Paper 2017/1202

Faster Cryptographic Hash Function From Supersingular Isogeny Graphs

Javad Doliskani and Geovandro C. C. F. Pereira and Paulo S. L. M. Barreto

Abstract

We propose a variant of the CGL hash, Charles et al. 2009, that is significantly faster than the original algorithm, and prove that it is preimage and collision resistant. For $n = \log p$ where $p$ is the characteristic of the finite field, the performance ratio between CGL and the new proposal is $(2n + 104.8) / (1.8\log n + 12.6)$. Assuming the best quantum preimage attack on the hash has complexity $O(p^{\frac{1}{4}})$, we attain a concrete speed-up for a 256-bit quantum preimage security level by a factor 70.35. For a 384-bit quantum preimage security level, the speed-up is by a factor 100.36.