Description
CSIDH, or `commutative supersingular isogeny Diffie-Hellman' is a new isogeny-based protocol of Castryck, Lange, Martindale, Panny, and Renes.<br/> The Diffie-Hellman style scheme resulting from the group action allows for public key validation at very little cost, runs reasonably fast in practice, and has public keys of only 64 bytes at a conjectured AES-128 security level, matching NIST’s post-quantum security category I. For comparison, the SIDH (and SIKE) isogeny-based cryptosystems are somewhat faster than CSIDH, but they do not support non-interactive key exchange, and their public keys and ciphertexts are 6 times larger than in CSIDH. We will describe the CSIDH protocol, give an overview of the security analysis, and outline some potential applications.<br/> lien: http://desktop.visio.renater.fr/scopia?ID=728469***7471&autojoin
Next sessions
-
Oblivious Transfer from Zero-Knowledge Proofs (or how to achieve round-optimal quantum Oblivious Transfer without structure)
Speaker : Léo Colisson - Université Grenoble Alpes
We provide a generic construction to turn any classical Zero-Knowledge (ZK) protocol into a composable oblivious transfer (OT) protocol (the protocol itself involving quantum interactions), mostly lifting the round-complexity properties and security guarantees (plain-model/statistical security/unstructured functions…) of the ZK protocol to the resulting OT protocol. Such a construction is unlikely[…]-
Cryptography
-