Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Optimized Method for Computing Odd-Degree Isogenies on Edwards Curves

  • Conference paper
  • First Online:
Advances in Cryptology – ASIACRYPT 2019 (ASIACRYPT 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11922))

Abstract

In this paper, we present an efficient method to compute arbitrary odd-degree isogenies on Edwards curves. By using the w-coordinate, we optimized the isogeny formula on Edwards curves by Moody and Shumow. We demonstrate that Edwards curves have an additional benefit when recovering the coefficient of the image curve during isogeny computation. For \(\ell \)-degree isogeny where \(\ell =2s+1\), our isogeny formula on Edwards curves outperforms Montgomery curves when \(s \ge 2\). To better represent the performance improvements when w-coordinate is used, we implement CSIDH using our isogeny formula. Our implementation is about 20% faster than the previous implementation. The result of our work opens the door for the usage of Edwards curves in isogeny-based cryptography, especially for CSIDH which requires higher degree isogenies.

This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. NRF-2017R1A2B4011599).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Azarderakhsh, R., Bakos Lang, E., Jao, D., Koziel, B.: EdSIDH: supersingular isogeny Diffie-Hellman key exchange on Edwards curves. In: Chattopadhyay, A., Rebeiro, C., Yarom, Y. (eds.) SPACE 2018. LNCS, vol. 11348, pp. 125–141. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-05072-6_8

    Chapter  Google Scholar 

  2. Azarderakhsh, R., et al.: Supersingular isogeny key encapsulation. Submission to the NIST Post-Quantum Standardization Project (2017)

    Google Scholar 

  3. Bernstein, D.J., Birkner, P., Joye, M., Lange, T., Peters, C.: Twisted Edwards curves. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 389–405. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68164-9_26

    Chapter  Google Scholar 

  4. Bernstein, D.J., Lange, T.: Inverted Edwards coordinates. In: Boztaş, S., Lu, H.-F.F. (eds.) AAECC 2007. LNCS, vol. 4851, pp. 20–27. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77224-8_4

    Chapter  Google Scholar 

  5. Bos, J.W., Friedberger, S.J.: Arithmetic considerations for isogeny-based cryptography. IEEE Trans. Comput. 68(7), 979–990 (2019)

    Article  MathSciNet  Google Scholar 

  6. Bröker, R.: Constructing supersingular elliptic curves. J. Comb. Number Theory 1(3), 269–273 (2009)

    MathSciNet  MATH  Google Scholar 

  7. Mendel, F., Nad, T., Schläffer, M.: Finding SHA-2 characteristics: searching through a minefield of contradictions. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 288–307. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0_16

    Chapter  Google Scholar 

  8. Childs, A., Jao, D., Soukharev, V.: Constructing elliptic curve isogenies in quantum subexponential time. J. Math. Cryptol. 8(1), 1–29 (2014)

    Article  MathSciNet  Google Scholar 

  9. Costello, C., Hisil, H.: A simple and compact algorithm for SIDH with arbitrary degree isogenies. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 303–329. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_11

    Chapter  Google Scholar 

  10. Costello, C., Longa, P., Naehrig, M.: SIDH library (2016–2018). https://github.com/Microsoft/PQCrypto-SIDH

  11. Costello, C., Longa, P., Naehrig, M.: Efficient algorithms for supersingular isogeny Diffie-Hellman. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 572–601. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_21

    Chapter  Google Scholar 

  12. Couveignes, J.M.: Hard homogeneous spaces (2006). https://eprint.iacr.org/2006/291

  13. De Feo, L., Kieffer, J., Smith, B.: Towards practical key exchange from ordinary isogeny graphs. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11274, pp. 365–394. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03332-3_14

    Chapter  Google Scholar 

  14. Farashahi, R.R., Hosseini, S.G.: Differential addition on twisted Edwards curves. In: Pieprzyk, J., Suriadi, S. (eds.) ACISP 2017. LNCS, vol. 10343, pp. 366–378. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59870-3_21

    Chapter  Google Scholar 

  15. Hisil, H., Wong, K.K.-H., Carter, G., Dawson, E.: Twisted Edwards curves revisited. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 326–343. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89255-7_20

    Chapter  Google Scholar 

  16. Jao, D., De Feo, L.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 19–34. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25405-5_2

    Chapter  MATH  Google Scholar 

  17. Kim, S., Yoon, K., Kwon, J., Hong, S., Park, Y.H.: Efficient isogeny computations on twisted Edwards curves. Secur. Commun. Netw. 2018, 1–11 (2018)

    Google Scholar 

  18. Kim, S., Yoon, K., Kwon, J., Park, Y.H., Hong, S.: New hybrid method for isogeny-based cryptosystems using Edwards curves. IEEE Trans. Inf. Theory (2019). https://doi.org/10.1109/TIT.2019.2938984

  19. Meyer, M., Reith, S.: A faster way to the CSIDH. In: Chakraborty, D., Iwata, T. (eds.) INDOCRYPT 2018. LNCS, vol. 11356, pp. 137–152. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-05378-9_8

    Chapter  Google Scholar 

  20. Meyer, M., Reith, S., Campos, F.: On hybrid SIDH schemes using Edwards and Montgomery curve arithmetic (2017). https://eprint.iacr.org/2017/1213

  21. Moody, D., Shumow, D.: Analogues of Vélu’s formulas for isogenies on alternate models of elliptic curves. Math. Comput. 85(300), 1929–1951 (2016)

    Article  Google Scholar 

  22. Moriya, T., Onuki, H., Takagi, T.: How to construct CSIDH on Edwards curves. Cryptology ePrint Archive, Report 2019/843 (2019). https://eprint.iacr.org/2019/843

  23. Stolbunov, A.: Constructing public-key cryptographic schemes based on class group action on a set of isogenous elliptic curves. Adv. Math. Commun. 4(2), 215–235 (2010)

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgement

We thank the anonymous reviewers for their useful and constructive comments.

Author information

Authors and Affiliations

  1. Center for Information Security Technologies (CIST), Korea University, Seoul, Republic of Korea

    Suhri Kim & Seokhie Hong

  2. NSHC Inc., Uiwang, Republic of Korea

    Kisoon Yoon

  3. Sejong Cyber University, Seoul, Republic of Korea

    Young-Ho Park

Authors
  1. Suhri Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kisoon Yoon
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Young-Ho Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Seokhie Hong
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Young-Ho Park .

Editor information

Editors and Affiliations

  1. University of Auckland, Auckland, New Zealand

    Steven D. Galbraith

  2. Security Fundamentals Lab, NICT, Tokyo, Japan

    Shiho Moriai

Rights and permissions

Reprints and permissions

Copyright information

© 2019 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kim, S., Yoon, K., Park, YH., Hong, S. (2019). Optimized Method for Computing Odd-Degree Isogenies on Edwards Curves. In: Galbraith, S., Moriai, S. (eds) Advances in Cryptology – ASIACRYPT 2019. ASIACRYPT 2019. Lecture Notes in Computer Science(), vol 11922. Springer, Cham. https://doi.org/10.1007/978-3-030-34621-8_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-34621-8_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-34620-1

  • Online ISBN: 978-3-030-34621-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation