Efficient Computation of (2^n,2^n)-Isogenies

Sabrina Kunzweiler

Paper 2022/990

Efficient Computation of (2^n,2^n)-Isogenies

Sabrina Kunzweiler

, Ruhr University Bochum

Abstract

Elliptic curves are abelian varieties of dimension one; the two-dimensional analogue are abelian surfaces. In this work we present an algorithm to compute $(2^{n}, 2^{n})$ -isogenies of abelian surfaces defined over finite fields. These isogenies are the natural generalization of $2^{n}$ -isogenies of elliptic curves. Our algorithm is designed to be used in higher-dimensional variants of isogeny-based cryptographic protocols such as G2SIDH which is a genus- $2$ version of the Supersingular Isogeny Diffie-Hellman (SIDH) key exchange. We analyze the performance of our algorithm in cryptographically relevant settings and show that it significantly improves upon previous implementations. Different results deduced in the development of our algorithm are also interesting beyond this application. For instance, we derive a formula for the evaluation of -isogenies. Given an element in Mumford coordinates, this formula outputs the (unreduced) Mumford coordinates of its image under the -isogeny. Furthermore, we study -torsion points on Jacobians of hyperelliptic curves and explain how to extract square-roots of coefficients of -torsion points from these points.

Metadata

Available format(s): PDF
Category: Implementation
Publication info: Preprint.
Keywords: post-quantum cryptography G2SIDH hyperelliptic curves
Contact author(s): sabrina kunzweiler @ rub de
History: 2022-08-03: approved; 2022-08-02: received; See all versions
Short URL: https://ia.cr/2022/990
License: CC BY

BibTeX

@misc{cryptoeprint:2022/990,
      author = {Sabrina Kunzweiler},
      title = {Efficient Computation of (2^n,2^n)-Isogenies},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/990},
      year = {2022},
      url = {https://eprint.iacr.org/2022/990}
}