Paper 2021/543

The Case for SIKE: A Decade of the Supersingular Isogeny Problem

Craig Costello

Abstract

To mark the 10-year anniversary of supersingular isogeny Diffie-Hellman, I will touch on 10 points in defense and support of the SIKE protocol, including the rise of classical hardness, the fact that quantum computers do not seem to offer much help in solving the underlying problem, and the importance of concrete cryptanalytic clarity. In the final section I present the two SIKE challenges: $55k USD is up for grabs for the solutions of mini instances that, according to the SIKE team's security analysis, provide significantly less than 64 bits of classical security. I conclude by urging the proponents of other schemes to construct analogous challenge instances.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Contact author(s)
craigco @ microsoft com
History
2021-06-17: last of 5 revisions
2021-04-27: received
See all versions
Short URL
https://ia.cr/2021/543
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/543,
      author = {Craig Costello},
      title = {The Case for {SIKE}: A Decade of the Supersingular Isogeny Problem},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/543},
      year = {2021},
      url = {https://eprint.iacr.org/2021/543}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.