A subexponential-time, polynomial quantum space algorithm for inverting the CM group action

A subexponential-time, polynomial quantum space algorithm for inverting the CM group action

We present a quantum algorithm which computes group action inverses of the complex multiplication group action on isogenous ordinary elliptic curves, using subexponential time, but only polynomial quantum space. One application of this algorithm is that it can be used to find the private key from th...

Full description

Bibliographic Details
Main Authors: Jao David, LeGrow Jason, Leonardi Christopher, Ruiz-Lopez Luis
Format: Article
Language:English
Published: De Gruyter 2020-06-01
Series:Journal of Mathematical Cryptology
Subjects:
isogeny-based cryptography
quantum algorithms
quantum cryptanalysis
68q12
94a60
14k02
Online Access:https://doi.org/10.1515/jmc-2015-0057
Description
Summary:We present a quantum algorithm which computes group action inverses of the complex multiplication group action on isogenous ordinary elliptic curves, using subexponential time, but only polynomial quantum space. One application of this algorithm is that it can be used to find the private key from the public key in the isogeny-based CRS and CSIDH cryptosystems. Prior claims by Childs, Jao, and Soukharev of such a polynomial quantum space algorithm for this problem are false; our algorithm (along with contemporaneous, independent work by Biasse, Iezzi, and Jacobson) is the first such result.
ISSN:1862-2976
1862-2984

Similar Items