On the supersingular GPST attack
The main attack against static-key supersingular isogeny Diffie–Hellman (SIDH) is the Galbraith–Petit–Shani–Ti (GPST) attack, which also prevents the application of SIDH to other constructions such as non-interactive key-exchange. In this paper, we identify and study a specific assumption on which t...
Guardado en:
| Autores principales: | , |
|---|---|
| Formato: | article |
| Lenguaje: | EN |
| Publicado: |
De Gruyter
2021
|
| Materias: | |
| Acceso en línea: | https://doaj.org/article/6cd44119188b496ea8c3e6a069561d3e |
| Etiquetas: |
Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
| Sumario: | The main attack against static-key supersingular isogeny Diffie–Hellman (SIDH) is the Galbraith–Petit–Shani–Ti (GPST) attack, which also prevents the application of SIDH to other constructions such as non-interactive key-exchange. In this paper, we identify and study a specific assumption on which the GPST attack relies that does not necessarily hold in all circumstances. We show that in some circumstances the attack fails to recover part of the secret key. We also characterize the conditions necessary for the attack to fail and show that it rarely happens in real cases. We give a link with collisions in the Charles-Goren-Lauter (CGL) hash function. |
|---|