On the supersingular GPST attack

On the supersingular GPST attack

The main attack against static-key supersingular isogeny Diffie–Hellman (SIDH) is the Galbraith–Petit–Shani–Ti (GPST) attack, which also prevents the application of SIDH to other constructions such as non-interactive key-exchange. In this paper, we identify and study a specific assumption on which t...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Basso Andrea, Pazuki Fabien
Formato: article
Lenguaje:EN
Publicado: De Gruyter 2021
Materias:
isogenies
supersingular elliptic curves
modular invariants
14h52
14k02
11t71
94a60
81p94
65p25
Mathematics
QA1-939
Acceso en línea:https://doaj.org/article/6cd44119188b496ea8c3e6a069561d3e
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:6cd44119188b496ea8c3e6a069561d3e
record_format dspace
spelling oai:doaj.org-article:6cd44119188b496ea8c3e6a069561d3e2021-12-05T14:10:52ZOn the supersingular GPST attack1862-298410.1515/jmc-2021-0020https://doaj.org/article/6cd44119188b496ea8c3e6a069561d3e2021-09-01T00:00:00Zhttps://doi.org/10.1515/jmc-2021-0020https://doaj.org/toc/1862-2984The main attack against static-key supersingular isogeny Diffie–Hellman (SIDH) is the Galbraith–Petit–Shani–Ti (GPST) attack, which also prevents the application of SIDH to other constructions such as non-interactive key-exchange. In this paper, we identify and study a specific assumption on which the GPST attack relies that does not necessarily hold in all circumstances. We show that in some circumstances the attack fails to recover part of the secret key. We also characterize the conditions necessary for the attack to fail and show that it rarely happens in real cases. We give a link with collisions in the Charles-Goren-Lauter (CGL) hash function.Basso AndreaPazuki FabienDe Gruyterarticleisogeniessupersingular elliptic curvesmodular invariants14h5214k0211t7194a6081p9465p25MathematicsQA1-939ENJournal of Mathematical Cryptology, Vol 16, Iss 1, Pp 14-19 (2021)
institution DOAJ
collection DOAJ
language EN
topic isogenies
supersingular elliptic curves
modular invariants
14h52
14k02
11t71
94a60
81p94
65p25
Mathematics
QA1-939
spellingShingle isogenies
supersingular elliptic curves
modular invariants
14h52
14k02
11t71
94a60
81p94
65p25
Mathematics
QA1-939
Basso Andrea
Pazuki Fabien
On the supersingular GPST attack
description The main attack against static-key supersingular isogeny Diffie–Hellman (SIDH) is the Galbraith–Petit–Shani–Ti (GPST) attack, which also prevents the application of SIDH to other constructions such as non-interactive key-exchange. In this paper, we identify and study a specific assumption on which the GPST attack relies that does not necessarily hold in all circumstances. We show that in some circumstances the attack fails to recover part of the secret key. We also characterize the conditions necessary for the attack to fail and show that it rarely happens in real cases. We give a link with collisions in the Charles-Goren-Lauter (CGL) hash function.
format article
author Basso Andrea
Pazuki Fabien
author_facet Basso Andrea
Pazuki Fabien
author_sort Basso Andrea
title On the supersingular GPST attack
title_short On the supersingular GPST attack
title_full On the supersingular GPST attack
title_fullStr On the supersingular GPST attack
title_full_unstemmed On the supersingular GPST attack
title_sort on the supersingular gpst attack
publisher De Gruyter
publishDate 2021
url https://doaj.org/article/6cd44119188b496ea8c3e6a069561d3e
work_keys_str_mv AT bassoandrea onthesupersingulargpstattack
AT pazukifabien onthesupersingulargpstattack
_version_ 1718371646757142528

Ejemplares similares