International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 07 November 2019

Péter Kutas, Christophe Petit, Javier Silva
ePrint Report ePrint Report
Trapdoor DDH groups are an appealing cryptographic primitive where DDH instances are hard to solve unless provided with additional information (i.e., a trapdoor). In this paper, we introduce a new trapdoor DDH group construction using pairings and isogenies of supersingular elliptic curves. The construction solves all shortcomings of previous constructions as identified by Seurin (RSA 2013). We also present partial attacks on a previous construction due to Dent--Galbraith, and we provide a formal security definition of the related notion of ``trapdoor pairings''.

Additional news items may be found on the IACR news page.