Cryptology ePrint Archive: Report 2018/886

Towards Isogeny-Based Password-Authenticated Key Establishment

Oleg Taraskin and Vladimir Soukharev and David Jao and Jason LeGrow

Abstract: Password authenticated key establishment (PAKE) is a cryptographic primitive that allows two parties who share a low-entropy secret (a password) to securely establish cryptographic keys in the absence of public key infrastructure. We propose the first quantum-resistant password-authenticated key exchange scheme based on supersingular elliptic curve isogenies. The scheme is built upon supersingular isogeny Diffie-Hellman, and uses the password to generate permutations which obscure the auxiliary points. We include elements of a security proof, and discuss roadblocks to obtaining a proof in the BPR model. We also include some performance results.

Category / Keywords: secret-key cryptography / isogeny-based cryptography, password-authenticated key establishment

Original Publication (in the same form): Mathcrypt 2019

Date: received 20 Sep 2018, last revised 14 Jan 2020

Contact author: jlegrow at uwaterloo ca

Available format(s): PDF | BibTeX Citation

Note: Revised to remove incorrect arguments. Includes performance results.

Version: 20200114:171651 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]