Abstract
CSIDH is an isogeny-based key exchange protocol proposed by Castryck, Lange, Martindale, Panny, and Renes in 2018. CSIDH is based on the ideal class group action on 𝔽p-isomorphism classes of Montgomery curves. In order to calculate the class group action, we need to take points defined over 𝔽p2. The original CSIDH algorithm requires a calculation over 𝔽p by representing points as x-coordinate over Montgomery curves. Meyer and Reith proposed a faster CSIDH algorithm in 2018 which calculates isogenies on Edwards curves by using a birational map between a Montgomery curve and an Edwards curve. There is a special coordinate on Edwards curves (the w-coordinate) to calculate group operations and isogenies. If we try to calculate the class group action on Edwards curves by using the w-coordinate in a similar way on Montgomery curves, we have to consider points defined over 𝔽p4. Therefore, it is not a trivial task to calculate the class group action on Edwards curves with w-coordinates over only 𝔽p.
In this paper, we prove a number of theorems on the properties of Edwards curves. By using these theorems, we extend the CSIDH algorithm to that on Edwards curves with w-coordinates over 𝔽p. This algorithm is as fast as (or a little bit faster than) the algorithm proposed by Meyer and Reith.
In this paper, we prove a number of theorems on the properties of Edwards curves. By using these theorems, we extend the CSIDH algorithm to that on Edwards curves with w-coordinates over 𝔽p. This algorithm is as fast as (or a little bit faster than) the algorithm proposed by Meyer and Reith.
Original language | English |
---|---|
Title of host publication | Topics in Cryptology – CT-RSA 2020 |
Subtitle of host publication | The Cryptographers’ Track at the RSA Conference 2020, San Francisco, CA, USA, February 24–28, 2020, Proceedings |
Editors | Stanislaw Jarecki |
Publisher | Springer |
Pages | 512–537 |
Number of pages | 26 |
Edition | 1 |
ISBN (Electronic) | 9783030401863 |
ISBN (Print) | 9783030401856 |
DOIs | |
Publication status | Published - 30 Jan 2020 |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer |
Volume | 12006 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Keywords
- Isogeny-based cryptography
- Montgomery curves
- Edwards curves
- CSIDH
- Post-quantum cryptography