Skip to main content
SpringerLink
Log in

Provably secure post-quantum authenticated key exchange from supersingular isogenies

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Supersingular isogeny-based cryptography is now seen as one of the most promising candidates that can be secure against the upcoming quantum computer attacks. This article aims to present a provably secure post-quantum authenticated key exchange (AKE) protocol from supersingular isogenies under the extended Canetti–Krawczyk (eCK) security model, and provide an alternative for protecting communications over open channels from being attacked in the near future post-quantum era. Thus, the expected post-quantum AKE protocol from supersingular isogenies is presented in this article using the well-known SIDH and SIKE as its building blocks. The new post-quantum AKE protocol is formally proved secure under the strong eCK security model, which actually can also be formally proved secure in the \(\text {CK}^{+}\) security model. In addition, the relatively time-consuming encapsulation algorithm can be performed in advance in the new AKE protocol, so in practice, the new AKE protocol may gain efficiency advantage over some existing AKE protocols from supersingular isogenies. So, considering the overall security and computation efficiency, it can be said that the presented post-quantum AKE protocol may be a good choice in the upcoming post-quantum era.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Alagic G, Alperin-Sheriff J, Apon D, Cooper D, Dang Q, Liu YK, Miller C, Moody D, Peralta R, Perlner R et al (2020) Status report on the second round of the nist post-quantum cryptography standardization process. Tech. rep, National Institute of Standards and Technology

  2. Arute F, Arya K, Babbush R, Bacon D, Bardin JC, Barends R, Biswas R, Boixo S, Brandao FG, Buell DA et al (2019) Quantum supremacy using a programmable superconducting processor. Nature 574(7779):505–510

    Article  Google Scholar 

  3. Azarderakhsh R, Jao D, Kalach K, Koziel B, Leonardi C (2016) Key compression for isogeny-based cryptosystems. In: Proceedings of the 3rd ACM International Workshop on ASIA Public-Key Cryptography, pp. 1–10. ACM

  4. Canetti R, Krawczyk H (2001) Analysis of key-exchange protocols and their use for building secure channels. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 453–474. Springer

  5. Childs A, Jao D, Soukharev V (2010) Constructing elliptic curve isogenies in quantum subexponential time. Preprint available at arxiv:1012.4019

  6. Costello C, Longa P, Naehrig M (2016) Efficient algorithms for Supersingular Isogeny Diffie-Hellman. In: Robshaw M, Katz J (eds) Advances in cryptology—CRYPTO 2016: 36th Annual International Cryptology Conference, pp. 572–601. Springer, Berlin Heidelberg. https://doi.org/10.1007/978-3-662-53018-4_21

  7. Costello C, Jao D, Longa P, Naehrig M, Renes J, Urbanik D (2017) Efficient Compression of SIDH Public Keys, pp. 679–706. Springer International Publishing, Cham. https://doi.org/10.1007/978-3-319-56620-7_24

  8. Couveignes JM (2006) Hard homogeneous spaces. Cryptology ePrint Archive, Report 2006/291. https://eprint.iacr.org/2006/291

  9. Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inform Theory IT–22(6):644–654 (http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.37.9720)

    Article  MathSciNet  Google Scholar 

  10. Feo LD (2017) Mathematics of isogeny based cryptography (2017)

  11. Fujioka A, Suzuki K, Xagawa K, Yoneyama K (2012) Strongly secure authenticated key exchange from factoring, codes, and lattices. In: Public Key Cryptography–PKC 2012: 15th International Conference on Practice and Theory in Public Key Cryptography, Darmstadt, Germany, May 21-23, 2012, Proceedings, vol. 7293, p. 467. Springer

  12. Fujioka A, Suzuki K, Xagawa K, Yoneyama K (2013) Practical and post-quantum authenticated key exchange from one-way secure key encapsulation mechanism. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS ’13, p. 83-94. Association for Computing Machinery, New York, NY, USA. https://doi.org/10.1145/2484313.2484323

  13. Fujioka A, Takashima K, Terada S, Yoneyama K (2018) Supersingular isogeny diffie-hellman authenticated key exchange. In: International Conference on Information Security and Cryptology, pp. 177–195

  14. Galbraith SD (2018) Authenticated key exchange for sidh. IACR Cryptol ePrint Arch 2018:266

    MathSciNet  Google Scholar 

  15. Galbraith SD, Petit C, Shani B, Ti YB (2016) On the security of supersingular isogeny cryptosystems. In: Advances in Cryptology–ASIACRYPT 2016: 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4-8, 2016, Proceedings, Part I 22, pp. 63–91. Springer

  16. Galbraith SD, Petit C, Silva J (2017) Identification protocols and signature schemes based on supersingular isogeny problems. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 3–33

  17. Jao D, Azarderakhsh R, Campagna M, Costello C, DeFeo L, Hess B, Jalali A, Koziel B, LaMacchia B, Longa P, et al. (2017) Sike: Supersingular isogeny key encapsulation. submission to the nist standardization process on post-quantum cryptography

  18. Jao D, De Feo L (2011) Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: International Workshop on Post-Quantum Cryptography, pp. 19–34. Springer

  19. Jeong IR, Katz J, Lee DH (2004) One-round protocols for two-party authenticated key exchange. In: International conference on applied cryptography and network security, pp. 220–232. Springer

  20. Koziel B, Azarderakhsh R, Kermani MM (2018) A high-performance and scalable hardware architecture for isogeny-based cryptography. IEEE Trans Comput 67(11):1594–1609

    Article  MathSciNet  Google Scholar 

  21. Krawczyk H (2005) HMQV: A high-performance secure diffie-hellman protocol. In: Annual International Cryptology Conference, pp. 546–566. Springer

  22. LaMacchia B, Lauter K, Mityagin A (2007) Stronger security of authenticated key exchange. In: International conference on provable security, pp. 1–16. Springer

  23. Law L, Menezes A, Qu M, Solinas J, Vanstone S (2003) An efficient protocol for authenticated key agreement. Design Codes Cryptogr 28(2):119–134

    Article  MathSciNet  Google Scholar 

  24. Longa P (2018) A note on post-quantum authenticated key exchange from supersingular isogenies. Cryptology ePrint Archive, Report 2018/267. https://eprint.iacr.org/2018/267

  25. Pritzker P, Gallagher PD (2014) SHA-3 standard: permutation-based hash and extendable-output functions. Information Tech Laboratory National Institute of Standards and Technology pp. 1–35

  26. Rostovtsev A, Stolbunov A (2006) Public-key cryptosystem based on isogenies. Cryptology ePrint Archive, Report 2006/145. http://eprint.iacr.org/2006/145/

  27. Shor PW (1994) Algorithms for quantum computation: Discrete logarithms and factoring. In: Foundations of Computer Science, 1994 Proceedings., 35th Annual Symposium on, pp. 124–134. IEEE

  28. Stolbunov A (2004) Public-key encryption based on cycles of isogenous elliptic curves. MSc thesis at Saint-Petersburg State Polytechnical University, in Russian

  29. Swayne M (2020) IBM doubles the power of its quantum computer. https://thequantumdaily.com/2020/01/12/ibm-doubles-the-power-of-its-quantum-computer/ (January 12)

  30. The National Institute of Standards and Technology (NIST). https://csrc.nist.gov/Projects/post-quantum-cryptography/Post-Quantum-Cryptography-Standardization

  31. Xu X, Xue H, Wang K, Au MH, Tian S (2019) Strongly secure authenticated key exchange from supersingular isogenies. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 278–308. Springer

  32. Yoneyama K (2013) One-round authenticated key exchange without implementation trick. In: International Workshop on Security, pp. 272–289. Springer

Download references

Acknowledgements

The authors would like to sincerely gratitude to the editor and anonymous reviewers for their valuable comments and work for this paper. This work was supported in part by the Natural Science Basic Research Program of Shaanxi Province of China under Grant 2021JQ-123, in part by National Natural Science Foundation of China (No. 62074131), and in part by the Fundamental Research Funds for the Central Universities (No. 31020200QD011).

Author information

Authors and Affiliations

  1. School of Cybersecurity, Northwestern Polytechnical University, Xi’an, 710072, People’s Republic of China

    Mingping Qi

  2. School of Mathematics and Statistics, Wuhan University, Wuhan, 430072, People’s Republic of China

    Jianhua Chen

Authors
  1. Mingping Qi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jianhua Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mingping Qi.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Qi, M., Chen, J. Provably secure post-quantum authenticated key exchange from supersingular isogenies. J Supercomput 78, 12815–12833 (2022). https://doi.org/10.1007/s11227-022-04378-7

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-022-04378-7

Keywords

Search

Navigation