Paper 2018/730

Supersingular Isogeny Diffie-Hellman Authenticated Key Exchange

Atsushi Fujioka, Katsuyuki Takashima, Shintaro Terada, and Kazuki Yoneyama


We propose two authenticated key exchange protocols from supersingular isogenies. Our protocols are the first post-quantum one-round Diffie-Hellman type authenticated key exchange ones in the following points: one is secure under the quantum random oracle model and the other resists against maximum exposure where a non-trivial combination of secret keys is revealed. The security of the former and the latter is proven under isogeny versions of the decisional and gap Diffie-Hellman assumptions, respectively. We also propose a new approach for invalidating the Galbraith-Vercauteren-type attack for the gap problem.

Note: This is the full version of a paper appearing in ICISC 2018, the 21st Annual International Conference on Information Security and Cryptology, November 28-30, 2018, Seoul, Korea.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. MAJOR revision.ICISC 2018
one-round authenticated key exchangeCK modelCK^+ modelquantum adversary
Contact author(s)
Takashima Katsuyuki @ aj mitsubishielectric co jp
2018-11-02: last of 4 revisions
2018-08-09: received
See all versions
Short URL
Creative Commons Attribution


      author = {Atsushi Fujioka and Katsuyuki Takashima and Shintaro Terada and Kazuki Yoneyama},
      title = {Supersingular Isogeny Diffie-Hellman Authenticated Key Exchange},
      howpublished = {Cryptology ePrint Archive, Paper 2018/730},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.