International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Quantum Circuits for the CSIDH: Optimizing Quantum Evaluation of Isogenies

Authors:
Daniel J. Bernstein
Tanja Lange
Chloe Martindale
Lorenz Panny
Download:
DOI: 10.1007/978-3-030-17656-3_15 (login may be required)
Search ePrint
Search Google
Abstract: Choosing safe post-quantum parameters for the new CSIDH isogeny-based key-exchange system requires concrete analysis of the cost of quantum attacks. The two main contributions to attack cost are the number of queries in hidden-shift algorithms and the cost of each query. This paper analyzes algorithms for each query, introducing several new speedups while showing that some previous claims were too optimistic for the attacker. This paper includes a full computer-verified simulation of its main algorithm down to the bit-operation level.
Video from EUROCRYPT 2019
BibTeX
@article{eurocrypt-2019-29367,
  title={ Quantum Circuits for the CSIDH: Optimizing Quantum Evaluation of Isogenies},
  booktitle={Advances in Cryptology – EUROCRYPT 2019},
  series={Advances in Cryptology – EUROCRYPT 2019},
  publisher={Springer},
  volume={11477},
  pages={409-441},
  doi={10.1007/978-3-030-17656-3_15},
  author={Daniel J. Bernstein and Tanja Lange and Chloe Martindale and Lorenz Panny},
  year=2019
}