Supersingular isogeny based cryptography
Event details
| Date | 15.06.2018 |
| Hour | 14:00 › 16:00 |
| Speaker | Novak Kaluderovic |
| Location | |
| Category | Conferences - Seminars |
EDIC candidacy exam
Exam president: Prof. Serge Vaudenay
Thesis advisor: Prof. Arjen Lenstra
Co-examiner: Prof. Ola Svensson
Abstract
With the advancement of quantum computers the currently used cryptographic protocols based on the hardness of factoring or solving the discrete logarithm will become obsolete. For this reason a new family of cryptological primitives that doesnât rely on problems solvable by a quantum computer is needed. Consequently NIST has published a call for proposals for setting new standards on quantum-resistant cryptography. One of the submitted proposals is called SIKE (Supersingular Isogeny Key Encapsulation) and it contains a CPA-secure public key encryption algorithm and a CCA-secure key encapsulation mechanism, where the security is based on the hardness of some problems that so far havenât been successfully attacked by a quantum computer. The underlying mathematical problem is based on computing isogenies between supersingular elliptic curves. The mathematical setting that defines the cryptosystem will be addressed as well as some attacks. Structural weaknesses that donât allow an efficient signature scheme are then discussed, with the introduction of a strong designated verifier signature scheme.
Background papers
Towards Quantum-resistant cryptosystems from supersingular elliptic curve isogenies, by De Feo, L., et al.
On the security of supersingular isogeny cryptosystems, by Galbraith, S.D., et al.
Toward Quantum-resistant Strong Designated Verifier Signature from Isogenies, by Sun X., et al.
Exam president: Prof. Serge Vaudenay
Thesis advisor: Prof. Arjen Lenstra
Co-examiner: Prof. Ola Svensson
Abstract
With the advancement of quantum computers the currently used cryptographic protocols based on the hardness of factoring or solving the discrete logarithm will become obsolete. For this reason a new family of cryptological primitives that doesnât rely on problems solvable by a quantum computer is needed. Consequently NIST has published a call for proposals for setting new standards on quantum-resistant cryptography. One of the submitted proposals is called SIKE (Supersingular Isogeny Key Encapsulation) and it contains a CPA-secure public key encryption algorithm and a CCA-secure key encapsulation mechanism, where the security is based on the hardness of some problems that so far havenât been successfully attacked by a quantum computer. The underlying mathematical problem is based on computing isogenies between supersingular elliptic curves. The mathematical setting that defines the cryptosystem will be addressed as well as some attacks. Structural weaknesses that donât allow an efficient signature scheme are then discussed, with the introduction of a strong designated verifier signature scheme.
Background papers
Towards Quantum-resistant cryptosystems from supersingular elliptic curve isogenies, by De Feo, L., et al.
On the security of supersingular isogeny cryptosystems, by Galbraith, S.D., et al.
Toward Quantum-resistant Strong Designated Verifier Signature from Isogenies, by Sun X., et al.
Practical information
- General public
- Free
Contact
- EDIC - edic@epfl.ch