Paper 2021/218
SimS: a Simplification of SiGamal
Tako Boris Fouotsa and Christophe Petit
Abstract
At Asiacrypt 2020, Moriya et al. introduced two new IND-CPA secure supersingular isogeny based Public Key Encryption (PKE) protocols: SiGamal and C-SiGamal. Unlike the PKEs canonically derived from SIDH and CSIDH, the new protocols provide IND-CPA security without the use of hash functions. SiGamal and C-SiGamal are however not IND-CCA secure. Moriya et al. suggested a variant of SiGamal that could be IND-CCA secure, but left its study as an open problem. In this paper, we revisit the protocols introduced by Moriya et al. First, we show that the SiGamal variant suggested by Moriya et al. for IND-CCA security is, in fact, not IND-CCA secure. Secondly, we propose a new isogeny-based PKE protocol named SimS, obtained by simplifying SiGamal. SimS has smaller public keys and ciphertexts than (C-)SiGamal and it is more efficient. We prove that SimS is IND-CCA secure under CSIDH security assumptions and one Knowledge of Exponent-type assumption we introduce. Interestingly, SimS is also much closer to the CSIDH protocol, facilitating a comparison between SiGamal and CSIDH.
Note: To appear at PQCrypto 2021
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- Post-quantum cryptographysupersingular isogeniesPKECSIDHSiGamalSimS.
- Contact author(s)
-
takoboris fouotsa @ uniroma3 it
christophe f petit @ gmail com - History
- 2021-05-31: revised
- 2021-03-02: received
- See all versions
- Short URL
- https://ia.cr/2021/218
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/218,
author = {Tako Boris Fouotsa and Christophe Petit},
title = {SimS: a Simplification of SiGamal},
howpublished = {Cryptology ePrint Archive, Paper 2021/218},
year = {2021},
note = {\url{https://eprint.iacr.org/2021/218}},
url = {https://eprint.iacr.org/2021/218}
}
