### On hybrid SIDH schemes using Edwards and Montgomery curve arithmetic

Michael Meyer, Steffen Reith, and Fabio Campos

##### Abstract

Supersingular isogeny Diffie-Hellman (SIDH) is a proposal for a quantum-resistant key exchange. The state-of-the-art implementation works entirely with Montgomery curves and basically can be divided into elliptic curve arithmetic and isogeny arithmetic. It is well known that twisted Edwards curves can provide a more efficient elliptic curve arithmetic. Therefore it was hinted by Costello and Hisil, that by using only Edwards curves for isogeny and curve arithmetic, or a hybrid scheme, that uses Edwards curve arithmetic and switches between the models whenever needed, a speedup in the computation may be gained. Following the latter case, we investigated how to efficiently switch between Montgomery and twisted Edwards curves in SIDH, and how to insert Edwards arithmetic in the current state-of-the-art implementation. We did not gain a speedup compared to the results of Costello, Longa, and Naehrig, but in some cases the performance of Edwards arithmetic is almost equally fast. Thus, we suppose that a hybrid scheme does not improve the performance of SIDH, but still can be interesting for platforms having special hardware acceleration for Edwards curves. However, a full Edwards SIDH version may give a speedup, if fast Edwards isogeny formulas can be found.

Available format(s)
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Contact author(s)
michael meyer @ hs-rm de
History
Short URL
https://ia.cr/2017/1213

CC BY

BibTeX

@misc{cryptoeprint:2017/1213,
author = {Michael Meyer and Steffen Reith and Fabio Campos},
title = {On hybrid SIDH schemes using Edwards and Montgomery curve arithmetic},
howpublished = {Cryptology ePrint Archive, Paper 2017/1213},
year = {2017},
note = {\url{https://eprint.iacr.org/2017/1213}},
url = {https://eprint.iacr.org/2017/1213}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.