The SQALE of CSIDH: sublinear Vélu quantum-resistant isogeny action with low exponents

Jorge Chávez-Saab, Jesús Javier Chi-Domínguez, Samuel Jaques, Francisco Rodríguez-Henríquez

Research output: Contribution to journalArticleScientificpeer-review

19 Citations (Scopus)
14 Downloads (Pure)

Abstract

Recent independent analyses by Bonnetain–Schrottenloher and Peikert in Eurocrypt 2020 significantly reduced the estimated quantum security of the isogeny-based commutative group action key-exchange protocol CSIDH. This paper refines the estimates of a resource-constrained quantum collimation sieve attack to give a precise quantum security to CSIDH. Furthermore, we optimize large CSIDH parameters for performance while still achieving the NIST security levels 1, 2, and 3. Finally, we provide a C-code constant-time implementation of those CSIDH large instantiations using the square-root-complexity Vélu’s formulas recently proposed by Bernstein, De Feo, Leroux and Smith.

Original languageEnglish
JournalJOURNAL OF CRYPTOGRAPHIC ENGINEERING
Volume12
Issue number3
Early online date31 Aug 2021
DOIs
Publication statusPublished - 2022
Publication typeA1 Journal article-refereed

Keywords

  • Isogeny-based cryptography
  • Post-quantum cryptography
  • Quantum cryptanalysis
  • [Constant time implementations]
  • [Finite field arithmetic]

Publication forum classification

  • Publication forum level 1

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'The SQALE of CSIDH: sublinear Vélu quantum-resistant isogeny action with low exponents'. Together they form a unique fingerprint.

Cite this