Abstract
An original CSIKE post-quantum cryptography algorithm is proposed as a modification of the CSIDH algorithm but with one public key instead of two. The conditions for its implementation on two classes of non-cyclic Edwards curves are substantiated. The properties of quadratic and twisted supersingular Edwards curves that form pairs of quadratic twist of order p + 1 ≡ 0 mod 8 over a prime field Fp are considered. A modification of the CSIDH algorithm and the CSIKE algorithm are presented, which are generated on the isogenies of these curves instead of the traditional arithmetic of curves in the Montgomery form. For isogenies of degrees 3, 5, and 7, the parameters of isogenic chains of non-cyclic supersingular Edwards curves are calculated and tabulated for p = 839. The implementation of the key encapsulation scheme with its encryption by Alice with Bob’s public key is considered. A new randomized CSIKE algorithm with random equiprobable selection of the curve from two classes at each step of the isogeny chain is proposed. The probability of a successful side-channel attack in a randomized algorithm is estimated. It is proposed to abandon the calculation of the isogenic function ϕ(R) of a random point R, which significantly speeds up the algorithm.
Similar content being viewed by others
References
W. Castryck, T. Lange, C. Martindale, L. Panny, and J. Renes, “CSIDH: An efficient post-quantum commutative group action,” in: T. Peyrin and S. Galbraith (eds.), Advances in Cryptology — ASIACRYPT 2018, Lecture Notes in Computer Science, Vol. 11274, Springer, Cham (2018), pp. 395–427. https://doi.org/10.1007/978-3-030-03332-3_15.
S. Kim, K. Yoon, Y.-H. Park, and S. Hong, “Optimized method for computing odd-degree isogenies on Edwards curve,” in: Security and Communication Networks (2019).
R. R. Farashahi and S. G. Hosseini, “Differential addition on twisted Edwards curves,” in: J. Pieprzyk and S. Suriadi (eds.), Information Security and Privacy, ACISP 2017, Lecture Notes in Computer Science, Vol. 10343, Springer, Cham (2017), pp. 366–378. https://doi.org/10.1007/978-3-319-59870-3_21.
S. Kim, K. Yoon, J. Kwon, S. Hong, and Y.-H. Park, “Efficient isogeny computations on twisted Edwards curves,” Security and Communication Networks, Vol. 2018, Article ID 5747642 (2018). https://doi.org/10.1155/2018/5747642.
D. Moody and D. Shumow, “Analogues of Vélu’s formulas for isogenies on alternate models of elliptic curves,” Mathematics of Computation, Vol. 85, No. 300, 1929–1951 (2016).
A. Bessalov, V. Sokolov, P. Skladannyi, and O. Zhyltsov, “Computing of odd degree isogenies on supersingular twisted Edwards curves,” CEUR Workshop Proceedings, Vol. 2923, 1–11 (2021).
T. Moriya, H. Onuki, and T. Takagi, “How to construct CSIDH on Edwards curves,” in: S. Jarecki (ed.), Topics in Cryptology — CT-RSA 2020, Lecture Notes in Computer Science, Vol. 12006, Springer, Cham (2020), pp. 512–537. https://doi.org/10.1007/978-3-030-40186-3_22.
A. V. Bessalov, “On correctness of conditions for the CSIDH algorithm implementation on Edwards curves,” Radiotekhnika, Iss. 208, 16–27 (2022).
D. J. Bernstein and T. Lange, “Faster addition and doubling on elliptic curves,” in: K. Kurosawa (ed.), Advances in Cryptology — ASIACRYPT 2007, Lecture Notes in Computer Science, Vol. 4833, Springer, Berlin–Heidelberg (2007), pp. 29–50. https://doi.org/10.1007/978-3-540-76900-2_3.
D. J. Bernstein, P. Birkner, M. Joye, T. Lange, and C. Peters, “Twisted Edwards curves,” in: S. Vaudenay (ed.), Progress in Cryptology — AFRICACRYPT 2008, Lecture Notes in Computer Science, Vol. 5023, Springer, Berlin–Heidelberg (2008), pp. 389–405. https://doi.org/10.1007/978-3-540-68164-9_26.
A. V. Bessalov, Elliptic Edwards Curves and Cryptography [in Russian], Polytekhnika, Kyiv (2017).
A. V. Bessalov and O. V. Tsygankova, “Number of curves in the generalized Edwards form with minimal even cofactor of the curve order,” Probl. Inform. Transmission, Vol. 53, No. 1, 92–101 (2017). https://doi.org/10.1134/S0032946017010082.
A. V. Bessalov and L. V. Kovalchuk, “Supersingular twisted Edwards curves over prime fields. I. Supersingular twisted Edwards curves with j-invariants equal to zero and 123,” Cybern. Syst. Analysis, Vol. 55, No. 3, 347–353 (2019). https://doi.org/10.1007/s10559-019-00140-9.
A. V. Bessalov and L. V. Kovalchuk, “Supersingular twisted Edwards curves over prime fields. II. Supersingular twisted Edwards curves with the j-invariant equal to 663,” Cybern. Syst. Analysis, Vol. 55, No. 5, 731–741 (2019). https://doi.org/10.1007/s10559-019-00183-y.
R. Azarderakhsh, M. Campagna, C. Costello, L. D. Feo, B. Hess, A. Jalali, D. Jao, B. Koziel, B. LaMacchia, P. Longa, M. Naehrig, J. Renes, V. Soukharev, and D. Urbanik, “Supersingular isogeny key encapsulation — Submission to the NIST’s post-quantum cryptography standardization process” (2017). URL: https://csrc.nist.gov/CSRC/media/Projects/Post-Quantum-Cryptography/documents/round-1/submissions/SIKE.zip.
L. C. Washington, Elliptic Curves, Number Theory and Cryptography, CRC Press (2008).
H. Onuki, Y. Aikawa, T. Yamazaki, and T. Takagi, “A faster constant-time algorithm of CSIDH kee** two points,” in: N. Attrapadung and T. Yagi (eds.), Advances in Information and Computer Security, IWSEC 2019, Lecture Notes in Computer Science, Vol. 11689, Springer, Cham (2019), pp. 23–33. https://doi.org/10.1007/978-3-030-26834-3_2.
A. Jalali, R. Azarderakhsh, M.M. Kermani, and D. Jao, “Towards optimized and constant-time CSIDH on embedded devices,” IACR Cryptology ePrint Archive 2019/297. URL: https://eprint.iacr.org/2019/297 (to apper at COSADE 2019).
Author information
Authors and Affiliations
Corresponding author
Additional information
Translated from Kibernetyka ta Systemnyi Analiz, No. 6, November–December, 2023, pp. 3–18.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Bessalov, A.V., Abramov, S.V. PQC CSIKE Algorithm on Non-Cyclic Edwards Curves. Cybern Syst Anal 59, 867–879 (2023). https://doi.org/10.1007/s10559-023-00622-x
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10559-023-00622-x