In this note, we assess the efficiency of a supersingular isogeny Diffie-Hellman (SIDH)-based digital signature built on a weaker variant of a recent identification protocol proposed by Basso et al. Despite the devastating attacks against (the mathematical problem underlying) SIDH, this identification protocol remains secure, as its security is backed by a different (and more standard) isogeny-finding problem. We conduct our analysis by applying some known cryptographic techniques to decrease the signature size by about 70% for all parameter sets (obtaining signatures of approximately 21 kB for SIKE p 434 {\mathsf{SIKE}}{\mathsf{p}}434 ). Moreover, we propose a minor optimisation to compute many isogenies in parallel from the same starting curve. Our assessment confirms that determining the most efficient methods for isogeny-based signature schemes, including optimisations such as those presented in this paper, is still an open problem, with much more work to be done.

Efficiency of SIDH-based signatures (yes, SIDH) / Ghantous, Wissam; Pintore, Federico; Veroni, Mattia. - In: JOURNAL OF MATHEMATICAL CRYPTOLOGY. - ISSN 1862-2984. - 18:1(2024), pp. 1-22. [10.1515/jmc-2023-0023]

Efficiency of SIDH-based signatures (yes, SIDH)

Pintore, Federico;
2024-01-01

Abstract

In this note, we assess the efficiency of a supersingular isogeny Diffie-Hellman (SIDH)-based digital signature built on a weaker variant of a recent identification protocol proposed by Basso et al. Despite the devastating attacks against (the mathematical problem underlying) SIDH, this identification protocol remains secure, as its security is backed by a different (and more standard) isogeny-finding problem. We conduct our analysis by applying some known cryptographic techniques to decrease the signature size by about 70% for all parameter sets (obtaining signatures of approximately 21 kB for SIKE p 434 {\mathsf{SIKE}}{\mathsf{p}}434 ). Moreover, we propose a minor optimisation to compute many isogenies in parallel from the same starting curve. Our assessment confirms that determining the most efficient methods for isogeny-based signature schemes, including optimisations such as those presented in this paper, is still an open problem, with much more work to be done.
2024
1
Ghantous, Wissam; Pintore, Federico; Veroni, Mattia
Efficiency of SIDH-based signatures (yes, SIDH) / Ghantous, Wissam; Pintore, Federico; Veroni, Mattia. - In: JOURNAL OF MATHEMATICAL CRYPTOLOGY. - ISSN 1862-2984. - 18:1(2024), pp. 1-22. [10.1515/jmc-2023-0023]
File in questo prodotto:
File Dimensione Formato  
Efficiency of SIDH-based signatures (yes, SIDH).pdf

accesso aperto

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Creative commons
Dimensione 4.64 MB
Formato Adobe PDF
4.64 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/414430
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? 0
social impact