[Resource Topic] 2022/870: Supersingular Isogeny Diffie-Hellman with Legendre Form

Welcome to the resource topic for 2022/870

Title:
Supersingular Isogeny Diffie-Hellman with Legendre Form

Authors: Jesse Elliott and Aaron Hutchinson

Abstract:

SIDH is a key exchange algorithm proposed by Jao and De Feo that is conjectured to be post-quantum secure. The majority of work based on an SIDH framework uses elliptic curves in Montgomery form; this includes the original work by Jao, De Feo and Plût and the sate of the art implementation of SIKE. Elliptic curves in twisted Edwards form have also been used due to their efficient elliptic curve arithmetic, and complete Edwards curves have been used for their benefit of providing added security against side channel attacks. As far as we know, elliptic curves in Legendre form have not yet been explored for isogeny-based cryptography. Legendre form has the benefit of a very simple defining equation, and the simplest possible representation of the 2-torsion subgroup. In this work, we develop a new framework for constructing 2^a-isogenies in SIDH using elliptic curves in Legendre form, and in doing so optimize Legendre curve arithmetic and 2-isogeny computations on Legendre curves by avoiding any square root computations. We also describe an open problem which if solved would skip the strategy traversal altogether in SIDH through the Legendre curve framework.

ePrint: https://eprint.iacr.org/2022/870

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .