Paper 2022/1479

A Note on Constructing SIDH-PoK-based Signatures after Castryck-Decru Attack

Jesús-Javier Chi-Domínguez, Technology Innovation Institute

This paper centers on the SIDH proof of knowledge work by De Feo, Dobson, Galbraith, and Zobernig, which points out that the Castryck-Decru attack does not apply to their first 3-special soundness construction. This work analyzes and explicitly describes an optimized recoverable Sigma protocol based on that 3-special soundness SIDH-PoK construction. We also discuss the impact of moving to B-SIDH and G2SIDH setups in terms of sizes. Due to the Castryck-Decru attack, we decided to write this paper relying on a theoretical analysis to list expected optimized signature sizes instead of updating eprint 2022/475. We point out that this work is a theoretical analysis extension of eprint 2022/475.

Note: Minor fix concerning G2SIDH size; Minor improvements concerning sizes; Move G2SIDH to Appendix; Fix few typos;

Available format(s)
Public-key cryptography
Publication info
Isogeny-based cryptographyProof-of-KnowledgeSigma protocolSignature schemeRecoverable Sigma protocol
Contact author(s)
jesus dominguez @ tii ae
2023-02-11: last of 5 revisions
2022-10-27: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jesús-Javier Chi-Domínguez},
      title = {A Note on Constructing SIDH-PoK-based Signatures after Castryck-Decru Attack},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1479},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.