Cryptology ePrint Archive: Report 2018/485

Towards practical key exchange from ordinary isogeny graphs

Luca De Feo and Jean Kieffer and Benjamin Smith

Abstract: We revisit the ordinary isogeny-graph based cryptosystems of Couveignes and Rostovtsev–Stolbunov, long dismissed as impractical. We give algorithmic improvements that accelerate key exchange in this framework, and explore the problem of generating suitable system parameters for contemporary pre- and post-quantum security that take advantage of these new algorithms. We also prove the session-key security of this key exchange in the Canetti–Krawczyk model, and the IND-CPA security of the related public-key encryption scheme, under reasonable assumptions on the hardness of computing isogeny walks. Our systems admit efficient key-validation techniques that yield CCA-secure encryption, thus providing an important step towards efficient post-quantum non-interactive key exchange.

Category / Keywords: public-key cryptography / post-quantum cryptography, key exchange, elliptic curves, isogenies

Date: received 21 May 2018

Contact author: luca de-feo at uvsq fr

Available format(s): PDF | BibTeX Citation

Version: 20180523:024924 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]