SIKE – Supersingular Isogeny Key Encapsulation

SIKE is an isogeny-based key encapsulation suite based on pseudo-random walks in supersingular isogeny graphs, that was submitted to the NIST standardization process on post-quantum cryptography. It contains two algorithms:

each instantiated with four parameter sets: SIKEp434, SIKEp503, SIKEp610 and SIKEp751.

Submission status

SIKE and SIDH are insecure and should not be used. For more information, please refer to our statement to NIST.

Updates

2021-06-09:
$IKE challenge launched.
2020-10-10:
3rd round files available.
2020-04-16:
List of implementation updates submitted to NIST.
2019-04-17:
New version of specification available from this web site (list of changes and errata).
2019-04-10:
Updated specification for the 2nd round.
2017-11-30:
SIKE proposal submitted to NIST PQC process.

Specification

NIST submission

The original submission package can be downloaded from the NIST web site. An updated version of the submission package (with corrections) is available from this server, in tar.gz or ZIP format.

The (updated) specification document alone can also be downloaded separately.

Resources

Research articles

Hardware implementation

Software implementation

Enhancements

Security analysis

Expository articles

Industry studies

Talks

Implementation

The SIKE submission contains seven implementations. These are available from the submission package, or individually below:

All of the implementations are licensed under the MIT license.

The following implementation is available from Microsoft Research:

The following implementations are available from third parties:

Known Answer Test

Known Answer Test (KAT) files are available from the submission package, or individually from this server.

Authors

Contact