Steven Galbraith
Abstract:
In 2011, Jao and de Feo introduced a key exchange protocol based on isogenies of supersingular elliptic curves. Similar problems had been used previously in a hash function construction by Charles, Goren and Lauter. The talk will survey these systems and the mathematical ideas behind them.
I will then present a very powerful active attack on the supersingular isogeny encryption scheme, based on similar principles to the well-known "small subgroup attack" on DLP protocols. The attack is not prevented by any of the currently proposed "validation protocols", but it can be avoided by using a relatively expensive countermeasure proposed by Kirkwood et al. I will briefly survey some other recent results. This is all joint work with Christophe Petit, Barak Shani and Yan Bo Ti.
Speaker
Research Area
Affiliation
The University of Auckland
Date
Wed, 02/11/2016 - 2:00pm
Venue
RC-4082, The Red Centre, UNSW