Paper 2021/1369

Faster Isogenies for Quantum-Safe SIKE

Rami Elkhatib, Brian Koziel, and Reza Azarderakhsh

Abstract

In the third round of the NIST PQC standardization process, the only isogeny-based candidate, SIKE, suffers from slow performance when compared to other contenders. The large-degree isogeny computation performs a series of isogenous mappings between curves, to account for about 80% of SIKE’s latency. Here, we propose, implement, and evaluate a new method for computing large-degree isogenies of an odd power. Our new strategy for this computation avoids expensive recomputation of temporary isogeny results.We modified open-source libraries targeting x86, ARM64, and ARM32 platforms. Across each of these implementations, our new method achieves 10% and 5% speedups in SIKE’s key encapsulation and decapsulation operations, respectively. Additionally, these implementations use 3% less stack space at only a 48 byte increase in code size. Given the benefit and simplicity of our approach, we recommend this method for current and emerging SIKE implementations.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Contact author(s)
razarder @ pqsecurity com
History
2021-10-12: last of 2 revisions
2021-10-12: received
See all versions
Short URL
https://ia.cr/2021/1369
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2021/1369,
      author = {Rami Elkhatib and Brian Koziel and Reza Azarderakhsh},
      title = {Faster Isogenies for Quantum-Safe SIKE},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1369},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/1369}},
      url = {https://eprint.iacr.org/2021/1369}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.