Invited by: Prof. Peter Y. A. Ryan
CSIDH, or ‘commutative supersingular isogeny Diffie-Hellman’ is a new isogeny-based protocol of Castryck, Lange, Martindale, Panny, and Renes. The Diffie-Hellman style scheme resulting from the group action allows for public key validation at very little cost, runs reasonably fast in practice, and has public keys of only 64 bytes at a conjectured AES-128 security level, matching NIST’s post-quantum security category I. For comparison, the SIDH (and SIKE) isogeny-based cryptosystems are faster than CSIDH, but they do not support non-interactive key exchange, and their public keys and ciphertexts are 6 times larger than in CSIDH. We will describe the CSIDH protocol, give an overview of the security analysis, and outline some potential applications.
Chloe Martindale is a number theorist and cryptographer currently working as a Postdoc at the Technical University of Eindhoven in the group of Prof. dr. Tanja Lange. Her current research focusses (but are not limited to) on pairings on elliptic curves and genus 2 curves, isogeny-based post-quantum crypto, and the discrete logarithm for (hyperelliptic) genus 3 curves.
The SRM seminars are the joint seminars of the Security and Trust of Software Systems and Applied Security and Information Assurance research groups, supported by the Laboratory of Algorithmics, Cryptology and Security and the Interdisciplinary Centre for Security, Reliability and Trust.