Home

isogenybased

Isogenybased refers to cryptographic constructions that derive security from isogenies between elliptic curves. In these schemes, the main hard problems involve computing isogenies or walking between curves in an isogeny graph. This approach is studied as a candidate for post-quantum cryptography because many standard quantum attacks on elliptic-curve discrete logarithms do not translate directly to isogeny-based problems. Isogeny-based cryptography is used for key exchange, key encapsulation, and, in some schemes, digital signatures.

An isogeny is a non-constant morphism between elliptic curves that preserves the group structure. Cryptographers typically

Two well-known families are SIDH (and its encapsulation form SIKE) and CSIDH. SIDH uses the structure of

Security and status: Isogeny-based schemes are believed to be quantum-resistant; however, several proposed parameter sets have

Outlook: Ongoing research explores stronger security proofs, more efficient implementations, and potential standardization pathways. The field

work
with
supersingular
elliptic
curves
over
finite
fields,
where
the
set
of
all
isogenies
forms
a
rich,
connectivity-rich
graph.
The
difficulty
of
constructing
a
path
between
two
curves,
or
of
determining
an
isogeny
with
given
endpoints,
underlies
the
security
of
many
schemes.
supersingular
isogenies
to
allow
two
parties
to
derive
a
common
secret
with
commutative
isogeny
steps.
CSIDH
instead
relies
on
the
action
of
a
class
group
on
the
set
of
elliptic
curves,
performing
exponentiations
in
a
group
to
arrive
at
a
shared
secret.
been
undermined
by
practical
attacks,
and
implementations
face
performance
and
side-channel
considerations.
As
a
result,
isogenybased
schemes
have
not
achieved
broad
deployment
comparable
with
lattice-based
or
code-based
post-quantum
schemes.
remains
active,
with
new
constructions
and
specialty
optimizations
being
published
as
quantum-era
cryptography
evolves.