CryptoDB
PRISM: Simple And Compact Identification and Signatures From Large Prime Degree Isogenies
| Authors: |
|
|---|---|
| Download: | |
| Conference: | PKC 2025 |
| Abstract: | The problem of computing an isogeny of large prime degree from a supersingular elliptic curve of unknown endomorphism ring is assumed to be hard both for classical as well as quantum computers. In this work, we first build a two-round identification protocol whose security reduces to this problem. The challenge consists of a random large prime $q$ and the prover simply replies with an efficient representation of an isogeny of degree $q$ from its public key. Using the hash-and-sign paradigm, we then derive a signature scheme with a very simple and flexible signing procedure and prove its security in the standard model. Our optimized C implementation of the signature scheme shows that signing is roughly $1.8\times$ faster than all SQIsign variants, whereas verification is $1.4\times$ times slower. The sizes of the public key and signature are comparable to existing schemes. |
BibTeX
@inproceedings{pkc-2025-35046,
title={PRISM: Simple And Compact Identification and Signatures From Large Prime Degree Isogenies},
publisher={Springer-Verlag},
author={Andrea Basso and Giacomo Borin and Wouter Castryck and Maria Corte-Real Santos and Riccardo Invernizzi and Antonin Leroux and Luciano Maino and Frederik Vercauteren and Benjamin Wesolowski},
year=2025
}