Cryptology ePrint Archive: Report 2018/882

Pre- and post-quantum Diffie--Hellman from groups, actions, and isogenies

Benjamin Smith

Abstract: Diffie--Hellman key exchange is at the foundations of public-key cryptography, but conventional group-based Diffie--Hellman is vulnerable to Shor's quantum algorithm. A range of ``post-quantum Diffie--Hellman'' protocols have been proposed to mitigate this threat, including the Couveignes, Rostovtsev--Stolbunov, SIDH, and CSIDH schemes, all based on the combinatorial and number-theoretic structures formed by isogenies of elliptic curves. Pre- and post-quantum Diffie--Hellman schemes resemble each other at the highest level, but the further down we dive, the more differences emerge---differences that are critical when we use Diffie--Hellman as a basic component in more complicated constructions. In this survey we compare and contrast pre- and post-quantum Diffie--Hellman algorithms, highlighting some important subtleties.

Category / Keywords: public-key cryptography / key exchange; elliptic-curve cryptography; isogenies; post-quantum cryptosystems

Original Publication (with minor differences): Proceedings of WAIFI 2018

Date: received 19 Sep 2018

Contact author: smith at lix polytechnique fr

Available format(s): PDF | BibTeX Citation

Version: 20180923:192448 (All versions of this report)

Short URL: ia.cr/2018/882


[ Cryptology ePrint archive ]