Corte-Real Santos, Maria;
(2024)
The design, concrete security and efficiency of isogeny-based cryptography.
Doctoral thesis (Ph.D), UCL (University College London).
Preview |
Text
Corte_Thesis.pdf - Accepted Version Download (4MB) | Preview |
Abstract
The security of most public-key cryptosystems that are currently deployed rely on the hardness of the discrete logarithm problem or of the integer factorisation problem. In 1994, Shor gave a devastating polynomial-time quantum attack against these problems, showing that cryptosystems that rely on their hardness are not secure in the presence of a quantum adversary. Considering the increased investment in the development of large-scale quantum computers, in 2016, NIST began an effort to standardise post-quantum secure key encapsulation mechanisms and signature schemes. We work with a specific type of post-quantum cryptography considered by NIST: isogeny-based cryptography, where security rests on the hardness of the isogeny problem. This problem asks, given two elliptic curves, to find a "nice" map, called an isogeny, between them. In the first part of this thesis, we explore the concrete security of this problem when working with supersingular elliptic curves. Viewing an elliptic curve as one-dimensional specialisation of a more abstract mathematical object, namely an abelian variety, we also study the generalisation of the isogeny problem to higher dimensions. In the next part, we focus on the recent shift towards using isogenies between two-dimensional abelian varieties to construct new protocols, and present efficient formulae for computing such isogenies of odd degree. We then focus on SQIsign, the only isogeny-based signature scheme that was submitted to NIST's alternate call for signatures. SQIsign boasts the smallest combined signature and public key sizes. However, finding SQIsign-friendly parameters has proved to be a difficult task. We provide a solution to this by presenting the first practical parameters for all security levels. Despite this, SQIsign is still considerably slower than other alternatives. Noting that SQIsign is most interesting in scenarios that require small signature sizes and fast verification, we also present work that accelerates SQIsign verification, without sacrificing the signature size.
| Type: | Thesis (Doctoral) |
|---|---|
| Qualification: | Ph.D |
| Title: | The design, concrete security and efficiency of isogeny-based cryptography |
| Open access status: | An open access version is available from UCL Discovery |
| Language: | English |
| Additional information: | Copyright © The Author 2024. Original content in this thesis is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) Licence (https://creativecommons.org/licenses/by-nc/4.0/). Any third-party copyright material present remains the property of its respective owner(s) and is licensed under its existing terms. Access may initially be restricted at the author’s request. |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10202515 |
Loading...
Loading...Loading...Loading...Archive Staff Only
 |
View Item |
