## Cryptology ePrint Archive: Report 2018/267

A Note on Post-Quantum Authenticated Key Exchange from Supersingular Isogenies

Patrick Longa

Abstract: In this work, we study several post-quantum authenticated key exchange protocols in the setting of supersingular isogenies. Leveraging the design of the well-studied schemes by Krawczyk (2003), Boyd et al. (2008), Fujioka et al. (2013), Krawczyk and Wee (2015), and others, we show how to use the Supersingular Isogeny Diffie-Hellman (SIDH) and Supersingular Isogeny Key Encapsulation (SIKE) protocols as basic building blocks to construct efficient and flexible authenticated key exchange schemes featuring different functionalities and levels of security.

This note is also intended to be a gentle'' introduction to supersingular isogeny based cryptography, and its most relevant constructions, for protocol designers and cryptographers.

Category / Keywords: cryptographic protocols / Authenticated key exchange, post-quantum cryptography, supersingular isogenies, SIDH, SIKE, Canetti-Krawczyk (CK) model, TLS 1.3

Date: received 13 Mar 2018, last revised 20 Mar 2018

Contact author: plonga at microsoft com

Available format(s): PDF | BibTeX Citation

Note: Includes improvements to introduction and Section 2.2.

Short URL: ia.cr/2018/267

[ Cryptology ePrint archive ]