Welcome to the resource topic for 2023/1229
Title:
Two Remarks on Torsion-Point Attacks in Isogeny-Based Cryptography
Authors: Francesco Sica
Abstract:We fix an omission in [Petit17] on torsion point attacks of isogeny-based cryptosystems akin to SIDH, also reprised in [dQuehen-etal21]. In these works, their authors represent certain integers using a norm equation to derive a secret isogeny. However, this derivation uses as a crucial ingredient ([Petit17] Section 4.3), which we show to be incorrect. We then state sufficient conditions allowing to prove a modified version this lemma.
A further idea of parametrizing solutions of the norm equation will show that these conditions can be fulfilled under the same heuristics of these previous works. Our contribution is a theoretical one. It doesn’t invalidate the attack, which works as well in practice, but gives a correct mathematical justification for it.
We also simplify the argument of Theorem 3 in [dQuehen-etal21] to show that the requirement that m be small is unnecessary.
ePrint: https://eprint.iacr.org/2023/1229
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .