2 results sorted by ID
Possible spell-corrected query: csi
Improved Classical Cryptanalysis of SIKE in Practice
Craig Costello, Patrick Longa, Michael Naehrig, Joost Renes, Fernando Virdia
Public-key cryptography
The main contribution of this work is an optimized implementation of the vanOorschot-Wiener (vOW) parallel collision finding algorithm. As is typical for cryptanalysis against conjectured hard problems (e. g. factoring or discrete logarithms), challenges can arise in the implementation that are not captured in the theory, making the performance of the algorithm in practice a crucial element of estimating security. We present a number of novel improvements, both to generic...
On the cost of computing isogenies between supersingular elliptic curves
Gora Adj, Daniel Cervantes-Vázquez, Jesús-Javier Chi-Domínguez, Alfred Menezes, Francisco Rodríguez-Henríquez
Public-key cryptography
The security of the Jao-De Feo Supersingular Isogeny Diffie-Hellman
(SIDH) key agreement scheme is based on the intractability of the
Computational Supersingular Isogeny (CSSI) problem --- computing
${\mathbb F}_{p^2}$-rational isogenies of degrees $2^e$ and $3^e$
between certain supersingular elliptic curves defined over
${\mathbb F}_{p^2}$. The classical meet-in-the-middle attack on CSSI
has an expected running time of $O(p^{1/4})$, but also has $O(p^{1/4})$
storage requirements. In this...
The main contribution of this work is an optimized implementation of the vanOorschot-Wiener (vOW) parallel collision finding algorithm. As is typical for cryptanalysis against conjectured hard problems (e. g. factoring or discrete logarithms), challenges can arise in the implementation that are not captured in the theory, making the performance of the algorithm in practice a crucial element of estimating security. We present a number of novel improvements, both to generic...
The security of the Jao-De Feo Supersingular Isogeny Diffie-Hellman (SIDH) key agreement scheme is based on the intractability of the Computational Supersingular Isogeny (CSSI) problem --- computing ${\mathbb F}_{p^2}$-rational isogenies of degrees $2^e$ and $3^e$ between certain supersingular elliptic curves defined over ${\mathbb F}_{p^2}$. The classical meet-in-the-middle attack on CSSI has an expected running time of $O(p^{1/4})$, but also has $O(p^{1/4})$ storage requirements. In this...