Paper 2021/272

Isogeny-based key compression without pairings

Geovandro C. C. F. Pereira and Paulo S. L. M. Barreto


SIDH/SIKE-style protocols benefit from key compression to minimize their bandwidth requirements, but proposed key compression mechanisms rely on computing bilinear pairings. Pairing computation is a notoriously expensive operation, and, unsurprisingly, it is typically one of the main efficiency bottlenecks in SIDH key compression, incurring processing time penalties that are only mitigated at the cost of trade-offs with precomputed tables. We address this issue by describing how to compress isogeny-based keys without pairings. As a bonus, we also substantially reduce the storage requirements of other operations involved in key compression.

Available format(s)
Publication info
Published by the IACR in PKC 2021
Isogeny-based cryptosystemskey compressionefficient algorithms
Contact author(s)
pbarreto @ gmail com
geovandro pereira @ uwaterloo ca
pbarreto @ uw edu
2021-04-16: last of 4 revisions
2021-03-04: received
See all versions
Short URL
Creative Commons Attribution


      author = {Geovandro C.  C.  F.  Pereira and Paulo S.  L.  M.  Barreto},
      title = {Isogeny-based key compression without pairings},
      howpublished = {Cryptology ePrint Archive, Paper 2021/272},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.