**Faster Cryptographic Hash Function From Supersingular Isogeny Graphs**

*Javad Doliskani and Geovandro C. C. F. Pereira and Paulo S. L. M. Barreto*

**Abstract: **We propose a variant of the CGL hash, Charles et al. 2009, that is significantly
faster than the original algorithm, and prove that it is preimage and collision resistant. For
$n = \log p$ where $p$ is the characteristic of the finite field, the performance ratio between
CGL and the new proposal is $(2n + 104.8) / (1.8\log n + 12.6)$. Assuming the best quantum
preimage attack on the hash has complexity $O(p^{\frac{1}{4}})$, we attain a concrete speed-up
for a 256-bit quantum preimage security level by a factor 70.35. For a 384-bit quantum preimage
security level, the speed-up is by a factor 100.36.

**Category / Keywords: **Cryptographic hash functions, Supersingular elliptic curves, Isogeny graphs, Expander graphs

**Date: **received 13 Dec 2017, last revised 18 Dec 2017

**Contact author: **geovandro pereira at uwaterloo ca

**Available format(s): **PDF | BibTeX Citation

**Version: **20171218:205717 (All versions of this report)

**Short URL: **ia.cr/2017/1202

**Discussion forum: **Show discussion | Start new discussion

[ Cryptology ePrint archive ]