On the supersingular GPST attack
Publikation: Bidrag til tidsskrift › Tidsskriftartikel › Forskning › fagfællebedømt
Standard
On the supersingular GPST attack. / Basso, Andrea; Pazuki, Fabien.
I: Journal of Mathematical Cryptology, Bind 16, Nr. 1, 2022, s. 14-19.Publikation: Bidrag til tidsskrift › Tidsskriftartikel › Forskning › fagfællebedømt
Harvard
APA
Vancouver
Author
Bibtex
}
RIS
TY - JOUR
T1 - On the supersingular GPST attack
AU - Basso, Andrea
AU - Pazuki, Fabien
N1 - Publisher Copyright: © 2022 Andrea Basso and Fabien Pazuki, published by De Gruyter.
PY - 2022
Y1 - 2022
N2 - The main attack against static-key supersingular isogeny Diffie-Hellman (SIDH) is the Galbraith-Petit-Shani-Ti (GPST) attack, which also prevents the application of SIDH to other constructions such as non-interactive key-exchange. In this paper, we identify and study a specific assumption on which the GPST attack relies that does not necessarily hold in all circumstances. We show that in some circumstances the attack fails to recover part of the secret key. We also characterize the conditions necessary for the attack to fail and show that it rarely happens in real cases. We give a link with collisions in the Charles-Goren-Lauter (CGL) hash function.
AB - The main attack against static-key supersingular isogeny Diffie-Hellman (SIDH) is the Galbraith-Petit-Shani-Ti (GPST) attack, which also prevents the application of SIDH to other constructions such as non-interactive key-exchange. In this paper, we identify and study a specific assumption on which the GPST attack relies that does not necessarily hold in all circumstances. We show that in some circumstances the attack fails to recover part of the secret key. We also characterize the conditions necessary for the attack to fail and show that it rarely happens in real cases. We give a link with collisions in the Charles-Goren-Lauter (CGL) hash function.
KW - isogenies
KW - modular invariants
KW - supersingular elliptic curves
U2 - 10.1515/jmc-2021-0020
DO - 10.1515/jmc-2021-0020
M3 - Journal article
AN - SCOPUS:85115418131
VL - 16
SP - 14
EP - 19
JO - Journal of Mathematical Cryptology
JF - Journal of Mathematical Cryptology
SN - 1862-2976
IS - 1
ER -
ID: 284298949