Jump to ContentJump to Main Navigation
Show Summary Details
In This Section

Journal of Mathematical Cryptology

Managing Editor: Magliveras, Spyros S. / Steinwandt, Rainer / Trung, Tran

Editorial Board Member: Blackburn, Simon R. / Blundo, Carlo / Burmester, Mike / Cramer, Ronald / Dawson, Ed / Gilman, Robert / Gonzalez Vasco, Maria Isabel / Grosek, Otokar / Helleseth, Tor / Kim, Kwangjo / Koblitz, Neal / Kurosawa, Kaoru / Lauter, Kristin / Lange, Tanja / Menezes, Alfred / Nguyen, Phong Q. / Pieprzyk, Josef / Rötteler, Martin / Safavi-Naini, Rei / Shparlinski, Igor E. / Stinson, Doug / Takagi, Tsuyoshi / Williams, Hugh C. / Yung, Moti

4 Issues per year

CiteScore 2016: 0.74

SCImago Journal Rank (SJR) 2015: 0.313
Source Normalized Impact per Paper (SNIP) 2015: 0.749

Mathematical Citation Quotient (MCQ) 2015: 0.24

See all formats and pricing
In This Section

Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies

Luca De Feo
  • Laboratoire PRiSM, Université de Versailles, 78035 Versailles, France
  • Email:
/ David Jao
  • University of Waterloo, Waterloo, Ontario, N2L 3G1, Canada
  • Email:
/ Jérôme Plût
  • Laboratoire PRiSM, Université de Versailles, 78035 Versailles, France
  • Email:
Published Online: 2014-06-11 | DOI: https://doi.org/10.1515/jmc-2012-0015


We present new candidates for quantum-resistant public-key cryptosystems based on the conjectured difficulty of finding isogenies between supersingular elliptic curves. The main technical idea in our scheme is that we transmit the images of torsion bases under the isogeny in order to allow the parties to construct a shared commutative square despite the non-commutativity of the endomorphism ring. We give a precise formulation of the necessary computational assumptions along with a discussion of their validity, and prove the security of our protocols under these assumptions. In addition, we present implementation results showing that our protocols are multiple orders of magnitude faster than previous isogeny-based cryptosystems over ordinary curves. This paper is an extended version of [Lecture Notes in Comput. Sci. 7071, Springer (2011), 19–34]. We add a new zero-knowledge identification scheme and detailed security proofs for the protocols. We also present a new, asymptotically faster, algorithm for key generation, a thorough study of its optimization, and new experimental data.

Keywords: Elliptic curves; isogenies; quantum-resistant cryptosystems

MSC: 94A60; 14G50; 11Y16; 14K02

About the article

Received: 2012-06-29

Revised: 2014-05-14

Accepted: 2014-05-16

Published Online: 2014-06-11

Published in Print: 2014-09-01

Funding Source: NSERC CRD

Award identifier / Grant number: CRDPJ 405857-10

Funding Source: Agence Nationale de la Recherche, ECLIPSES project

Award identifier / Grant number: Contract ANR-09-VERS-018

Citation Information: Journal of Mathematical Cryptology, ISSN (Online) 1862-2984, ISSN (Print) 1862-2976, DOI: https://doi.org/10.1515/jmc-2012-0015. Export Citation

Comments (0)

Please log in or register to comment.
Log in