Paper 2024/878

Radical Vélu Isogeny Formulae

Thomas Decru, Université Libre de Bruxelles
Abstract

We provide explicit radical $N$-isogeny formulae for all odd integers $N$. The formulae are compact closed-form expressions which require one $N$th root computation and $\mathcal{O}(N)$ basic field operations. The formulae are highly efficient to compute a long chain of $N$-isogenies, and have the potential to be extremely beneficial for speeding up certain cryptographic protocols such as CSIDH. Unfortunately, the formulae are conjectured, but we provide ample supporting evidence which strongly suggests their correctness. For CSIDH-512, we notice an additional 35% speed-up when using radical isogenies up to $N=199$, compared to the work by Castryck, Decru, Houben and Vercauteren, which uses radical isogenies up to $N=19$ only. The addition of our radical isogenies also speeds up the computation of larger class group actions in a comparable fashion.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published by the IACR in CRYPTO 2024
Keywords
Post-quantum cryptographyisogeny-based cryptographyradical isogeniesCSIDH
Contact author(s)
thomas decru @ ulb be
History
2024-06-05: approved
2024-06-02: received
See all versions
Short URL
https://ia.cr/2024/878
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/878,
      author = {Thomas Decru},
      title = {Radical Vélu Isogeny Formulae},
      howpublished = {Cryptology ePrint Archive, Paper 2024/878},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/878}},
      url = {https://eprint.iacr.org/2024/878}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.