Threshold Schemes from Isogeny Assumptions

We initiate the study of threshold schemes based on the Hard Homogeneous Spaces (HHS) framework of Couveignes. Quantum-resistant HHS based on supersingular isogeny graphs have recently become usable thanks to the record class group precomputation performed for the signature scheme CSI-FiSh.

[1]  Steven D. Galbraith,et al.  SeaSign: Compact isogeny signatures from class group actions , 2019, IACR Cryptol. ePrint Arch..

[2]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[3]  Chris Peikert,et al.  He Gives C-Sieves on the CSIDH , 2020, IACR Cryptol. ePrint Arch..

[4]  Anton Stolbunov,et al.  Constructing public-key cryptographic schemes based on class group action on a set of isogenous elliptic curves , 2010, Adv. Math. Commun..

[5]  Benjamin Smith,et al.  Towards practical key exchange from ordinary isogeny graphs , 2018, IACR Cryptol. ePrint Arch..

[6]  David Jao,et al.  Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies , 2014, J. Math. Cryptol..

[7]  Wouter Castryck,et al.  CSIDH on the surface , 2020, IACR Cryptol. ePrint Arch..

[8]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[9]  Jean Marc Couveignes,et al.  Hard Homogeneous Spaces , 2006, IACR Cryptol. ePrint Arch..

[10]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[11]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[12]  Greg Kuperberg,et al.  Another Subexponential-time Quantum Algorithm for the Dihedral Hidden Subgroup Problem , 2011, TQC.

[13]  Nicky Mouha,et al.  Threshold schemes for cryptographic primitives: , 2019 .

[14]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[15]  Frederik Vercauteren,et al.  Faster SeaSign signatures through improved rejection sampling , 2018, IACR Cryptol. ePrint Arch..

[16]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[17]  Abhi Shelat,et al.  Secure Two-party Threshold ECDSA from ECDSA Assumptions , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[18]  Tanja Lange,et al.  CSIDH: An Efficient Post-Quantum Commutative Group Action , 2018, IACR Cryptol. ePrint Arch..

[19]  L. Harn Group-oriented (t, n) threshold digital signature scheme and digital multisignature , 1994 .

[20]  Josh Benaloh,et al.  Secret Sharing Homomorphisms: Keeping Shares of A Secret Sharing , 1986, CRYPTO.

[21]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, EUROCRYPT.

[22]  André Schrottenloher,et al.  Quantum Security Analysis of CSIDH and Ordinary Isogeny-based Schemes , 2018, IACR Cryptol. ePrint Arch..

[23]  Francisco Rodríguez-Henríquez,et al.  Stronger and Faster Side-Channel Protections for CSIDH , 2019, IACR Cryptol. ePrint Arch..

[24]  Yvo Desmedt,et al.  Shared Generation of Authenticators and Signatures (Extended Abstract) , 1991, CRYPTO.

[25]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[26]  Wouter Castryck,et al.  Rational Isogenies from Irrational Endomorphisms , 2020, IACR Cryptology ePrint Archive.

[27]  Anton Stolbunov,et al.  Cryptographic Schemes Based on Isogenies , 2012 .

[28]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, Inf. Comput..

[29]  Steffen Reith,et al.  A faster way to the CSIDH , 2018, IACR Cryptol. ePrint Arch..

[30]  N. Elkies Elliptic and modular curves over finite fields and related computational issues , 1997 .

[31]  Steven D. Galbraith,et al.  Computing isogenies between supersingular elliptic curves over F_p , 2013 .

[32]  Tsuyoshi Takagi,et al.  (Short Paper) A Faster Constant-Time Algorithm of CSIDH Keeping Two Points , 2019, IWSEC.

[33]  Josh Benaloh,et al.  Secret Sharing Homomorphisms: Keeping Shares of A Secret Sharing , 1986, CRYPTO.

[34]  David Jao,et al.  Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies , 2011, J. Math. Cryptol..

[35]  Steven D. Galbraith,et al.  Computing isogenies between supersingular elliptic curves over Fp\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$${\mat , 2013, Designs, Codes and Cryptography.

[36]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[37]  Frederik Vercauteren,et al.  CSI-FiSh: Efficient Isogeny based Signatures through Class Group Computations , 2019, IACR Cryptol. ePrint Arch..

[38]  Steffen Reith,et al.  On Lions and Elligators: An efficient constant-time implementation of CSIDH , 2019, IACR Cryptol. ePrint Arch..

[39]  Luca De Feo,et al.  Mathematics of Isogeny Based Cryptography , 2017, ArXiv.

[40]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[41]  Eike Kiltz,et al.  A Tool Box of Cryptographic Functions Related to the Diffie-Hellman Function , 2001, INDOCRYPT.

[42]  R. Venkatesan,et al.  Expander graphs based on GRH with an application to elliptic curve cryptography , 2008, 0811.0647.

[43]  Greg Kuperberg A Subexponential-Time Quantum Algorithm for the Dihedral Hidden Subgroup Problem , 2005, SIAM J. Comput..

[44]  Jacques Stern,et al.  One Round Threshold Discrete-Log Key Generation without Private Channels , 2001, Public Key Cryptography.

[45]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[46]  Tanja Lange,et al.  Quantum circuits for the CSIDH: optimizing quantum evaluation of isogenies , 2019, IACR Cryptol. ePrint Arch..

[47]  O. Regev A Subexponential Time Algorithm for the Dihedral Hidden Subgroup Problem with Polynomial Space , 2004, quant-ph/0406151.

[48]  László Babai,et al.  On Lovász’ lattice reduction and the nearest lattice point problem , 1986, Comb..

[49]  Thijs Laarhoven,et al.  Finding Closest Lattice Vectors Using Approximate Voronoi Cells , 2019, PQCrypto.

[50]  Douglas R. Stinson,et al.  Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates , 2001, ACISP.

[51]  Nigel P. Smart,et al.  Sharing the LUOV: Threshold Post-Quantum Signatures , 2019, IACR Cryptol. ePrint Arch..

[52]  Michael J. Jacobson,et al.  A note on the security of CSIDH , 2018, INDOCRYPT.

[53]  Alexander Rostovtsev,et al.  Public-Key Cryptosystem Based on Isogenies , 2006, IACR Cryptol. ePrint Arch..

[54]  Rosario Gennaro,et al.  Fast Multiparty Threshold ECDSA with Fast Trustless Setup , 2018, CCS.