Isogeny-Based Cryptography

Research Depth 72 in the knowledge graph ☐ I know this ☆ Set as goal

Core Idea

Isogeny-based cryptography uses the structure of isogenies (maps) between elliptic curves to build post-quantum public-key cryptosystems. Unlike lattice or code-based cryptography, isogeny schemes are based on algebraic geometry. The most developed scheme is SIKE/CSIDH, which constructs encryption by finding a path of isogenies through a graph of elliptic curves. Security relies on the hardness of the endomorphism ring computation problem, which has no known polynomial-time classical OR quantum algorithms. Isogeny schemes offer small keys and ciphertexts (advantages over lattices/codes), though key generation is slow. NIST selected SIKE as a finalist in the post-quantum cryptography standardization process.

Explainer

Isogeny-based cryptography is a geometric approach to post-quantum cryptography, leveraging the deep structure of elliptic curves and isogenies. Unlike lattice-based cryptography (linear algebra) or code-based (coding theory), isogeny schemes use algebraic geometry.

CSIDH/SIKE: The main constructions. Both work in a graph of elliptic curves, where vertices are curves and edges are isogenies. A secret path through the graph encodes a private key; the public key is the destination curve. To compute the private key from the public key requires finding the secret path, equivalent to the endomorphism ring computation problem.

Hardness: The hardness of isogeny-based schemes rests on:

1. Endomorphism Ring Computation: Given an elliptic curve, compute its endomorphism ring (hard).

2. Path Finding: Given start and end vertices in the isogeny graph, find the path (hard on random graphs).

Both are believed hard for classical and quantum computers.

Advantages:

Small keys: ~100-200 bytes (vs. lattice ~1-2 KB, codes ~1-2 KB).
Small ciphertexts: ~200-500 bytes.
Elegant mathematical structure.

Disadvantages:

Slow key generation (seconds to minutes on modern hardware).
Limited implementation experience.
Recent attacks found vulnerabilities in some schemes; ongoing research.

NIST Standardization: SIKE was selected as a finalist in the NIST post-quantum cryptography competition, though later withdrawn due to new attacks. CSIDH remains active, with improvements addressing prior vulnerabilities.

Isogeny-based cryptography remains a promising post-quantum avenue, combining mathematical elegance with practical efficiency, though standardization and real-world deployment are still maturing.

Practice Questions 2 questions

Prerequisite Chain

Counting to 10 → Counting to 20 → Understanding Zero → The Number Zero → Counting to Five → One-to-One Correspondence → Combining Small Groups Within 5 → Addition Within 10 → Addition Within 20 → Two-Digit Addition Without Regrouping → Two-Digit Addition with Regrouping → Addition Within 100 → Repeated Addition as Multiplication → Multiplication Facts Within 100 → Division as Equal Sharing → Division as Grouping (Measurement Division) → Division: Grouping (Repeated Subtraction) Model → Division: Fair Sharing Model → Division as Equal Sharing → Division as Grouping → Basic Division Facts → Division Facts Within 100 → Two-Digit by One-Digit Division → Division with Remainders → Remainders and Quotients in Division → Division Word Problems → Introduction to Long Division → Factors and Multiples → Prime and Composite Numbers → Equivalent Fractions → Relating Fractions and Decimals → Decimal Place Value → Reading and Writing Decimals → Comparing and Ordering Decimals → Adding and Subtracting Decimals → Multiplying Decimals → Dividing Decimals → Dividing Fractions → Mixed Number Arithmetic → Order of Operations → Integer Order of Operations → Variable Expressions → Combining Like Terms → One-Step Equations → Two-Step Equations → Solving Multi-Step Equations → Equations with Variables on Both Sides → Literal Equations → Slope-Intercept Form → Point-Slope Form → Writing Linear Equations → Parallel and Perpendicular Line Slopes → Graphing Linear Equations → Piecewise Functions → Step Functions → Composition of Functions → Inverse Functions → Radical Functions and Graphs → Rational Exponents → Exponential Functions and Graphs → Logarithms Introduction → Time and Space Complexity → Time Complexity Classes: P and EXPTIME → Nondeterministic Time Complexity and NP → The P vs. NP Problem → Complexity Class P: Polynomial Time → Hash Functions and Collision Resistance → The RSA Cryptosystem → Computational Hardness Assumptions → Lattice-Based Cryptography → Learning with Errors (LWE) → Post-Quantum Cryptography → Isogeny-Based Cryptography

Longest path: 73 steps · 409 total prerequisite topics

Prerequisites (2)

Elliptic Curve Cryptography Basicshard Post-Quantum Cryptographyhard

Leads To (0)

No topics depend on this one yet.