Search Results (10)

Elliptic curves with the special quality known as supersingularity have gained much popularity in the rapidly developing field of cryptography. The conventional method of employing random search is quite ineffective in finding these curves. This paper analyzes the search of supersingular elliptic curves in the space of curves over ${\mathbb{F}}_{p^2}$. We show that naive random search is unsuitable to easily find any supersingular elliptic curves when the space size is greater than ${10}^{13}$. We improve the random search using a necessary condition for supersingularity. As our main result, we define for the first time an objective function to measure the supersingularity in ordinary curves, and we apply local search and a genetic algorithm using that function. The study not only finds these supersingular elliptic curves but also investigates possible uses for them. These curves were used to create cycles inside the isogeny graph in one particular application. The research shows how the design of S-boxes may strategically use these supersingular elliptic curves. The key components of replacement, which is a fundamental step in the encryption process that shuffles and encrypts the data inside images, are S-boxes. This work represents a major advancement in effectively identifying these useful elliptic curves, eventually leading to their wider application and influence in the rapidly expanding field of cryptography. Full article

The article presents the author’s works in the field of modifications and modeling of the Post-Quantum Cryptography (PQC) Commutative Supersingular Isogeny Diffie-Hellman (CSIDH) algorithm on non-cyclic supersingular Edwards curves and its predecessor Couveignes-Rostovtsev-Stolbunov (CRS) scheme on ordinary non-cyclic Edwards curves are reviewed. Lower estimates of the computational speed gains of the modified algorithms over the original ones are obtained. The most significant results were obtained by choosing classes of non-cyclic Edwards curves connected as quadratic twist pairs instead of cyclic complete Edwards curves, as well as the method of algorithm randomization as an alternative to “constant time CSIDH”. It is shown that in the CSIDH and Commutative Supersingular Isogeny Key Encapsulation (CSIKE) algorithms, there are two independent cryptosystems with the possibility of parallel computation, eliminating the threat of side-channel attacks. There are four such cryptosystems for the CRS scheme. Integral lower bound estimates of the performance gain of the modified CSIDH algorithm are obtained at 1.5 × 2⁹, and for the CRS scheme are 3 × 2⁹. Full article

Cryptosystems based on supersingular isogeny are a novel tool in post-quantum cryptography. One compelling characteristic is their concise keys and ciphertexts. However, the performance of supersingular isogeny computation is currently worse than that of other schemes. This is primarily due to the following factors. Firstly, the underlying field is a quadratic extension of the finite field, resulting in higher computational complexity. Secondly, the strategy for large-degree isogeny evaluation is complex and dependent on the elementary arithmetic units employed. Thirdly, adapting the same hardware to different parameters is challenging. Considering the evolution of similar curve-based cryptosystems, we believe proper algorithm optimization and hardware acceleration will reduce its speed overhead. This paper describes a high-performance and flexible hardware architecture that accelerates isogeny computation. Specifically, we optimize the design by creating a dedicated quadratic Montgomery multiplier and an efficient scheduling strategy that are suitable for supersingular isogeny. The multiplier operates on ${\mathbb{F}}_{p^2}$ under projective coordinate formulas, and the scheduling is tailored to it. By exploiting additional parallelism through replicated multipliers and concurrent isogeny subroutines, our 65 nm SMIC technology cryptographic accelerator can generate ephemeral public keys in 2.40 ms for Alice and 2.79 ms for Bob with a 751-bit prime setting. Sharing the secret key costs another 2.04 ms and 2.35 ms, respectively. Full article

The concept of verifiable delay functions has received attention from researchers since it was first proposed in 2018. The applications of verifiable delay are also widespread in blockchain research, such as: computational timestamping, public random beacons, resource-efficient blockchains, and proofs of data replication. This paper introduces the concept of verifiable delay functions and systematically summarizes the types of verifiable delay functions. Firstly, the description and characteristics of verifiable delay functions are given, and weak verifiable delay functions, incremental verifiable delay functions, decodable verifiable delay functions, and trapdoor verifiable delay functions are introduced respectively. The construction of verifiable delay functions generally relies on two security assumptions: algebraic assumption or structural assumption. Then, the security assumptions of two different verifiable delay functions are described based on cryptography theory. Secondly, a post-quantum verifiable delay function based on super-singular isogeny is introduced. Finally, the paper summarizes the blockchain-related applications of verifiable delay functions. Full article

Counterfeit drugs are forgery-tagged medicines that are considered to be drugs without vigorous active pharmaceutical ingredients (API). India, being the world’s largest producer of drugs, faces a crucial issue of counterfeits. Moreover, counterfeits identify their path into the pharmaceutical supply chain (PSC) effortlessly owing to the dearth of security and traceability in the prevailing system. This is because the software applications currently in use stockpile the information about drugs on centralized servers and are accessed by manufacturers, distributors and retailers via the internet. The security of such systems is found to be weak. To address these issues, in this work, a novel method called Supersingular Isogeny and Hosmer–Lemeshow Logistic Regression-based (SI-HLLR) secured information sharing for the pharmaceutical supply chain is proposed. The SI-HLLR method is split into two sections, block validation and authentication. First, with the pharmaceutical sales data provided as input, the supersingular isogeny Diffie–Hellman key exchange model is applied for block validation and then is implemented using a blockchain. Next, with the validated blocks, the authentication mechanism is performed using Hosmer–Lemeshow logistic regression-based authentication that in turn eliminates the counterfeit drugs from the pharmaceutical supply chain. The hyperledger fabric blockchain solution using SI-HLLR leads to improved security ensuring data integrity and better authentication accuracy in the proposed method. Full article

Public-key cryptography provides security for digital systems and communication. Traditional cryptographic solutions are constantly improved, e.g., to suppress brute-force attacks. However, Shor’s algorithm suited for quantum computers can break the bedrock of most currently used systems, i.e., the RSA problem and discrete logarithm problem. Post-quantum cryptography can withstand attacks carried out by quantum computers. Several families of post-quantum systems exist; one of them is isogeny-based cryptography. As a main contribution, in this paper, we provide a survey of chosen, fundamental isogeny-based schemes. The target audience of this review is researchers interested in practical aspects of this field of cryptography; therefore the survey contains exemplary implementations. Our goal was not to develop an efficient implementation, but to provide materials that make it easier to analyze isogeny-based cryptography. Full article

Postquantum cryptography for elevating security against attacks by quantum computers in the Internet of Everything (IoE) is still in its infancy. Most postquantum based cryptosystems have longer keys and signature sizes and require more computations that span several orders of magnitude in energy consumption and computation time, hence the sizes of the keys and signature are considered as another aspect of security by green design. To address these issues, the security solutions should migrate to the advanced and potent methods for protection against quantum attacks and offer energy efficient and faster cryptocomputations. In this context, a novel security framework Lightweight Postquantum ID-based Signature (LPQS) for secure communication in the IoE environment is presented. The proposed LPQS framework incorporates a supersingular isogeny curve to present a digital signature with small key sizes which is quantum-resistant. To reduce the size of the keys, compressed curves are used and the validation of the signature depends on the commutative property of the curves. The unforgeability of LPQS under an adaptively chosen message attack is proved. Security analysis and the experimental validation of LPQS are performed under a realistic software simulation environment to assess its lightweight performance considering embedded nodes. It is evident that the size of keys and the signature of LPQS is smaller than that of existing signature-based postquantum security techniques for IoE. It is robust in the postquantum environment and efficient in terms of energy and computations. Full article

This research paper evaluates the feasibility of cold boot attacks on the Supersingular Isogeny Key Encapsulation (SIKE) mechanism. This key encapsulation mechanism has been included in the list of alternate candidates of the third round of the National Institute of Standards and Technology (NIST) Post-Quantum Cryptography Standardization Process. To the best of our knowledge, this is the first time this scheme is assessed in the cold boot attacks setting. In particular, our evaluation is focused on the reference implementation of this scheme. Furthermore, we present a dedicated key-recovery algorithm for SIKE in this setting and show that the key recovery algorithm works for all the parameter sets recommended for this scheme. Moreover, we compute the success rates of our key recovery algorithm through simulations and show the key recovery algorithm may reconstruct the SIKE secret key for any SIKE parameters for a fixed and small $\alpha =0.001$ (the probability of a 0 to 1 bit-flipping) and varying values for $\beta$ (the probability of a 1 to 0 bit-flipping) in the set $\{0.001,0.01,\dots ,0.1\}$. Additionally, we show how to integrate a quantum key enumeration algorithm with our key-recovery algorithm to improve its overall performance. Full article

The implementation of isogeny-based cryptography mainly use Montgomery curves, as they offer fast elliptic curve arithmetic and isogeny computation. However, although Montgomery curves have efficient 3- and 4-isogeny formula, it becomes inefficient when recovering the coefficient of the image curve for large degree isogenies. Because the Commutative Supersingular Isogeny Diffie-Hellman (CSIDH) requires odd-degree isogenies up to at least 587, this inefficiency is the main bottleneck of using a Montgomery curve for CSIDH. In this paper, we present a new optimization method for faster CSIDH protocols entirely on Montgomery curves. To this end, we present a new parameter for CSIDH, in which the three rational two-torsion points exist. By using the proposed parameters, the CSIDH moves around the surface. The curve coefficient of the image curve can be recovered by a two-torsion point. We also proved that the CSIDH while using the proposed parameter guarantees a free and transitive group action. Additionally, we present the implementation result using our method. We demonstrated that our method is 6.4% faster than the original CSIDH. Our works show that quite higher performance of CSIDH is achieved while only using Montgomery curves. Full article

In this paper, we present scalable multi-precision multiplication implementation and scalable multi-precision squaring implementation for 32-bit ARM Cortex-M4 microcontrollers. For efficient computation and scalable functionality, we present optimized Multiplication and ACcumulation (MAC) techniques for the target microcontrollers. In particular, we present the 64-bit wise MAC operation with the Unsigned Long Multiply with Accumulate Accumulate (UMAAL) instruction. The MAC is used to perform column-wise multiplication/squaring (i.e., product-scanning) with general-purpose registers in an optimal way. Second, the squaring algorithm is further optimized through an efficient doubling routine together with an optimized product-scanning method. Finally, the proposed implementations achieved a very small memory footprint and high scalability to cover algorityms ranging from well-known public key cryptography (i.e., Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC)) to post-quantum cryptography (i.e., Supersingular Isogeny Key Encapsulation (SIKE)). All SIKE round 2 protocols were evaluated with the proposed modular reduction implementations. The results demonstrate that the scalable implementation can achieve the smallest code size together with a reasonable performance. Full article