Cryptology ePrint Archive: Report 2019/929

On the Degree-Insensitive SI-GDH problem and assumption

Samuel Dobson and Steven D. Galbraith

Abstract: Fujioka, Takashima, Terada and Yoneyama, in their 2018 work on an authenticated key exchange protocol using supersingular isogenies, use new assumptions in their security proof of the scheme. In particular, they define the degree-sensitive and degree-insensitive SI-GDH assumptions and problems. These assumptions include a decision oracle that is used in the security proofs. We give evidence that those assumptions are not well defined. Hence, the security proofs in their paper do not seem to be correct.

Category / Keywords: public-key cryptography / supersingular isogeny Diffie-Hellman

Date: received 14 Aug 2019

Contact author: samuel dobson nz at gmail com,s galbraith@auckland ac nz

Available format(s): PDF | BibTeX Citation

Version: 20190818:154802 (All versions of this report)

Short URL: ia.cr/2019/929