Paper 2019/177

Genus Two Isogeny Cryptography

E. V. Flynn
Yan Bo Ti
Abstract

We study (,)-isogeny graphs of principally polarised supersingular abelian surfaces (PPSSAS). The (,)-isogeny graph has cycles of small length that can be used to break the collision resistance assumption of the genus two isogeny hash function suggested by Takashima. Algorithms for computing (2,2)-isogenies on the level of Jacobians and (3,3)-isogenies on the level of Kummers are used to develop a genus two version of the supersingular isogeny Diffie--Hellman protocol of Jao and de~Feo. The genus two isogeny Diffie--Hellman protocol achieves the same level of security as SIDH but uses a prime with a third of the bit length.

Note: Added errata to fix typos.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. PQCrypto 2019
Keywords
Post-quantum cryptography Isogeny-based cryptography Cryptanalysis Key exchange Hash function
Contact author(s)
yanbo ti @ gmail com
History
2022-06-08: revised
2019-02-26: received
See all versions
Short URL
https://ia.cr/2019/177
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/177,
      author = {E. V.  Flynn and Yan Bo Ti},
      title = {Genus Two Isogeny Cryptography},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/177},
      year = {2019},
      url = {https://eprint.iacr.org/2019/177}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.