Paper 2022/345

On the decisional Diffie-Hellman problem for class group actions on oriented elliptic curves

Wouter Castryck, Marc Houben, Frederik Vercauteren, and Benjamin Wesolowski

Abstract

We show how the Weil pairing can be used to evaluate the assigned characters of an imaginary quadratic order $\mathcal{O}$ in an unknown ideal class $[\mathfrak{a}] \in \mathrm{Cl}(\mathcal{O})$ that connects two given $\mathcal{O}$-oriented elliptic curves $(E, \iota)$ and $(E', \iota') = [\mathfrak{a}](E, \iota)$. When specialized to ordinary elliptic curves over finite fields, our method is conceptually simpler and often faster than a recent approach due to Castryck, Sot\'akov\'a and Vercauteren, who rely on the Tate pairing instead. The main implication of our work is that it breaks the decisional Diffie--Hellman problem for practically all oriented elliptic curves that are acted upon by an even-order class group. It can also be used to better handle the worst cases in Wesolowski's recent reduction from the vectorization problem for oriented elliptic curves to the endomorphism ring problem, leading to a method that always works in sub-exponential time.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
decisional Diffie-Hellmanisogeny-based cryptographyoriented elliptic curvesclass group actionWeil pairing
Contact author(s)
houben mr @ gmail com
History
2022-03-14: received
Short URL
https://ia.cr/2022/345
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/345,
      author = {Wouter Castryck and Marc Houben and Frederik Vercauteren and Benjamin Wesolowski},
      title = {On the decisional Diffie-Hellman problem for class group actions on oriented elliptic curves},
      howpublished = {Cryptology ePrint Archive, Paper 2022/345},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/345}},
      url = {https://eprint.iacr.org/2022/345}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.