Computing supersingular isogenies on Kummer surfaces

We apply Scholten’s construction to give explicit isogenies between the Weil restriction of supersingular Montgomery curves with full rational 2-torsion over \(\mathbb {F}_{p^2}\) and corresponding abelian surfaces over \(\mathbb {F}_{p}\). Subsequently, we show that isogeny-based public key cryptography can exploit the fast Kummer surface arithmetic that arises from the theory of theta functions. In particular, we show that chains of 2-isogenies between elliptic curves can instead be computed as chains of Richelot (2, 2)-isogenies between Kummer surfaces. This gives rise to new possibilities for efficient supersingular isogeny-based cryptography.

[1]  Romain Cosset Factorization with genus 2 curves , 2010, Math. Comput..

[2]  David Jao,et al.  Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies , 2014, J. Math. Cryptol..

[3]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[4]  Steven D. Galbraith,et al.  Mathematics of Public Key Cryptography , 2012 .

[5]  D. Chudnovsky,et al.  Sequences of numbers generated by addition in formal groups and new primality and factorization tests , 1986 .

[6]  Craig Costello,et al.  Efficient Algorithms for Supersingular Isogeny Diffie-Hellman , 2016, CRYPTO.

[7]  Damiano Testa,et al.  Descent via (3,3)-isogeny on Jacobians of genus 2 curves , 2014, 1401.0580.

[8]  Tanja Lange,et al.  Hyper-and-elliptic-curve cryptography , 2014, IACR Cryptol. ePrint Arch..

[9]  Craig Costello,et al.  Fast Cryptography in Genus 2 , 2013, Journal of Cryptology.

[10]  Samir Siksek,et al.  A Fast Diffie—Hellman Protocol in Genus 2 , 2013, Journal of Cryptology.

[11]  Jaap Top,et al.  Legendre Elliptic Curves over Finite Fields , 2001, math/0106273.

[12]  Joost Renes Computing isogenies between Montgomery curves using the action of (0, 0) , 2017, IACR Cryptol. ePrint Arch..

[13]  J. Igusa,et al.  Arithmetic Variety of Moduli for Genus Two , 1960 .

[14]  Daniel J. Bernstein,et al.  Curve25519: New Diffie-Hellman Speed Records , 2006, Public Key Cryptography.

[15]  David Lubicz,et al.  Arithmetic on abelian and Kummer varieties , 2016, Finite Fields Their Appl..

[16]  F. Richelot,et al.  De transformatione integralium Abelianorum primi ordinis commentatio. , 1837 .

[17]  David Jao,et al.  Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies , 2011, J. Math. Cryptol..

[18]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[19]  Pierrick Gaudry Fast genus 2 arithmetic based on Theta functions , 2007, J. Math. Cryptol..

[20]  Francisco Rodríguez-Henríquez,et al.  A Faster Software Implementation of the Supersingular Isogeny Diffie-Hellman Key Exchange Protocol , 2018, IEEE Transactions on Computers.

[21]  Benjamin A. Smith,et al.  Explicit endomorphisms and Correspondences , 2006, Bulletin of the Australian Mathematical Society.

[22]  Craig Costello,et al.  Jacobian Coordinates on Genus 2 Curves , 2014, ASIACRYPT.

[23]  J. Scholten,et al.  WEIL RESTRICTION OF AN ELLIPTIC CURVE OVER , 2003 .

[24]  Reza Azarderakhsh,et al.  Key Compression for Isogeny-Based Cryptosystems , 2016, AsiaPKC '16.

[25]  David Jao,et al.  Constructing elliptic curve isogenies in quantum subexponential time , 2010, J. Math. Cryptol..

[26]  Tanja Lange,et al.  Kummer Strikes Back: New DH Speed Records , 2014, ASIACRYPT.

[27]  E. V. Flynn Descent via (5,5)-isogeny on Jacobians of genus 2 curves , 2015 .

[28]  Benjamin Smith,et al.  qDSA: Small and Secure Digital Signatures with Curve-Based Diffie-Hellman Key Pairs , 2017, ASIACRYPT.

[29]  E. V. Flynn,et al.  Prolegomena to a Middlebrow Arithmetic of Curves of Genus 2: Index rerum et personarum , 1996 .

[30]  Frans Oort,et al.  Subvarieties of moduli spaces , 1974 .