Paper 2017/1143

Faster key compression for isogeny-based cryptosystems

Gustavo H. M. Zanon, Marcos A. Simplicio Jr, Geovandro C. C. F. Pereira, Javad Doliskani, and Paulo S. L. M. Barreto


Supersingular isogeny-based cryptography is one of the more recent families of post-quantum proposals. An interesting feature is the comparatively low bandwidth occupation in key agreement protocols, which stems from the possibility of key compression. However, compression and decompression introduce a significant overhead to the overall processing cost despite recent progress. In this paper we address the main processing bottlenecks involved in key compression and decompression, and suggest substantial improvements for each of them. Some of our techniques may have an independent interest for other, more conventional areas of elliptic curve cryptography as well.

Available format(s)
Publication info
Published elsewhere. Major revision. International Conference on Post-Quantum Cryptography - PQCrypto 2018
Post-quantum cryptographySupersingular elliptic curvesPublic-key compressionPohlig-Hellman algorithmDiffie-Hellman key exchange
Contact author(s)
geovandro pereira @ uwaterloo ca
2018-11-05: last of 5 revisions
2017-11-27: received
See all versions
Short URL
Creative Commons Attribution


      author = {Gustavo H.  M.  Zanon and Marcos A.  Simplicio Jr and Geovandro C.  C.  F.  Pereira and Javad Doliskani and Paulo S.  L.  M.  Barreto},
      title = {Faster key compression for isogeny-based cryptosystems},
      howpublished = {Cryptology ePrint Archive, Paper 2017/1143},
      year = {2017},
      doi = {10.1007/978-3-319-79063-3_12},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.