Hybrid Meet-in-the-Middle Attacks for the Isogeny Path-Finding Problem
Authors: 
Yasuhiko Ikematsu, Ryoya Fukasaku, Momonari Kudo, Masaya Yasuda, Katsuyuki Takashima, Kazuhiro YokoyamaAuthors Info & Claims
Yasuhiko Ikematsu, Ryoya Fukasaku, Momonari Kudo, Masaya Yasuda, Katsuyuki Takashima, Kazuhiro YokoyamaAuthors Info & ClaimsPages 36 - 44
Abstract
Isogeny-based cryptography has received attention as a candidate of post-quantum cryptography (PQC), and its security is based on the hardness of isogeny problems. The idea of meet-in-the-middle (MITM) is a bidirectional search for a collision, and it gives a powerful tool in cryptanalysis. In this paper, we propose hybrid approaches of MITM for solving the isogeny path-finding problem. Specifically, we first build part of trees of isogenies in a conventional way, and we then search a pair of isogenous curves of prime power degree by the algebraic approach using modular polynomials, proposed by Takahashi et al.¥! at MathCrypt 2019. Our hybrid approaches relax the requirements of sizes of search tables in MITM, and they also enable us to parallelize the part of algebraic search perfectly and easily. Here we show experimental results of our hybrid approaches to discuss a comparison with pure MITM approaches from a perspective of performance and sizes of search tables.
References
[1]
Gora Adj, Daniel Cervantes-Vázquez, Jesús-Javier Chi-Dom'inguez, Alfred Menezes, and Francisco Rodr'iguez-Henr'iquez. 2018. On the cost of computing isogenies between supersingular elliptic curves. In Selected Areas in Cryptography--SAC2018 (Lecture Notes in Computer Science), Vol. 11349. Springer, 322--343.
[2]
Jean-Francc ois Biasse, David Jao, and Anirudh Sankar. 2014. A quantum algorithm for computing isogenies between supersingular elliptic curves. In Progress in Cryptology--INDOCRYPT 2014 (Lecture Notes in Computer Science), Vol. 8885. Springer, 428--442.
[3]
Playoust. C Bosma. W, Cannon. J. 1997. The Magma Algebra system. I. The user language. J. Symbolic Comput., Vol. 24, 3--4 (1997), 235--265.
[4]
Denis X Charles, Kristin E Lauter, and Eyal Z Goren. 2009. Cryptographic hash functions from expander graphs. Journal of Cryptology, Vol. 22, 1 (2009), 93--113.
[5]
Anamaria Costache, Brooke Feigon, Kristin Lauter, Maike Massierer, and Anna Puskás. 2019. Ramanujan graphs in cryptography. In Research Directions in Number Theory. Springer, 1--40.
[6]
Craig Costello, Patrick Longa, Michael Naehrig, Joost Renes, and Fernando Virdia. [n.d.]. Improved Classical Cryptanalysis of the Computational Supersingular Isogeny Problem. IACR Cryptology ePrint 2019/298 ( [n.,d.]). https://eprint.iacr.org/2019/298.pdf
[7]
Luca De Feo, David Jao, and Jérôme Plût. 2014. Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. Journal of Mathematical Cryptology, Vol. 8, 3 (2014), 209--247.
[8]
Steven D Galbraith and Frederik Vercauteren. 2018. Computational problems in supersingular elliptic curve isogenies. Quantum Information Processing, Vol. 17, 10 (2018), 265.
[9]
J. V. Z. Gathen and J. Gerhard. 2003. Modern Computer Algebra .Cambridge University Press New York.
[10]
Shlomo Hoory, Nathan Linial, and Avi Wigderson. 2006. Expander graphs and their applications. Bull. Amer. Math. Soc., Vol. 43, 4 (2006), 439--561.
[11]
D Jao, R Azarderakhsh, M Campagna, C Costello, L DeFeo, B Hess, A Jalali, B Koziel, B LaMacchia, P Longa, et al. [n.d.]. SIKE: Supersingular isogeny key encapsulation. Submission to the NIST Standardization Process on Post-Quantum Cryptography. 2017. https://sike.org/
[12]
David Jao and Luca De Feo. 2011. Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In Post-Quantum Cryptography--PQCrypto 2011 (Lecture Notes in Computer Science), Vol. 7071. Springer, 19--34.
[13]
Samuel Jaques and John M Schanck. [n.d.]. Quantum cryptanalysis in the RAM model: Claw-finding attacks on SIKE. IACR Cryptology ePrint 2019/103 ( [n.,d.]). https://eprint.iacr.org/2019/103.pdf
[14]
Donald E. Knuth. 1998. The Art of Computer Programming 3rd ed.). Fundamental Algorithms, Vol. 1. Addison Wesley Longman Publishing Co., Inc. (book).
[15]
David Kohel. 1996. Endomorphism rings of elliptic curves over finite fields. Ph.D. Dissertation. University of California at Berkeley.
[16]
J.F. Mestre. 1986. La méthode des graphes. Exemples et applications. In Proceedings of international conference on class numbers and fundamental units of algebraic number fields. 217--242.
[17]
B. Mishra. 1993. Algorithmic Algebra .Springer.
[18]
National Institute of Standards and Technology (NIST). [n.d.]. NISTIR 8240: Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process. https://nvlpubs.nist.gov/nistpubs/ir/2019/NIST.IR.8240.pdf
[19]
I Pohl. 1969. Bidirectioonal and heuristic search in path problems. Tech. Rep. SLAC-R-104 (1969).
[20]
Joseph H Silverman. 1994. Advanced topics in the arithmetic of elliptic curves. Graduate Texts in Mathematics, Vol. 151. Springer-Verlag New York.
[21]
Joseph H Silverman. 2009. The arithmetic of elliptic curves second ed.). Graduate Texts in Mathematics, Vol. 106. Springer Science & Business Media.
[22]
Yasushi Takahashi, Momonari Kudo, Yasuhiko Ikematsu, Masaya Yasuda, and Kazuhiro Yokoyama. [n.d.]. Algebraic approaches for solving isogeny problems of prime power degrees. presented at MathCrypt 2019 ( [n.,d.]). http://imdarc.math.snu.ac.kr/MathCrypt2019/
[23]
John Tate. 1966. Endomorphisms of abelian varieties over finite fields. Inventiones mathematicae, Vol. 2, 2 (1966), 134--144.
[24]
Paul C Van Oorschot and Michael J Wiener. 1996. Improving implementable meet-in-the-middle attacks by orders of magnitude. In Advances in Cryptology--CRYPTO 1996 (Lecture Notes in Computer Science), Vol. 1109. Springer, 229--236.
[25]
Paul C Van Oorschot and Michael J Wiener. 1999. Parallel collision search with cryptanalytic applications. Journal of cryptology, Vol. 12, 1 (1999), 1--28.
[26]
Jacques Vélu. 1971. Isogénies entre courbes elliptiques. CR Acad. Sci. Paris Sér. AB, Vol. 273 (1971), 238--241.
Index Terms
- Hybrid Meet-in-the-Middle Attacks for the Isogeny Path-Finding Problem
Recommendations
Isogeny cordillera algorithm to obtain cryptographically good elliptic curves
ACSW '07: Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68The security of most elliptic curve cryptosystems is based on the intractability of the Elliptic Curve Discrete Logarithm Problem (ECDLP). Such a problem turns out to be computationally unfeasible when elliptic curves are suitably chosen. This paper ...
Four-Dimensional GLV via the Weil Restriction
Part I of the Proceedings of the 19th International Conference on Advances in Cryptology - ASIACRYPT 2013 - Volume 8269The Gallant-Lambert-Vanstone GLV algorithm uses efficiently computable endomorphisms to accelerate the computation of scalar multiplication of points on an abelian variety. Freeman and Satoh proposed for cryptographic use two families of genus 2 curves ...
Twisted Edwards curves
AFRICACRYPT'08: Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptologyThis paper introduces "twisted Edwards curves," a generalization of the recently introduced Edwards curves; shows that twisted Edwards curves include more curves over finite fields, and in particular every elliptic curve in Montgomery form; shows how to ...
Comments
Information & Contributors
Information
Published In
Copyright © 2020 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 07 October 2020
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
ASIA CCS '20
Sponsor:
ASIA CCS '20: The 15th ACM Asia Conference on Computer and Communications Security
October 6, 2020
Taipei, Taiwan
Acceptance Rates
Overall Acceptance Rate 36 of 103 submissions, 35%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 102Total Downloads
- Downloads (Last 12 months)9
- Downloads (Last 6 weeks)0
Reflects downloads up to 08 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in