Paper 2023/433

Efficiency of SIDH-based signatures (yes, SIDH)

Wissam Ghantous, University of Oxford
Federico Pintore, University of Bari
Mattia Veroni, Norwegian University of Science and Technology
Abstract

In this note we assess the efficiency of a SIDH-based digital signature built on a weakened variant of a recent identification protocol proposed by Basso et al. Despite the devastating attacks against (the mathematical problem underlying) SIDH, this identification protocol remains secure, as its security is backed by a different (and more standard) isogeny-finding problem. We conduct our analysis by applying some known cryptographic techniques to decrease the signature size by about $70\%$ for all parameter sets (obtaining signatures of approximately 21 KB for SIKEp434). Moreover, we propose a minor optimisation to compute many isogenies in parallel from the same starting curve. Our assessment confirms that the problem of designing a practical isogeny-based signature scheme remains largely open. However, concretely determine the current state of the art which future optimisations can compare to appears to be of relevance for a problem which has witnessed only small steps towards a solution.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. CIFRIS23
Keywords
Post-quantum CryptographyIsogeny-based CryptographyDigital Signature
Contact author(s)
wissam ghantous @ maths ox ac uk
federico pintore @ uniba it
mattia veroni @ ntnu no
History
2023-08-17: last of 2 revisions
2023-03-24: received
See all versions
Short URL
https://ia.cr/2023/433
License
No rights reserved
CC0

BibTeX

@misc{cryptoeprint:2023/433,
      author = {Wissam Ghantous and Federico Pintore and Mattia Veroni},
      title = {Efficiency of {SIDH}-based signatures (yes, {SIDH})},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/433},
      year = {2023},
      url = {https://eprint.iacr.org/2023/433}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.