The SQALE of CSIDH: sublinear Vélu quantum-resistant isogeny action with low exponents

Jorge Chávez-Saab; Jesús Javier Chi-Domínguez; Samuel Jaques; Francisco Rodríguez-Henríquez

doi:10.1007/s13389-021-00271-w

The SQALE of CSIDH: sublinear Vélu quantum-resistant isogeny action with low exponents

Jorge Chávez-Saab, Jesús Javier Chi-Domínguez, Samuel Jaques, Francisco Rodríguez-Henríquez

Tietotekniikka

Tutkimustuotos: Artikkeli › Scientific › vertaisarvioitu

10 Lataukset (Pure)

Abstrakti

Recent independent analyses by Bonnetain–Schrottenloher and Peikert in Eurocrypt 2020 significantly reduced the estimated quantum security of the isogeny-based commutative group action key-exchange protocol CSIDH. This paper refines the estimates of a resource-constrained quantum collimation sieve attack to give a precise quantum security to CSIDH. Furthermore, we optimize large CSIDH parameters for performance while still achieving the NIST security levels 1, 2, and 3. Finally, we provide a C-code constant-time implementation of those CSIDH large instantiations using the square-root-complexity Vélu’s formulas recently proposed by Bernstein, De Feo, Leroux and Smith.

Alkuperäiskieli	Englanti
Julkaisu	JOURNAL OF CRYPTOGRAPHIC ENGINEERING
Vuosikerta	12
Numero	3
Varhainen verkossa julkaisun päivämäärä	31 elok. 2021
DOI - pysyväislinkit	https://doi.org/10.1007/s13389-021-00271-w
Tila	Julkaistu - 2022
OKM-julkaisutyyppi	A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä

Julkaisufoorumi-taso

Jufo-taso 1

!!ASJC Scopus subject areas

Software
Computer Networks and Communications

Pääsy asiakirjaan

10.1007/s13389-021-00271-wLisenssi: CC BY

The SQALE of CSIDH sublinear Vélu quantum-resistant isogeny action with low exponentsFinal published version, 747 KBLisenssi: CC BY

http://urn.fi/URN:NBN:fi:tuni-202109247267Lisenssi: CC BY

Siteeraa tätä

@article{0028ff5b194c4e4dbda94b3bb57c7d47,

title = "The SQALE of CSIDH: sublinear V{\'e}lu quantum-resistant isogeny action with low exponents",

abstract = "Recent independent analyses by Bonnetain–Schrottenloher and Peikert in Eurocrypt 2020 significantly reduced the estimated quantum security of the isogeny-based commutative group action key-exchange protocol CSIDH. This paper refines the estimates of a resource-constrained quantum collimation sieve attack to give a precise quantum security to CSIDH. Furthermore, we optimize large CSIDH parameters for performance while still achieving the NIST security levels 1, 2, and 3. Finally, we provide a C-code constant-time implementation of those CSIDH large instantiations using the square-root-complexity V{\'e}lu{\textquoteright}s formulas recently proposed by Bernstein, De Feo, Leroux and Smith.",

keywords = "Isogeny-based cryptography, Post-quantum cryptography, Quantum cryptanalysis, [Constant time implementations], [Finite field arithmetic]",

author = "Jorge Ch{\'a}vez-Saab and Chi-Dom{\'i}nguez, {Jes{\'u}s Javier} and Samuel Jaques and Francisco Rodr{\'i}guez-Henr{\'i}quez",

note = "Funding Information: This project has received funding from the European Research Council (ERC) under the European Union{\textquoteright}s Horizon 2020 research and innovation programme (grant agreement No 804476). S. Jaques was supported by the University of Oxford Clarendon fund. Publisher Copyright: {\textcopyright} 2021, The Author(s).",

year = "2022",

doi = "10.1007/s13389-021-00271-w",

language = "English",

volume = "12",

journal = "JOURNAL OF CRYPTOGRAPHIC ENGINEERING",

issn = "2190-8508",

publisher = "Springer Verlag",

number = "3",

}

TY - JOUR

T1 - The SQALE of CSIDH

T2 - sublinear Vélu quantum-resistant isogeny action with low exponents

AU - Chávez-Saab, Jorge

AU - Chi-Domínguez, Jesús Javier

AU - Jaques, Samuel

AU - Rodríguez-Henríquez, Francisco

N1 - Funding Information: This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (grant agreement No 804476). S. Jaques was supported by the University of Oxford Clarendon fund. Publisher Copyright: © 2021, The Author(s).

PY - 2022

Y1 - 2022

N2 - Recent independent analyses by Bonnetain–Schrottenloher and Peikert in Eurocrypt 2020 significantly reduced the estimated quantum security of the isogeny-based commutative group action key-exchange protocol CSIDH. This paper refines the estimates of a resource-constrained quantum collimation sieve attack to give a precise quantum security to CSIDH. Furthermore, we optimize large CSIDH parameters for performance while still achieving the NIST security levels 1, 2, and 3. Finally, we provide a C-code constant-time implementation of those CSIDH large instantiations using the square-root-complexity Vélu’s formulas recently proposed by Bernstein, De Feo, Leroux and Smith.

AB - Recent independent analyses by Bonnetain–Schrottenloher and Peikert in Eurocrypt 2020 significantly reduced the estimated quantum security of the isogeny-based commutative group action key-exchange protocol CSIDH. This paper refines the estimates of a resource-constrained quantum collimation sieve attack to give a precise quantum security to CSIDH. Furthermore, we optimize large CSIDH parameters for performance while still achieving the NIST security levels 1, 2, and 3. Finally, we provide a C-code constant-time implementation of those CSIDH large instantiations using the square-root-complexity Vélu’s formulas recently proposed by Bernstein, De Feo, Leroux and Smith.

KW - Isogeny-based cryptography

KW - Post-quantum cryptography

KW - Quantum cryptanalysis

KW - [Constant time implementations]

KW - [Finite field arithmetic]

U2 - 10.1007/s13389-021-00271-w

DO - 10.1007/s13389-021-00271-w

M3 - Article

AN - SCOPUS:85113965282

SN - 2190-8508

VL - 12

JO - JOURNAL OF CRYPTOGRAPHIC ENGINEERING

JF - JOURNAL OF CRYPTOGRAPHIC ENGINEERING

IS - 3

ER -

The SQALE of CSIDH: sublinear Vélu quantum-resistant isogeny action with low exponents

Abstrakti

Julkaisufoorumi-taso

!!ASJC Scopus subject areas

Pääsy asiakirjaan

Sormenjälki

Siteeraa tätä