## Cryptology ePrint Archive: Report 2019/330

Practical Supersingular Isogeny Group Key Agreement

Reza Azarderakhsh and Amir Jalali and David Jao and Vladimir Soukharev

Abstract: We present the first quantum-resistant $n$-party key agreement scheme based on supersingular elliptic curve isogenies. We show that the scheme is secure against quantum adversaries, by providing a security reduction to an intractable isogeny problem. We describe the communication and computational steps required for $n$ parties to establish a common shared secret key. Our scheme is the first non-generic quantum-resistant group key agreement protocol, and is more efficient than generic protocols, with near-optimal communication overhead. In addition, our scheme is contributory, which in some settings is a desirable security property: each party applies a function of their own private key to every further transmission. We implement the proposed protocol in portable C for the special case where three parties establish a shared secret. Moreover, we benchmark our software on two generations of Intel processors, highlighting the feasibility and efficiency of using the proposed scheme in practical settings. The proposed software computes the entire group key agreement in 994 and 1,374 millions of clock cycles on Intel Core i7-6500 Skylake and Core i7-2609 Sandy Bridge processors, respectively.

Category / Keywords: public-key cryptography / Group key agreement, isogenies, post-quantum cryptography

Date: received 26 Mar 2019, last revised 27 Mar 2019

Contact author: ajalali2016 at fau edu

Available format(s): PDF | BibTeX Citation

Short URL: ia.cr/2019/330

[ Cryptology ePrint archive ]