Efficient Isogeny Computations on Twisted Edwards Curves

Suhri Kim,Jihoon Kwon,Kisoon Yoon,Young-Ho Park,Seokhie Hong

doi:10.1155/2018/5747642

Suhri Kim, Jihoon Kwon + Show 3 more

Open Access

https://doi.org/10.1155/2018/5747642

Copy DOI

Abstract

The isogeny-based cryptosystem is the most recent category in the field of postquantum cryptography. However, it is widely studied due to short key sizes and compatibility with the current elliptic curve primitives. The main building blocks when implementing the isogeny-based cryptosystem are isogeny computations and point operations. From isogeny construction perspective, since the cryptosystem moves along the isogeny graph, isogeny formula cannot be optimized for specific coefficients of elliptic curves. Therefore, Montgomery curves are used in the literature, due to the efficient point operation on an arbitrary elliptic curve. In this paper, we propose formulas for computing 3 and 4 isogenies on twisted Edwards curves. Additionally, we further optimize our isogeny formulas on Edwards curves and compare the computational cost of Montgomery curves. We also present the implementation results of our isogeny computations and demonstrate that isogenies on Edwards curves are as efficient as those on Montgomery curves.

Highlights

The security of public key cryptosystems is mostly based on a number of theoretic problems such as the hardness of factoring large numbers or solving discrete logarithms over the finite field
Postquantum cryptography (PQC) is alternative cryptographic primitives that are safe against the quantum adversary
(i) We propose the optimized 3- and 4-isogeny formulas on twisted Edwards curves to be applied in the isogeny-based cryptography

Summary

Introduction

The security of public key cryptosystems is mostly based on a number of theoretic problems such as the hardness of factoring large numbers or solving discrete logarithms over the finite field. Due to Shor’s algorithm, these problems can be solved in polynomial time by the quantum adversary, threatening the security of current public key cryptosystems [1]. Demands for quantum-secure cryptographic primitives are inevitable. Postquantum cryptography (PQC) is alternative cryptographic primitives that are safe against the quantum adversary. The main categories of PQC are multivariate-based cryptography, codebased cryptography, lattice-based cryptography, hash-based digital signature, and isogeny-based cryptography. Isogeny-based cryptography is the most recent field in PQC, it is considered as one of the prominent candidates due to its short key sizes and the reason that it can be implemented over currently used elliptic curve primitives

Objectives

Results

Conclusion