Paper 2019/1329
Drinfeld modules may not be for isogeny based cryptography
Antoine Joux and Anand Kumar Narayanan
Abstract
Elliptic curves play a prominent role in cryptography. For instance, the hardness of the elliptic curve discrete logarithm problem is a foundational assumption in public key cryptography. Drinfeld modules are positive characteristic function field analogues of elliptic curves. It is natural to ponder the existence/security of Drinfeld module analogues of elliptic curve cryptosystems. But the Drinfeld module discrete logarithm problem is easy even on a classical computer. Beyond discrete logarithms, elliptic curve isogeny based cryptosystems have have emerged as candidates for post-quantum cryptography, including supersingular isogeny Diffie-Hellman (SIDH) and commutative supersingular isogeny Diffie-Hellman (CSIDH) protocols. We formulate Drinfeld module analogues of these elliptic curve isogeny based cryptosystems and devise classical polynomial time algorithms to break these Drinfeld analogues catastrophically.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- cryptanalysiselliptic curve cryptosystemnumber theory
- Contact author(s)
-
antoine joux @ m4x org
anand narayanan @ lip6 fr - History
- 2020-03-20: revised
- 2019-11-19: received
- See all versions
- Short URL
- https://ia.cr/2019/1329
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/1329, author = {Antoine Joux and Anand Kumar Narayanan}, title = {Drinfeld modules may not be for isogeny based cryptography}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/1329}, year = {2019}, url = {https://eprint.iacr.org/2019/1329} }