An efficient key recovery attack on SIDH
W Castryck, T Decru - Annual International Conference on the Theory and …, 2023 - Springer
We present an efficient key recovery attack on the Supersingular Isogeny Diffie–Hellman
protocol (SIDH). The attack is based on Kani's “reducibility criterion” for isogenies from …
protocol (SIDH). The attack is based on Kani's “reducibility criterion” for isogenies from …
SQISign: compact post-quantum signatures from quaternions and isogenies
We introduce a new signature scheme, SQISign,(for Short Quaternion and Isogeny
Signature) from isogeny graphs of supersingular elliptic curves. The signature scheme is …
Signature) from isogeny graphs of supersingular elliptic curves. The signature scheme is …
[PDF][PDF] Status report on the third round of the NIST post-quantum cryptography standardization process
G Alagic, G Alagic, D Apon, D Cooper, Q Dang, T Dang… - 2022 - tsapps.nist.gov
Abstract The National Institute of Standards and Technology is in the process of selecting
publickey cryptographic algorithms through a public, competition-like process. The new …
publickey cryptographic algorithms through a public, competition-like process. The new …
SQISignHD: new dimensions in cryptography
We introduce SQIsignHD, a new post-quantum digital signature scheme inspired by
SQIsign. SQIsignHD exploits the recent algorithmic breakthrough underlying the attack on …
SQIsign. SQIsignHD exploits the recent algorithmic breakthrough underlying the attack on …
SCALLOP: scaling the CSI-FiSh
We present SCALLOP: SCALable isogeny action based on Oriented supersingular curves
with Prime conductor, a new group action based on isogenies of supersingular curves …
with Prime conductor, a new group action based on isogenies of supersingular curves …
Supersingular curves you can trust
Generating a supersingular elliptic curve such that nobody knows its endomorphism ring is a
notoriously hard task, despite several isogeny-based protocols relying on such an object. A …
notoriously hard task, despite several isogeny-based protocols relying on such an object. A …
Verifiable delay functions from supersingular isogenies and pairings
We present two new Verifiable Delay Functions (VDF) based on assumptions from elliptic
curve cryptography. We discuss both the advantages and drawbacks of our constructions …
curve cryptography. We discuss both the advantages and drawbacks of our constructions …
The supersingular isogeny path and endomorphism ring problems are equivalent
B Wesolowski - 2021 IEEE 62nd Annual Symposium on …, 2022 - ieeexplore.ieee.org
We prove that the path-finding problem in isogeny graphs and the endomorphism ring
problem for supersingular elliptic curves are equivalent under reductions of polynomial …
problem for supersingular elliptic curves are equivalent under reductions of polynomial …
Mathematics of isogeny based cryptography
L De Feo - arXiv preprint arXiv:1711.04062, 2017 - arxiv.org
These lectures notes were written for a summer school on Mathematics for post-quantum
cryptography in Thi\es, Senegal. They try to provide a guide for Masters' students to get …
cryptography in Thi\es, Senegal. They try to provide a guide for Masters' students to get …
Orientations and the supersingular endomorphism ring problem
B Wesolowski - Annual International Conference on the Theory and …, 2022 - Springer
We study two important families of problems in isogeny-based cryptography and how they
relate to each other: computing the endomorphism ring of supersingular elliptic curves, and …
relate to each other: computing the endomorphism ring of supersingular elliptic curves, and …