Abstract
In this paper, we introduce a polynomial-time algorithm to compute a connecting O-ideal between two supersingular elliptic curves over Fp with common Fp-endomorphism ring O, given a description of their full endomorphism rings. This algorithm provides a reduction of the security of the CSIDH cryptosystem to the problem of computing endomorphism rings of supersingular elliptic curves. A similar reduction for SIDH appeared at Asiacrypt 2016, but relies on totally different techniques. Furthermore, we also show that any supersingular elliptic curve constructed using the complex-multiplication method can be located precisely in the supersingular isogeny graph by explicitly deriving a path to a known base curve. This result prohibits the use of such curves as a building block for a hash function into the supersingular isogeny graph.
| Original language | English |
|---|---|
| Title of host publication | Advances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings |
| Editors | Anne Canteaut, Yuval Ishai |
| Publisher | Springer |
| Pages | 523-548 |
| Number of pages | 26 |
| ISBN (Print) | 9783030457235 |
| DOIs | |
| Publication status | Published - 2020 |
| Event | 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2020 - Zagreb, Croatia Duration: 10 May 2020 → 14 May 2020 |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 12106 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2020 |
|---|---|
| Country/Territory | Croatia |
| City | Zagreb |
| Period | 10/05/20 → 14/05/20 |
Bibliographical note
Funding Information:Author list in alphabetical order; see https://www.ams.org/profession/leaders/ culture/CultureStatement04.pdf. This work was supported in part by the Commission of the European Communities through the Horizon 2020 program under project number 643161 (ECRYPT-NET) and by the Research Council KU Leuven grants C14/18/067 and STG/17/019, and by CyberSecurity Research Flanders with reference number VR20192203. The first listed author was affiliated with the Department of Mathematics at KU Leuven during part of the preparation of this paper.
Publisher Copyright:
© International Association for Cryptologic Research 2020.
Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.
Funding
Author list in alphabetical order; see https://www.ams.org/profession/leaders/ culture/CultureStatement04.pdf. This work was supported in part by the Commission of the European Communities through the Horizon 2020 program under project number 643161 (ECRYPT-NET) and by the Research Council KU Leuven grants C14/18/067 and STG/17/019, and by CyberSecurity Research Flanders with reference number VR20192203. The first listed author was affiliated with the Department of Mathematics at KU Leuven during part of the preparation of this paper. Date of this document: 2020-02-20.
Keywords
- CSIDH
- Endomorphism rings
- Isogeny-based cryptography