Paper 2023/433
Efficiency of SIDH-based signatures (yes, SIDH)
Abstract
In this note we assess the efficiency of a SIDH-based digital signature built on a weakened variant of a recent identification protocol proposed by Basso et al. Despite the devastating attacks against (the mathematical problem underlying) SIDH, this identification protocol remains secure, as its security is backed by a different (and more standard) isogeny-finding problem. We conduct our analysis by applying some known cryptographic techniques to decrease the signature size by about $70\%$ for all parameter sets (obtaining signatures of approximately 21 KB for SIKEp434). Moreover, we propose a minor optimisation to compute many isogenies in parallel from the same starting curve. Our assessment confirms that the problem of designing a practical isogeny-based signature scheme remains largely open. However, concretely determine the current state of the art which future optimisations can compare to appears to be of relevance for a problem which has witnessed only small steps towards a solution.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Minor revision. CIFRIS23
- Keywords
- Post-quantum CryptographyIsogeny-based CryptographyDigital Signature
- Contact author(s)
-
wissam ghantous @ maths ox ac uk
federico pintore @ uniba it
mattia veroni @ ntnu no - History
- 2023-08-17: last of 2 revisions
- 2023-03-24: received
- See all versions
- Short URL
- https://ia.cr/2023/433
- License
-
CC0
BibTeX
@misc{cryptoeprint:2023/433, author = {Wissam Ghantous and Federico Pintore and Mattia Veroni}, title = {Efficiency of {SIDH}-based signatures (yes, {SIDH})}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/433}, year = {2023}, url = {https://eprint.iacr.org/2023/433} }