Paper 2024/1150
Finding Practical Parameters for Isogeny-based Cryptography
Abstract
Isogeny-based schemes often come with special requirements on the field of definition of the involved elliptic curves. For instance, the efficiency of SQIsign, a promising candidate in the NIST signature standardisation process, requires a large power of two and a large smooth integer $T$ to divide $p^2-1$ for its prime parameter $p$. We present two new methods that combine previous techniques for finding suitable primes: sieve-and-boost and XGCD-and-boost. We use these methods to find primes for the NIST submission of SQIsign. Furthermore, we show that our methods are flexible and can be adapted to find suitable parameters for other isogeny-based schemes such as AprèsSQI or POKE. For all three schemes, the parameters we present offer the best performance among all parameters proposed in the literature.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- Post-quantum cryptographyisogeniesparameter searchSQIsignAprèsSQIPOKE
- Contact author(s)
-
maria santos 20 @ ucl ac uk
jonathan k eriksen @ ntnu no
michael @ random-oracles org
francisco rodriguez @ tii ae - History
- 2024-07-19: approved
- 2024-07-15: received
- See all versions
- Short URL
- https://ia.cr/2024/1150
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/1150, author = {Maria Corte-Real Santos and Jonathan Komada Eriksen and Michael Meyer and Francisco Rodríguez-Henríquez}, title = {Finding Practical Parameters for Isogeny-based Cryptography}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/1150}, year = {2024}, url = {https://eprint.iacr.org/2024/1150} }