【 摘 要 】

Supersingular isogeny Diffie-Hellman (SIDH) is an attractive candidate for post-quantum key exchange, in large part due to its relatively small public key sizes. In this work we develop methods to reduce the size of public keys in isogeny-based cryptosystems by more than a factor of two, with performance cost comparable to that of a round of standalone SIDH key exchange, using a combination of techniques from the theory of elliptic curve descent, faster bilinear pairings, and windowed Pohlig-Hellman for discrete logarithms. Our results provide SIDH public keys of 330 bytes for the 128-bit quantum security level, far smaller than any other available alternative, and further strengthen the case for SIDH as a promising post-quantum primitive. Joint work with Craig Costello, Patrick Longa, Micahel Naehrig, JoostRenes, and David Urbanik

【 授权许可】

CC BY-NC-ND   
Except where explicitly noted elsewhere, the works on this site are licensed under a Creative Commons License: CC BY-NC-ND

附件列表

Files	Size	Format	View
RO201805250000332SX.mp4	KB	MovingImage	download