Thank you, Jessica

A bi-weekly virtual seminar for young isogenists.


Upcoming talks

  1. Marc Houben
    Universiteit Leiden, personal page
    December 13th, 17:00 (CET).
    Note: one week later than regular schedule.



Previous talks

  1. Thomas Decru - Breaking SIKE
    KU Leuven
    September 13th, 17:00 (CEST).
    abstract

    Thomas paints a somewhat broader picture of the genus-2 isogeny setting to showcase how Wouter Castryck and Thomas found all the pieces of the puzzle to break SIKE.

    Personal pageSlidesRecordingDiscussion


  2. Bruno Sterner - git commit -m “isogenies”
    University of Surrey
    September 27th, 17:00 (CEST).
    abstract

    Supersingular isogeny graphs possess many properties that make it an interesting object to study mathematically as well as attempt to apply for cryptographic purposes. In this talk, Bruno will present one of these properties and showcase how it can be applied to construct a commitment scheme. This commitment scheme has strong security properties and doesn’t require random oracles.

    Personal pageSlidesRecordingDiscussion


  3. Maria Corte-Real Santos - [superlative]Solver: Attacking the General Isogeny Problem
    University College London
    October 11th, 17:00 (CEST).
    abstract

    The general supersingular isogeny problem is the foundational hardness assumption underpinning isogeny-based cryptography. Its conjectured classical and quantum hardness has cemented isogenies as a promising tool for building post-quantum secure protocols.

    In this talk, we will look at the general isogeny problem in low dimensions. More specifically, we consider the hardness of finding an isogeny between two given supersingular elliptic curves or two superspecial abelian surfaces defined over 𝔽p2. Viewing these as path finding problems in a related isogeny graph, we introduce a general framework for solving these problems and present the state-of-the-art attacks against them. We will also discuss a strategy for improving their concrete complexity, based on joint work with Craig Costello, Sam Frengley and Jia Shi.

    Personal pageSlidesRecordingDiscussion


  4. Antonin Leroux - A new algorithm for the effective Deuring correspondence: making SQISign faster
    DGA,
    October 25th, 17:00 (CEST).
    abstract

    The quantum computer is a threat to cryptography as it can solve the problems upon which relies the security of a lot of protocols. Isogeny-based cryptography is a family of protocols relying on the hardness of finding an isogeny between two supersingular elliptic curves, a problem assumed hard even for a quantum computer. In this talk, we focus on the connection between isogeny-based cryptography and quaternion algebras called the Deuring correspondence.

    We will start with a generic overview of the applications of the Deuring correspondence to isogeny-based cryptography, before presenting a new algorithm to compute and realize the Deuring correspondence. In particular, this can be applied to speed-up the SQISign signature scheme.

    Personal pageSlidesRecordingDiscussion


  5. Tako Boris Fouotsa - Torsion point images in SIDH: from savior to killer
    EPFL,
    November 8th, 17:00 (CET).
    abstract

    The first isogeny-based key exchange is the CRS (Couveignes-Rostovtsev-Stolbunov) scheme, which uses ordinary isogenies. The CRS scheme is relatively slow and is subject to a sub-exponential quantum attack. This motivated Jao and De Feo to suggest SIDH, which uses supersingular isogenies that, as opposed to ordinary isogenies, do not commute. To solve this commutativity issue, Jao and De Feo publish images of torsion points through the secret isogeny. SIDH was then faster and was not vulnerable to sub-exponential quantum attacks.

    Today, the picture has changed considerably. The torsion point images have been used to design both adaptive and passive attacks on SIDH. Recently, we reached the "point de non retour": they were used to design a polynomial classical attack on SIDH.

    In this talk, we will tell the story of the torsion point images in SIDH. We will go through their role in the design of SIDH, and in the design of both adaptive and passive attacks on SIDH.

  6. Personal pageSlidesRecordingDiscussion


  7. Sabrina Kunzweiler - Genus 2 Isogenies
    Ruhr University Bochum
    November 22nd, 17:00 (CET).
    abstract

    Elliptic curves are abelian varieties of dimension one. It is only natural to consider generalizations of isogeny-based cryptographic protocols to higher dimensions. Apart from mathematical curiosity, the recent attacks on SIDH have shown that it is essential to study such generalizations in order to understand the security of elliptic curve based protocols.

    This talk gives an introduction to Jacobians of genus-2 curves (abelian varieties of dimension 2) and isogenies in this setting. The focus lies on the computation of Richelot isogenies.

    Personal pageSlidesRecordingDiscussion




Reach Jonathan and Krijn
via isogenyclub@gmail.com to join!

Overview of discussion available at askcryp.to.

Researchseminars.org here.

Twitter here.

YouTube here.