Paper 2022/880
Efficient supersingularity testing over $\mathbb{F}_p$ and CSIDH key validation
Abstract
Many public-key cryptographic protocols, notably non-interactive key exchange (NIKE), require incoming public keys to be validated to mitigate some adaptive attacks. In CSIDH, an isogeny-based post-quantum NIKE, a key is deemed legitimate if the given Montgomery coefficient specifies a supersingular elliptic curve over the prime field. In this work, we survey the current supersingularity tests used for CSIDH key validation, and implement and measure two new alternative algorithms. Our implementation shows that we can determine supersingularity substantially faster, and using less memory, than the state-of-the-art.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Mathcrypt 2022
- Keywords
- Isogenies Key validation Supersingularity Elliptic Curves
- Contact author(s)
-
gustavo @ cryptme in
vgilchrist @ uwaterloo ca
smith @ lix polytechnique fr - History
- 2022-07-26: revised
- 2022-07-05: received
- See all versions
- Short URL
- https://ia.cr/2022/880
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/880,
author = {Gustavo Banegas and Valerie Gilchrist and Benjamin Smith},
title = {Efficient supersingularity testing over $\mathbb{F}_p$ and CSIDH key validation},
howpublished = {Cryptology ePrint Archive, Paper 2022/880},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/880}},
url = {https://eprint.iacr.org/2022/880}
}
