**Faster Cryptographic Hash Function From Supersingular Isogeny Graphs**

*Javad Doliskani and Geovandro C. C. F. Pereira and Paulo S. L. M. Barreto*

**Abstract: **We propose a variant of the CGL hash, Charles et al. 2009, that is significantly
faster than the original algorithm, and prove that it is preimage and collision resistant. For
$n = \log p$ where $p$ is the characteristic of the finite field, the performance ratio between
CGL and the new proposal is $(5.7n + 110) / (13.5\log n + 46.4)$. This gives an exponential
speed up as the size of $p$ increases. Assuming the best quantum preimage attack on the hash
has complexity $O(p^{\frac{1}{4}})$, we attain a concrete speed-up for a 256-bit quantum
preimage security level by a factor 33.5. For a 384-bit quantum preimage security level, the
speed-up is by a factor 47.8.

**Category / Keywords: **cryptographic protocols / Cryptographic hash functions, Supersingular elliptic curves, Isogeny graphs, Expander graphs

**Date: **received 13 Dec 2017, last revised 9 Apr 2019

**Contact author: **geovandro pereira at uwaterloo ca

**Available format(s): **PDF | BibTeX Citation

**Version: **20190409:192547 (All versions of this report)

**Short URL: **ia.cr/2017/1202

[ Cryptology ePrint archive ]