Paper 2023/225

A Post-Quantum Round-Optimal Oblivious PRF from Isogenies

Andrea Basso, University of Bristol, University of Birmingham

An oblivious pseudorandom function, or OPRF, is an important primitive that is used to build many advanced cryptographic protocols. Despite its relevance, very few post-quantum solutions exist. In this work, we propose a novel OPRF protocol that is post-quantum, verifiable, round-optimal, and moderately compact. Our protocol is based on a previous SIDH-based construction by Boneh, Kogan, and Woo, which was later shown to be insecure due to an attack on its one-more unpredictability. We first propose an efficient countermeasure against this attack by redefining the PRF function to use irrational isogenies. This prevents a malicious user from independently evaluating the PRF. The SIDH-based construction by Boneh, Kogan, and Woo is also vulnerable to the recent attacks on SIDH. We thus demonstrate how to efficiently incorporate the countermeasures against such attacks to obtain a secure OPRF protocol. To achieve this, we also propose the first proof of isogeny knowledge that is compatible with masked torsion points, which may be of independent interest. Lastly, we design a novel non-interactive proof of knowledge of parallel isogenies, which reduces the number of communication rounds of the OPRF to the theoretically-optimal two. Putting everything together, we obtain the most compact post-quantum verifiable OPRF protocol.

Available format(s)
Public-key cryptography
Publication info
Oblivious Pseudorandom FunctionsIsogeniesSIDH
Contact author(s)
andrea basso @ bristol ac uk
2023-02-20: approved
2023-02-19: received
See all versions
Short URL
Creative Commons Attribution


      author = {Andrea Basso},
      title = {A Post-Quantum Round-Optimal Oblivious PRF from Isogenies},
      howpublished = {Cryptology ePrint Archive, Paper 2023/225},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.