CSIDH: An Efficient Post-Quantum Commutative Group Action

Wouter Castryck, Tanja Lange, Chloe Martindale, Lorenz Panny, Joost Renes

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)


We propose an efficient commutative group action suitable
for non-interactive key exchange in a post-quantum setting. Our construction
follows the layout of the Couveignes–Rostovtsev–Stolbunov
cryptosystem, but we apply it to supersingular elliptic curves defined
over a large prime field Fp, rather than to ordinary elliptic curves. The
Diffie–Hellman scheme resulting from the group action allows for publickey
validation at very little cost, runs reasonably fast in practice, and
has public keys of only 64 bytes at a conjectured AES-128 security level,
matching NIST’s post-quantum security category I.
Original languageEnglish
Title of host publicationAdvances in Cryptology - ASIACRYPT 2018
ISBN (Electronic)978-3-030-03332-3
ISBN (Print)978-3-030-03331-6
Publication statusE-pub ahead of print - 26 Oct 2018

Publication series

NameLecture Notes in Computer Science
ISSN (Electronic)1611-3349


Dive into the research topics of 'CSIDH: An Efficient Post-Quantum Commutative Group Action'. Together they form a unique fingerprint.

Cite this