Skip to Main content Skip to Navigation
Conference papers

Stronger and Faster Side-Channel Protections for CSIDH

Abstract : CSIDH is a recent quantum-resistant primitive based on the difficulty of finding isogeny paths between supersingular curves. Recently, two constant-time versions of CSIDH have been proposed: first by Meyer, Campos and Reith, and then by Onuki, Aikawa, Yamazaki and Takagi. While both offer protection against timing attacks and simple power consumption analysis, they are vulnerable to more powerful attacks such as fault injections. In this work, we identify and repair two oversights in these algorithms that compromised their constant-time character. By exploiting Edwards arithmetic and optimal addition chains, we produce the fastest constant-time version of CSIDH to date. We then consider the stronger attack scenario of fault injection, which is relevant for the security of CSIDH static keys in embedded hardware. We propose and evaluate a dummy-free CSIDH algorithm. While these CSIDH variants are slower, their performance is still within a small constant factor of less-protected variants. Finally, we discuss derandomized CSIDH algorithms.
Document type :
Conference papers
Complete list of metadata
Contributor : Benjamin Smith <>
Submitted on : Tuesday, July 23, 2019 - 9:51:18 AM
Last modification on : Monday, February 10, 2020 - 6:14:08 PM

Links full text




Daniel Cervantes-Vázquez, Mathilde Chenu, Jesús-Javier Chi-Domínguez, Luca de Feo, Francisco Rodríguez-Henríquez, et al.. Stronger and Faster Side-Channel Protections for CSIDH. Latincrypt 2019 - 6th International Conference on Cryptology and Information Security in Latin, Oct 2019, Santiago de Chile, Chile. ⟨10.1007/978-3-030-30530-7_9⟩. ⟨hal-02190863⟩



Record views