Paper 2024/1150

Finding Practical Parameters for Isogeny-based Cryptography

Maria Corte-Real Santos, University College London
Jonathan Komada Eriksen, Norwegian University of Science and Technology
Michael Meyer, University of Regensburg
Francisco Rodríguez-Henríquez, Cryptography Research Center, Technology Innovation Institute
Abstract

Isogeny-based schemes often come with special requirements on the field of definition of the involved elliptic curves. For instance, the efficiency of SQIsign, a promising candidate in the NIST signature standardisation process, requires a large power of two and a large smooth integer $T$ to divide $p^2-1$ for its prime parameter $p$. We present two new methods that combine previous techniques for finding suitable primes: sieve-and-boost and XGCD-and-boost. We use these methods to find primes for the NIST submission of SQIsign. Furthermore, we show that our methods are flexible and can be adapted to find suitable parameters for other isogeny-based schemes such as AprèsSQI or POKE. For all three schemes, the parameters we present offer the best performance among all parameters proposed in the literature.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
Post-quantum cryptographyisogeniesparameter searchSQIsignAprèsSQIPOKE
Contact author(s)
maria santos 20 @ ucl ac uk
jonathan k eriksen @ ntnu no
michael @ random-oracles org
francisco rodriguez @ tii ae
History
2024-07-19: approved
2024-07-15: received
See all versions
Short URL
https://ia.cr/2024/1150
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1150,
      author = {Maria Corte-Real Santos and Jonathan Komada Eriksen and Michael Meyer and Francisco Rodríguez-Henríquez},
      title = {Finding Practical Parameters for Isogeny-based Cryptography},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1150},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1150}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.