On oriented supersingular elliptic curves

We revisit theoretical background on OSIDH, that is an isogeny-based key-exchange protocol proposed by Colo and Kohel at NutMiC 2019. We give a proof of a fundamental theorem for OSIDH. The theorem was stated by Colo and Kohel without proof. Furthermore, we consider parameters of OSIDH, give a sufficient condition on the parameters that the protocol works, and estimate the size of the parameters for a certain security level.

[1]  Benjamin Smith,et al.  Towards practical key exchange from ordinary isogeny graphs , 2018, IACR Cryptol. ePrint Arch..

[2]  David Jao,et al.  Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies , 2011, J. Math. Cryptol..

[3]  Annales scientifiques de ľÉcole Normale Supérieure , 1891 .

[4]  Anton Stolbunov,et al.  Constructing public-key cryptographic schemes based on class group action on a set of isogenous elliptic curves , 2010, Adv. Math. Commun..

[5]  Kristin E. Lauter,et al.  On the quaternion $\ell$-isogeny path problem , 2014 .

[6]  Wouter Castryck,et al.  Rational Isogenies from Irrational Endomorphisms , 2020, IACR Cryptology ePrint Archive.

[7]  S. Lang,et al.  Abelian varieties over finite fields , 2005 .

[8]  A. Pizer,et al.  An algorithm for computing modular forms on Γ0(N) , 1980 .

[9]  David Jao,et al.  Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies , 2014, J. Math. Cryptol..

[10]  Kristin E. Lauter,et al.  Supersingular Isogeny Graphs and Endomorphism Rings: Reductions and Solutions , 2018, EUROCRYPT.

[11]  Dan Boneh,et al.  Supersingular Curves With Small Non-integer Endomorphisms , 2019, ArXiv.

[12]  Tanja Lange,et al.  CSIDH: An Efficient Post-Quantum Commutative Group Action , 2018, IACR Cryptol. ePrint Arch..

[13]  David A. Cox Primes of the Form x2 + ny2: Fermat, Class Field Theory, and Complex Multiplication , 1989 .

[14]  P. Stevenhagen,et al.  ELLIPTIC FUNCTIONS , 2022 .

[15]  Christophe Petit,et al.  Faster Algorithms for Isogeny Problems Using Torsion Point Images , 2017, ASIACRYPT.

[16]  J. Silverman Advanced Topics in the Arithmetic of Elliptic Curves , 1994 .

[17]  Kristin E. Lauter,et al.  Cryptographic Hash Functions from Expander Graphs , 2008, Journal of Cryptology.

[18]  David Kohel,et al.  Orienting supersingular isogeny graphs , 2020, IACR Cryptol. ePrint Arch..

[19]  Alexander Rostovtsev,et al.  Public-Key Cryptosystem Based on Isogenies , 2006, IACR Cryptol. ePrint Arch..

[20]  Jean Marc Couveignes,et al.  Hard Homogeneous Spaces , 2006, IACR Cryptol. ePrint Arch..

[21]  Masanobu Kaneko,et al.  Supersingular j-invariants as singular moduli mod p , 1989 .

[22]  D. Kohel Endomorphism rings of elliptic curves over finite fields , 1996 .

[23]  Kristin E. Lauter,et al.  On the quaternion -isogeny path problem , 2014, LMS J. Comput. Math..

[24]  G. Ballew,et al.  The Arithmetic of Elliptic Curves , 2020, Elliptic Curves.

[25]  Steven D. Galbraith,et al.  On the Security of Supersingular Isogeny Cryptosystems , 2016, ASIACRYPT.