley
Kohel D, Lauter K, Petit C, Tignol J-P (2014) On the quaternion \(\ell \)-isogeny path problem. LMS J Comput Math 17A:418–432
Galbraith SD, Petit C, Shani B, Ti YB (2016) On the security of super singular isogeny crytosystems. In: Advances in cryptology–ASIACRYPT 2016, LNCS, vol 10031. Springer, pp 63–91
Galbraith SD, Petit C, Silva J (2017) Identification protocols and signature schemes based on super singular isogeny problems. In: Advances in cryptology–ASIACRYPT 2017, LNCS, vol 10624. Springer, pp 3–33
Moody D et al (2021) NISTIR 8309: status report on the second round of the NIST post-quantum cryptography standardization process. https://nvlpubs.nist.gov/nistpubs/ir/2020/NIST.IR.8309.pdf
Petit C, Smith S (2018) An improvement to the quaternion analogue of the \(\ell \)-isogeny problem (slides) presented at MathCrypt
Ray D (2018) Constructing the Deuring correspondence with applications to super singular isogeny-based cryptography, Master Thesis, Eindhoven University of Technology
Silverman JH (2009) The arithmetic of elliptic curves, 2nd edn. Springer GTM 106,
The National Institute of Standards and Technology (NIST) (2021) Post-quantum cryptography. https://csrc.nist.gov/projects/post-quantum-cryptography
The Sage Developers, SageMath, the Sage Mathematics Software System (Version 9.0). https://www.sagemath.org/
Voight J (2021) Quaternion algebras (v.0.9.21). https://math.dartmouth.edu/~jvoight/quat-book.pdf
Acknowledgements
The second author was supported by JST, ACT-X Grant Number JPMJAX2001, Japan. This work was also supported by JSPS KAKENHI Grant Numbers 19K22847 and 20K14301, Japan.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kambe, Y., Aikawa, Y., Kudo, M., Yasuda, M., Takashima, K., Yokoyama, K. (2022). Implementation Report of the Kohel–Lauter–Petit–Tignol Algorithm for the Constructive Deuring Correspondence. In: Giri, D., Raymond Choo, KK., Ponnusamy, S., Meng, W., Akleylek, S., Prasad Maity, S. (eds) Proceedings of the Seventh International Conference on Mathematics and Computing . Advances in Intelligent Systems and Computing, vol 1412. Springer, Singapore. https://doi.org/10.1007/978-981-16-6890-6_72
Download citation
DOI: https://doi.org/10.1007/978-981-16-6890-6_72
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-6889-0
Online ISBN: 978-981-16-6890-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)