SIKE – Supersingular Isogeny Key Encapsulation
SIKE is an isogeny-based key encapsulation suite based on pseudo-random walks in supersingular isogeny graphs, thay was submitted to the NIST standardization process on post-quantum cryptography. It contains two algorithms:
- A CPA-secure public key encryption algorithm SIKE.PKE, and
- A CCA-secure key encapsulation mechanism SIKE.KEM,
each instantiated with three parameter sets: SIKEp503, SIKEp571 and SIKEp964.
|2017-11-30:||SIKE proposal submitted to NIST PQC process.|
The submission package can be downloaded from the NIST web site or from this server.
Note that these two packages are not identical; the NIST package contains corrupted PDF files which were corrupted post-submission. We recommend that you download the package from this server to get the originally submitted, uncorrupted version.
If you just want the uncorrupted PDF file, it is available here.
Gora Adj, Daniel Cervantes-Vázquez, Jesús-Javier Chi-Domínguez, Alfred Menezes and Francisco Rodríguez-Henríquez. On the cost of computing isogenies between supersingular elliptic curves, Apr. 2018.
Steven D. Galbraith, Christophe Petit, Barak Shani, and Yan Bo Ti. On the security of supersingular isogeny cryptosystems, Sep. 2016.
Craig Costello, Patrick Longa and Michael Naehrig. Efficient algorithms for supersingular isogeny Diffie-Hellman, Apr. 2016.
Luca De Feo, David Jao and Jérôme Plût. Towards Quantum-Resistant Cryptosystems From Supersingular Elliptic Curve Isogenies, Sep. 2011.
Luca De Feo. Mathematics of Isogeny Based Cryptography, Nov. 2017.
Wouter Castryck. Elliptic curves are quantum dead, long live elliptic curves, May 2017.
- David Urbanik. A friendly introduction to Supersingular Isogeny Diffie-Hellman, Mar. 2017.
David Jao. Supersingular Isogeny Key Encapsulation, NIST PQC Standardization Conference, Apr. 2018.
Craig Costello. Key encapsulation using supersingular isogenies, Nov. 2017.
Luca De Feo. 20 Years of Isogeny-Based Cryptography, Nov. 2017.
David Urbanik. Introduction to the post-quantum Supersingular Isogeny Diffie-Hellman protocol (slides), Jul. 2016.
The SIKE submission contains six implementations. These are available from the submission package, or individually below:
- Reference implementation
- Optimized implementation
- AMD64 implementation
- ARM64 implementation
- VHDL implementation
- Weierstrass implementation
All of the above implementations are licensed under the MIT license.
The following implementations are available from third parties:
Known Answer Test
Known Answer Test (KAT) files are available from the submission package, or individually from this server.
- David Jao, University of Waterloo and evolutionQ, Inc. (principal submitter)
- Reza Azarderakhsh, Florida Atlantic University
- Matthew Campagna, Amazon
- Craig Costello, Microsoft Research
- Luca De Feo, Université de Versailles – Saint-Quentin
- Basil Hess, Infosec Global
- Amir Jalali, Florida Atlantic University
- Brian Koziel, Texas Instruments
- Brian LaMacchia, Microsoft Research
- Patrick Longa, Microsoft Research
- Michael Naehrig, Microsoft Research
- Joost Renes, Radboud University
- Vladimir Soukharev, Infosec Global
- David Urbanik, University of Waterloo