Paper 2025/107
dCTIDH: Fast & Deterministic CTIDH
Abstract
This paper presents dCTIDH, a CSIDH implementation that combines two recent developments into a novel state-of-the-art deterministic implementation. We combine the approach of deterministic variants of CSIDH with the batching strategy of CTIDH, which shows that the full potential of this key space has not yet been explored. This high-level adjustment in itself leads to a significant speed-up. To achieve an effective deterministic evaluation in constant time, we introduce Wombats, a new approach to performing isogenies in batches, specifically tailored to the behavior required for deterministic CSIDH using CTIDH batching. Furthermore, we explore the two-dimensional space of optimal primes for dCTIDH, with regard to both the performance of dCTIDH in terms of finite-field operations per prime and the efficiency of finite-field operations, determined by the prime shape, in terms of cycles. This allows us to optimize both for choice of prime and scheme parameters simultaneously. Lastly, we implement and benchmark constant-time, deterministic dCTIDH. Our results show that dCTIDH not only outperforms state-of-the-art deterministic CSIDH, but even non-deterministic CTIDH: dCTIDH-2048 is faster than CTIDH-2048 by 17 percent, and is almost five times faster than dCSIDH-2048.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- isogeniespost-quantum cryptographyCSIDH
- Contact author(s)
-
campos @ sopmac de
andreas hellenbrand @ hs-rm de
michael @ random-oracles org
krijn @ q1q1 nl - History
- 2025-01-23: approved
- 2025-01-23: received
- See all versions
- Short URL
- https://ia.cr/2025/107
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/107,
author = {Fabio Campos and Andreas Hellenbrand and Michael Meyer and Krijn Reijnders},
title = {{dCTIDH}: Fast & Deterministic {CTIDH}},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/107},
year = {2025},
url = {https://eprint.iacr.org/2025/107}
}
