Description
I will report on some first attempts to do isogeny-based cryptography in genus 2. More precisely, we will use isogeny graphs of superspecial principally polarized abelian surfaces over GF(p^2) for constructing variants of Charles, Goren and Lauter's hash function and of Jao and De Feo's SIDH key exchange protocol, both of which use supersingular elliptic curves over GF(p^2). This will be largely based on joint work with Thomas Decru and Benjamin Smith.<br/> lien: http://desktop.visio.renater.fr/scopia?ID=722850***3761&autojoin
Next sessions
-
Predicting Module-Lattice Reduction
Speaker : Paola de Perthuis - CWI
Is module-lattice reduction better than unstructured lattice reduction? This question was highlighted as `Q8' in the Kyber NIST standardization submission (Avanzi et al., 2021), as potentially affecting the concrete security of Kyber and other module-lattice-based schemes. Foundational works on module-lattice reduction (Lee, Pellet-Mary, Stehlé, and Wallet, ASIACRYPT 2019; Mukherjee and Stephens[…]-
Cryptography
-
-
Attacking the Supersingular Isogeny Problem: From the Delfs–Galbraith algorithm to oriented graphs
Speaker : Arthur Herlédan Le Merdy - COSIC, KU Leuven
The threat of quantum computers motivates the introduction of new hard problems for cryptography.One promising candidate is the Isogeny problem: given two elliptic curves, compute a “nice’’ map between them, called an isogeny.In this talk, we study classical attacks on this problem, specialised to supersingular elliptic curves, on which the security of current isogeny-based cryptography relies. In[…]-
Cryptography
-