Isogeny Problems with Level Structure

Tako Boris Fouotsa
2024
Conference paper

Abstract

Given two elliptic curves and the degree of an isogeny between them, finding the isogeny is believed to be a difficult problem—upon which rests the security of nearly any isogeny-based scheme. If, however, to the data above we add information about the behavior of the isogeny on a large enough subgroup, the problem can become easy, as recent cryptanalyses on SIDH have shown. Between the restriction of the isogeny to a full N-torsion subgroup and no “torsion information” at all lies a spectrum of interesting intermediate problems, raising the question of how easy or hard each of them is. Here we explore modular isogeny problems where the torsion information is masked by the action of a group of 2x2 matrices. We give reductions between these problems, classify them by their difficulty, and link them to security assumptions found in the literature.

Official source

https://infoscience.epfl.ch/record/311817?ln=en

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Ontological neighbourhood

Mathematics

Algebra: Representation theory

Related concepts (33)

Related publications (40)

Related MOOCs (9)

Isogeny Problems with Level Structure

Exploring SIDH-Based Signature Parameters

Some Mordell-Weil lattices and applications to sphere packings

New SIDH Countermeasures for a More Efficient Key Exchange

Some Mordell-Weil lattices and applications to sphere packings

Exploring SIDH-Based Signature Parameters

New SIDH Countermeasures for a More Efficient Key Exchange