CTIDH: faster constant-time CSIDH

CTIDH: faster constant-time CSIDH

This paper introduces a new key space for CSIDH and a new algorithm for constant-time evaluation of the CSIDH group action. The key space is not useful with previous algorithms, and the algorithm is not useful with previous key spaces, but combining the new key space with the new algorithm produces...

Full description

Bibliographic Details
Main Authors: Gustavo Banegas, Daniel J. Bernstein, Fabio Campos, Tung Chou, Tanja Lange, Michael Meyer, Benjamin Smith, Jana Sotáková
Format: Article
Language:English
Published: Ruhr-Universität Bochum 2021-08-01
Series:Transactions on Cryptographic Hardware and Embedded Systems
Subjects:
post-quantum cryptography
non-interactive key exchange
small keys
isogeny-based cryptography
CSIDH
constant-time algorithms
Online Access:https://tches.iacr.org/index.php/TCHES/article/view/9069
id doaj-e64bf29d633f4bc3891c614e8ebe41cf
record_format Article
spelling doaj-e64bf29d633f4bc3891c614e8ebe41cf2021-08-11T14:18:45ZengRuhr-Universität BochumTransactions on Cryptographic Hardware and Embedded Systems2569-29252021-08-012021410.46586/tches.v2021.i4.351-387CTIDH: faster constant-time CSIDHGustavo Banegas0Daniel J. Bernstein1Fabio Campos2Tung Chou3Tanja Lange4Michael Meyer5Benjamin Smith6Jana Sotáková7Inria and Laboratoire d’Informatique de l’Ecole polytechnique, Institut Polytechnique de Paris, Palaiseau, FranceDepartment of Computer Science, University of Illinois at Chicago, USA; Horst Görtz Institute for IT Security, Ruhr University Bochum, GermanyMax Planck Institute for Security and Privacy, Bochum, GermanyAcademia Sinica, Taipei, TaiwanEindhoven University of Technology, Eindhoven, The NetherlandsTechnical University of Darmstadt, Darmstadt, GermanyInria and Laboratoire d’Informatique de l’Ecole polytechnique, Institut Polytechnique de Paris, Palaiseau, FranceInstitute for Logic, Language and Computation, University of Amsterdam, The Netherlands; QuSoft This paper introduces a new key space for CSIDH and a new algorithm for constant-time evaluation of the CSIDH group action. The key space is not useful with previous algorithms, and the algorithm is not useful with previous key spaces, but combining the new key space with the new algorithm produces speed records for constant-time CSIDH. For example, for CSIDH-512 with a 256-bit key space, the best previous constant-time results used 789000 multiplications and more than 200 million Skylake cycles; this paper uses 438006 multiplications and 125.53 million cycles. https://tches.iacr.org/index.php/TCHES/article/view/9069post-quantum cryptographynon-interactive key exchangesmall keysisogeny-based cryptographyCSIDHconstant-time algorithms
collection DOAJ
language English
format Article
sources DOAJ
author Gustavo Banegas
Daniel J. Bernstein
Fabio Campos
Tung Chou
Tanja Lange
Michael Meyer
Benjamin Smith
Jana Sotáková
spellingShingle Gustavo Banegas
Daniel J. Bernstein
Fabio Campos
Tung Chou
Tanja Lange
Michael Meyer
Benjamin Smith
Jana Sotáková
CTIDH: faster constant-time CSIDH
Transactions on Cryptographic Hardware and Embedded Systems
post-quantum cryptography
non-interactive key exchange
small keys
isogeny-based cryptography
CSIDH
constant-time algorithms
author_facet Gustavo Banegas
Daniel J. Bernstein
Fabio Campos
Tung Chou
Tanja Lange
Michael Meyer
Benjamin Smith
Jana Sotáková
author_sort Gustavo Banegas
title CTIDH: faster constant-time CSIDH
title_short CTIDH: faster constant-time CSIDH
title_full CTIDH: faster constant-time CSIDH
title_fullStr CTIDH: faster constant-time CSIDH
title_full_unstemmed CTIDH: faster constant-time CSIDH
title_sort ctidh: faster constant-time csidh
publisher Ruhr-Universität Bochum
series Transactions on Cryptographic Hardware and Embedded Systems
issn 2569-2925
publishDate 2021-08-01
description This paper introduces a new key space for CSIDH and a new algorithm for constant-time evaluation of the CSIDH group action. The key space is not useful with previous algorithms, and the algorithm is not useful with previous key spaces, but combining the new key space with the new algorithm produces speed records for constant-time CSIDH. For example, for CSIDH-512 with a 256-bit key space, the best previous constant-time results used 789000 multiplications and more than 200 million Skylake cycles; this paper uses 438006 multiplications and 125.53 million cycles.
topic post-quantum cryptography
non-interactive key exchange
small keys
isogeny-based cryptography
CSIDH
constant-time algorithms
url https://tches.iacr.org/index.php/TCHES/article/view/9069
work_keys_str_mv AT gustavobanegas ctidhfasterconstanttimecsidh
AT danieljbernstein ctidhfasterconstanttimecsidh
AT fabiocampos ctidhfasterconstanttimecsidh
AT tungchou ctidhfasterconstanttimecsidh
AT tanjalange ctidhfasterconstanttimecsidh
AT michaelmeyer ctidhfasterconstanttimecsidh
AT benjaminsmith ctidhfasterconstanttimecsidh
AT janasotakova ctidhfasterconstanttimecsidh
_version_ 1721211110265192448

Similar Items