Paper 2018/882

Pre- and post-quantum Diffie--Hellman from groups, actions, and isogenies

Benjamin Smith

Abstract

Diffie--Hellman key exchange is at the foundations of public-key cryptography, but conventional group-based Diffie--Hellman is vulnerable to Shor's quantum algorithm. A range of ``post-quantum Diffie--Hellman'' protocols have been proposed to mitigate this threat, including the Couveignes, Rostovtsev--Stolbunov, SIDH, and CSIDH schemes, all based on the combinatorial and number-theoretic structures formed by isogenies of elliptic curves. Pre- and post-quantum Diffie--Hellman schemes resemble each other at the highest level, but the further down we dive, the more differences emerge---differences that are critical when we use Diffie--Hellman as a basic component in more complicated constructions. In this survey we compare and contrast pre- and post-quantum Diffie--Hellman algorithms, highlighting some important subtleties.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Minor revision. Proceedings of WAIFI 2018
Keywords
key exchangeelliptic-curve cryptographyisogeniespost-quantum cryptosystems
Contact author(s)
smith @ lix polytechnique fr
History
2018-09-23: received
Short URL
https://ia.cr/2018/882
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/882,
      author = {Benjamin Smith},
      title = {Pre- and post-quantum Diffie--Hellman from groups, actions, and isogenies},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/882},
      year = {2018},
      url = {https://eprint.iacr.org/2018/882}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.