• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.591-599
• /
• 2023

Due to the recent attack by Castryck-Decru, the private key of SIDH can be recovered in polynomial time so several methods have been proposed to prevent the attack. Among them, M-SIDH proposed by Fouotsa et al, counteracts the attack by masking the torsion point information during the key exchange. In this paper, we implement M-SIDH and evaluate its performance. To the best of our knowledge, this is the first implementation of M-SIDH in C language. Toward that end, we propose a method to select parameters for M-SIDH instantiation and propose a 1024-bit prime for implementation. We implemented the square-root Velu formula over the extension field for further optimization. As a result, 1129 ms is required for a key exchange in the case of MSIDH-1024, providing the classic 64-bit security level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.19-30
• /
• 2021

In this paper, when SIDH is instantiated using only 3- and 5-isogeny, we demonstrate which curve is more efficient among the Montgomery, Edwards, and Huff curves. To this end, we present the computational cost of the building blocks of SIDH on Montgomery, Edwards, and Huff curves. We also present the prime we used and parameter settings for implementation. The result of our work shows that the performance of SIDH on Montgomery and Huff curves is almost the same and they are 0.8% faster than Edwards curves. With the possibility of using isogeny of degree other than 3 and 4, the performance of 5-isogeny became even more essential. In this regard, this paper can provide guidelines on the selection of the form of elliptic curves for implementation.

• Current Optics and Photonics
• /
• v.8 no.1
• /
• pp.1-15
• /
• 2024

This paper presents a brief introduction to self-interference incoherent digital holography (SIDH). Holography conducted under incoherent light conditions has various advantages over digital holography performed with a conventional coherent light source. We categorize the methods for SIDH, which divides the incident light into two waves and modulates them differently. We also explore various optical concepts and techniques for the implementation and advancement of SIDH. This review presents the system design, performance analysis, and improvement of SIDH, as well as recent applications of SIDH, including optical sectioning and deep-learning-based SIDH.

• Review of KIISC
• /
• v.32 no.1
• /
• pp.19-29
• /
• 2022

2011 Jao와 De Feo에 의해 제안된 SIDH가 기존 타원곡선 사이의 isogeny를 이용한 암호보다 효율적인 성능을 제공하고, 그 후 2016년 Costello 등의 효율적인 연산 방법으로 SIDH 속도가 3배 이상 향상되면서, 타원곡선 사이의 isogeny를 이용한 암호가 양자 컴퓨팅 환경에서 RSA와 ECC를 대체할 암호로 주목을 받기 시작했다. 특히 isogeny 기반 암호는 다른 PQC 암호에 비해 작은 키 사이즈를 제공한다는 장점으로 현재까지 활발히 연구가 진행되고 있으며, SIDH를 기반으로 둔 SIKE는 NIST PQC 표준화 공모전 Round 3의 대체 후보이다. 다른 PQC 암호에 비해 속도가 느리다는 점이 isogeny 기반 암호의 단점인 만큼, isogeny 기반 암호는 처음 제안된 후 10년 동안 최적화를 중심으로 큰 발전을 이뤄왔다. 본 논문에서는 isogeny 기반 암호의 최신 연구 동향을 소개한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.427-431
• /
• 2019

본 논문에서는 Edwards 곡선의 w-coordinate를 이용한 isogeny로 SIDH를 구현하는 방법에 대해 처음으로 제안한다. 이를 위해, 먼저 division polynomial을 이용하여 기존 제안된 w-coordinate 3-isogeny를 4M+6S에서 2M+3S로 연산량을 감소시켜 50%의 속도 향상을 달성하였다. 또한, w-coordinate isogney공식을 사용하기 위해 새로 유한체를 제안하였으며 안전성을 분석하였다. 본 논문의 결과 Edwards 곡선을 이용한 SIDH는 Montgomery 곡선과 비해 2.29% 이상의 속도 향상을 예상할 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.73-83
• /
• 2018

There has been increasing interest from NIST and other companies in studying post-quantum cryptography in order to resist against quantum computers. Multivariate polynomial based, code based, lattice based, hash based digital signature, and isogeny based cryptosystems are one of the main categories in post quantum cryptography. Among these categories, isogeny based cryptosystem is known to have shortest key length. In this paper, we implemented Supersingular Isogeny Diffie-Hellman (SIDH) protocol efficiently on low-end mobile device. Considering the device's specification, we select supersingular curve on 523 bit prime field, and generate efficient isogeny computation tree. Our implementation of SIDH module is targeted for 32bit environment.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2020.07a
• /
• pp.557-560
• /
• 2020

최근, 광소자에서 공간 변조되는 wavefront profile 특성을 광소자의 표면 단차 변화 없이 단일 두께 박막 상에서 자유로이 구현할 수 있는 기하위상 홀로그램 (geometric phase hologram) 기반의 optical component에 대한 관심이 증대되고 있다. 특히 이를 이용해 제작된 기하위상 렌즈 (geometric phase lens)는 dynamic phase의 공간적 차이에 의해 구현되던 기존 bulk optics 기반의 lens 대비 초박형으로 제작이 가능한 파장 선택적 flat optics 기술로써, 다초점 및 경량화를 요구하는 차세대 디스플레이 기술 (augmented reality 또는 AR, mixed reality 또는 MR) 및 광파변조 및 제어를 요구하는 홀로그래픽 카메라 분야에 대한 응용처로 많은 주목을 받고 있다. 이에 본 논문에서는 해당 기하 위상렌즈에 대한 원리 및 이에 따른 개발이슈 및 해결법에 대해 연구 하였으며, 이에 대한 응용처로 기하위상 렌즈의 편광에 따른 이중초점특성을 이용해, 기존 단일 초점 형성이 가능한 AR기기 대비, 다초점 형성이 가능한 switchable dual-depth 3D AR device를 compact한 모듈과 함께 구현하였다. 또한, 기하위상렌즈의 광파 변조 및 분리특성을 이용한 기하위상 렌즈기반의 자가간섭 홀로그래픽 시스템(GP-self-interference incoherent digital holographic, GP-SIDH)에 편광 이미지센서 적용과 함께 맞춤형 설계/제작된 기하 위상렌즈를 적용함으로써, 기존 GP-SIDH 시스템대비 안정적으로 실시간 복소 홀로그램 획득이 가능한 실시간 공간영상정보 획득용 GP-SIDH을 동영상 프레임으로 구현하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.9
• /
• pp.1257-1263
• /
• 2018

Secure authentication technology is a fundamental building block for secure services for Internet of Things devices. Particularly, the multiplication operation is a core operation of public key cryptography, such as RSA, ECC, and SIDH. However, modern low-power processor, namely ARM Cortex-M3 processor, is not secure enough for practical usages, since it executes the multiplication operation in variable-time depending on the input length. When the execution is performed in variable-time, the attacker can extract the password from the measured timing. In order to resolve this issue, recent work presented constant-time solution for multiplication operation. However, the implementation still missed various speed-optimization techniques. In this paper, we analyze previous multiplication methods over ARM Cortex-M3 and provide optimized implementations to accelerate the speed-performance further. The proposed method successfully accelerates the execution-time by up-to 25.7% than previous works.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.167-177
• /
• 2024

This paper proposes optimization techniques for SeaSign, an isogeny-based digital signature algorithm. SeaSign combines class group actions of CSIDH with the Fiat-Shamir with abort. While CSIDH-based algorithms have regained attention due to polynomial time attacks for SIDH-based algorithms, SeaSiogn has not undergone significat optimization because of its inefficiency. In this paper, an efficient signing method for SeaSign is proposed. The proposed signing method is simple yet powerful, achived by repositioning the rejection sampling within the algorithm. Additionally, this paper presnts parameters that can provide optimal performance for the proposed algorithm. As a result, by using the original parameters of SeaSign, the proposed method is three times faster than the original SeaSign. Additonally, combining the newly suggested parameters with the signing method proposed in this paper yields a performance that is 290 times faster than the original SeaSign and 7.47 times faster than the method proposed by Decru et al.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.243-252
• /
• 2023

As an efficient key recovery attack on SIDH/SIKE was proposed, CSIDH is drawing attention again. CSIDH is an isogeny-based key exchange algorithm that is safe against known attacks to date, and provide efficient NIKE by modernizing CRS scheme. In this paper, we firstly present the optimized implementation of CSIDH-512 on ARM Cortex-M7. We use three-level hybrid Montgomery reduction and present the results of our implementation, limitations, and future research directions. This is a CSIDH implementation in 32-bit embedded devices that has not been previously presented, and it is expected that the results of this paper will be available to implement CSIDH and derived cryptographic algorithms in various embedded environments in the future.