Practical Isogeny-Based Key-Exchange with Optimal Tightness
Journal article, Peer reviewed
Accepted version
Permanent lenke
https://hdl.handle.net/11250/3017855Utgivelsesdato
2021Metadata
Vis full innførselSamlinger
Originalversjon
Lecture Notes in Computer Science (LNCS). 2021, 12804 451-479. 10.1007/978-3-030-81652-0Sammendrag
We exploit the Diffie-Hellman-like structure of CSIDH to build a quantum-resistant authenticated key-exchange algorithm. Our security proof has optimal tightness, which means that the protocol is efficient even when instantiated with theoretically-sound security parameters. Compared to previous isogeny-based authenticated key-exchange protocols, our scheme is extremely simple, its security relies only on the underlying CSIDH-problem and it has optimal communication complexity for CSIDH-based protocols. Our security proof relies heavily on the re-randomizability of CSIDH-like problems and carries on in the ROM.