Chloe Martindale

Non-interactive post quantum key exchange from isogeny graphs of elliptic curves

We present CSIDH, an isogeny-based scheme suitable for non-interactive key exchange in a post-quantum setting. We will explain the scheme and some background on isogeny graphs of supersingular elliptic curves necessary to understand how the scheme works. We will also touch on cryptographical applications of isogeny graphs of different kinds of abelian varieties. The CSIDH construction follows the layout of the Couveignes–Rostovtsev–Stolbunov cryptosystem, but we apply it to supersingular elliptic curves defined over a large prime field, rather than to ordinary elliptic curves. The Diffie–Hellman scheme resulting from the group action allows for public-key validation at very little cost, runs reasonably fast in practice, and has very short public keys. This is joint work with Wouter Castryck, Tanja Lange, Lorenz Panny, and Joost Renes.