Description
The threat of quantum computers motivates the introduction of new hard problems for cryptography.
One promising candidate is the Isogeny problem: given two elliptic curves, compute a “nice’’ map between them, called an isogeny.
In this talk, we study classical attacks on this problem, specialised to supersingular elliptic curves, on which the security of current isogeny-based cryptography relies. In particular, we consider this problem as a path-finding problem in graphs of supersingular elliptic curves connected by isogenies. We first present the Delfs–Galbraith attack and some follow-ups, which leverage the fact that solving the Isogeny problem for curves defined over the base field is easier. We then detail ongoing work where this idea is extended to another family of curves, called oriented curves.
Practical infos
Next sessions
-
Post-Quantum Public-Key Pseudorandom Correlation Functions for OT
Speaker : Mahshid Riahinia - ENS, CNRS
Public-Key Pseudorandom Correlation Functions (PK-PCF) are an exciting recent primitive introduced to enable fast secure computation. Despite significant advances in the group-based setting, success in the post-quantum regime has been much more limited. In this talk, I will introduce an efficient lattice-based PK-PCF for the string OT correlation. At the heart of our result lie several technical[…] -
Predicting Module-Lattice Reduction
Speaker : Paola de Perthuis - CWI
Is module-lattice reduction better than unstructured lattice reduction? This question was highlighted as `Q8' in the Kyber NIST standardization submission (Avanzi et al., 2021), as potentially affecting the concrete security of Kyber and other module-lattice-based schemes. Foundational works on module-lattice reduction (Lee, Pellet-Mary, Stehlé, and Wallet, ASIACRYPT 2019; Mukherjee and Stephens[…]-
Cryptography
-