A note on the security of CSIDH

June 10, 2018 Β· Declared Dead Β· πŸ› International Conference on Cryptology in India

πŸ‘» CAUSE OF DEATH: Ghosted
No code link whatsoever

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Jean-François Biasse, Annamaria Iezzi, Michael J. Jacobson arXiv ID 1806.03656 Category cs.CR: Cryptography & Security Citations 26 Venue International Conference on Cryptology in India Last Checked 3 months ago
Abstract
We propose an algorithm for computing an isogeny between two elliptic curves $E_1,E_2$ defined over a finite field such that there is an imaginary quadratic order $\mathcal{O}$ satisfying $\mathcal{O}\simeq \operatorname{End}(E_i)$ for $i = 1,2$. This concerns ordinary curves and supersingular curves defined over $\mathbb{F}_p$ (the latter used in the recent CSIDH proposal). Our algorithm has heuristic asymptotic run time $e^{O\left(\sqrt{\log(|Ξ”|)}\right)}$ and requires polynomial quantum memory and $e^{O\left(\sqrt{\log(|Ξ”|)}\right)}$ classical memory, where $Ξ”$ is the discriminant of $\mathcal{O}$. This asymptotic complexity outperforms all other available method for computing isogenies. We also show that a variant of our method has asymptotic run time $e^{\tilde{O}\left(\sqrt{\log(|Ξ”|)}\right)}$ while requesting only polynomial memory (both quantum and classical).
Community shame:
Not yet rated
πŸ“„ View on arXiv 🌐 View on ar5iv πŸ“‘ PDF πŸŽ‰ Report Code Found
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

πŸ“œ Similar Papers

In the same crypt β€” Cryptography & Security

Died the same way β€” πŸ‘» Ghosted