## Cryptology ePrint Archive: Report 2018/383

CSIDH: An Efficient Post-Quantum Commutative Group Action

Wouter Castryck and Tanja Lange and Chloe Martindale and Lorenz Panny and Joost Renes

Abstract: We propose an efficient commutative group action suitable for non-interactive key exchange in a post-quantum setting. Our construction follows the layout of the Couveignes-Rostovtsev-Stolbunov cryptosystem, but we apply it to supersingular elliptic curves defined over a large prime field $\mathbb F_p$, rather than to ordinary elliptic curves. The Diffie-Hellman scheme resulting from the group action allows for public-key validation at very little cost, runs reasonably fast in practice, and has public keys of only 64 bytes at a conjectured AES-128 security level, matching NIST's post-quantum security category I.

Category / Keywords: public-key cryptography / post-quantum cryptography, isogeny-based cryptography, class group action, non-interactive key exchange, key confirmation

Original Publication (with minor differences): IACR-ASIACRYPT-2018

Date: received 27 Apr 2018, last revised 23 Nov 2018

Contact author: l s panny at tue nl

Available format(s): PDF | BibTeX Citation

Short URL: ia.cr/2018/383

[ Cryptology ePrint archive ]