Cryptology ePrint Archive: Report 2020/1520
The SQALE of CSIDH: Square-root vélu Quantum-resistant isogeny Action with Low Exponents
Jorge Chávez-Saab and Jesús-Javier Chi-Domínguez and Samuel Jaques and Francisco Rodríguez-Henríquez
Abstract: Recent analyses reported independently by Bonnetain-Schrottenloher and Peikert in Eurocrypt 2020, significantly reduce the estimated quantum security provided by the isogeny-based commutative group action protocol CSIDH. In this paper the CSIDH quantum security is revisited through a comprehensive analysis of the computational cost associated to the quantum collimation sieve attack. Furthermore, we propose a set of primes that can be applied to obtain large instantiations of CSIDH
achieving the NIST security levels 1, 2, and 3. Finally, we provide a C-code constant-time implementation of those CSIDH large instantiations supported by the new Vélu formulae.
Category / Keywords: public-key cryptography / CSIDH, isogeny-based cryptography, Kuperberg attack, quantum collimation sieve attack
Date: received 3 Dec 2020, last revised 17 Dec 2020
Contact author: jorgechavezsaab at gmail com,jesus chidominguez@tuni fi,sam@samueljaques com,francisco@cs cinvestav mx
Available format(s): PDF | BibTeX Citation
Note: Small modifications in the introduction and the Acknowledgements have been extended.
Version: 20201217:112958 (All versions of this report)
Short URL: ia.cr/2020/1520
[ Cryptology ePrint archive ]