Cryptology ePrint Archive: Report 2019/1244

A Note on a Static SIDH Protocol

Samuel Dobson and Trey Li and Lukas Zobernig

Abstract: It is well known, due to the adaptive attack by Galbraith, Petit, Shani, and Ti (GPST), that plain SIDH is insecure in the static setting. Recently, Kayacan's preprint "A Note on the Static-Static Key Agreement Protocol from Supersingular Isogenies", ePrint 2019/815, presented two possible fixes. Protocol A (also known as 2-SIDH, a low-degree instantiation of the more general k-SIDH) has been broken by Dobson, Galbraith, LeGrow, Ti, and Zobernig. In this short note we will show how to break Protocol B in one oracle query per private key bit and $O(1)$ local complexity.

Category / Keywords: public-key cryptography / cryptanalysis, supersingular isogeny Diffie-Hellman

Date: received 23 Oct 2019

Contact author: samuel dobson nz at gmail com,trey li@auckland ac nz,lukas zobernig@auckland ac nz

Available format(s): PDF | BibTeX Citation

Version: 20191024:094127 (All versions of this report)

Short URL: ia.cr/2019/1244


[ Cryptology ePrint archive ]