Paper 2018/1033

One-Round Authenticated Group Key Exchange from Isogenies

Atsushi Fujioka, Katsuyuki Takashima, and Kazuki Yoneyama


We propose two one-round authenticated group-key exchange protocols from newly employed cryptographic invariant maps (CIMs): one is secure under the quantum random oracle model and the other resists against maximum exposure where a non-trivial combination of secret keys is revealed. The security of the former (resp. latter) is proved under the n-way decisional Diffie-Hellman (resp. n-way gap Diffie-Hellman) assumption on the CIMs in the quantum random (resp. random) oracle model. We instantiate the proposed protocols on the hard homogeneous spaces with limitation where the number of the user group is two. In particular, the protocols instantiated by using the CSIDH, commutative supersingular isogeny Diffie-Hellman, key exchange are currently more realistic than the general n-party CIM-based ones due to its implementability. Our two-party one-round protocols are secure against quantum adversaries.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. ProvSec 2019 (short paper)
one-round authenticated group key exchangecryptographic invariant mapshard homogeneous spacesG-CK modelG-CK^+ modelquantum adversary
Contact author(s)
Takashima Katsuyuki @ aj mitsubishielectric co jp
2019-11-02: last of 2 revisions
2018-10-30: received
See all versions
Short URL
Creative Commons Attribution


      author = {Atsushi Fujioka and Katsuyuki Takashima and Kazuki Yoneyama},
      title = {One-Round Authenticated Group Key Exchange from Isogenies},
      howpublished = {Cryptology ePrint Archive, Paper 2018/1033},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.