Paper 2024/531

Avoiding Trusted Setup in Isogeny-based Commitments

Gustave Tchoffo Saah, Université de Yaoundé 1
Tako Boris Fouotsa, École Polytechnique Fédérale de Lausanne
Emmanuel Fouotsa, University of Bamenda
Célestin Nkuimi-Jugnia, Université de Yaoundé 1

In 2021, Sterner proposed a commitment scheme based on supersingular isogenies. For this scheme to be binding, one relies on a trusted party to generate a starting supersingular elliptic curve of unknown endomorphism ring. In fact, the knowledge of the endomorphism ring allows one to compute an endomorphism of degree a power of a given small prime. Such an endomorphism can then be split into two to obtain two different messages with the same commitment. This is the reason why one needs a curve of unknown endomorphism ring, and the only known way to generate such supersingular curves is to rely on a trusted party or on some expensive multiparty computation. We observe that if the degree of the endomorphism in play is well chosen, then the knowledge of the endomorphism ring is not sufficient to efficiently compute such an endomorphism and in some particular cases, one can even prove that endomorphism of a certain degree do not exist. Leveraging these observations, we adapt Sterner's commitment scheme in such a way that the endomorphism ring of the starting curve can be known and public. This allows us to obtain isogeny-based commitment schemes which can be instantiated without trusted setup requirements.

Available format(s)
Cryptographic protocols
Publication info
Supersingular isogeniesPost-Quantum CryptographyIsogeny-Based Cryptographycommitment schemes.
Contact author(s)
gustavesaah @ gmail com
tako fouotsa @ epfl ch
emmanuelfouotsa @ yahoo fr
nkuimi @ yahoo co uk
2024-04-06: revised
2024-04-05: received
See all versions
Short URL
Creative Commons Attribution


      author = {Gustave Tchoffo Saah and Tako Boris Fouotsa and Emmanuel Fouotsa and Célestin Nkuimi-Jugnia},
      title = {Avoiding Trusted Setup in Isogeny-based Commitments},
      howpublished = {Cryptology ePrint Archive, Paper 2024/531},
      year = {2024},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.