On Adaptive Attacks against Jao-Urbanik's Isogeny-Based Protocol

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Colleges, School and Institutes

External organisations

  • Royal Holloway University of London


The k-SIDH protocol is a static-static isogeny-based key agreement protocol. At Mathcrypt 2018, Jao and Urbanik introduced a variant of this protocol which uses non-scalar automorphisms of special elliptic curves to improve its efficiency.
In this paper, we provide a new adaptive attack on Jao-Urbanik's protocol. The attack is a non-trivial adaptation of Galbraith-Petit-Shani-Ti's attack on SIDH (Asiacrypt 2016) and its extension to k-SIDH by Dobson-Galbraith-LeGrow-Ti-Zobernig (IACR eprint 2019).
Our attack provides a speedup compared to a naive application of Dobson et al's attack to Jao-Urbanik's scheme, exploiting its inherent structure. Estimating the security of k-SIDH and Jao-Urbanik's variant with respect to these attacks, k-SIDH provides better efficiency.

Bibliographic note

Book due to be published 2 September 2020


Original languageEnglish
Title of host publicationProgress in Cryptology - AFRICACRYPT 2020
Subtitle of host publication12th International Conference on Cryptology in Africa, Cairo, Egypt, July 20 – 22, 2020, Proceedings
EditorsAbderrahmane Nitaj, Amr Youssef
Publication statusAccepted/In press - 15 Apr 2020
Event12th International Conference on Cryptology in Africa (Africacrypt2020) -
Duration: 20 Jul 202022 Jul 2020

Publication series

NameLecture Notes in Computer Science - Security and Cryptology
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference12th International Conference on Cryptology in Africa (Africacrypt2020)


  • Elliptic curves, Isogenies, k-SIDH, Adaptive attack