2021
DOI: 10.46586/tches.v2021.i4.618-649
|View full text |Cite
|
Sign up to set email alerts
|

Batching CSIDH Group Actions using AVX-512

Abstract: Commutative Supersingular Isogeny Diffie-Hellman (or CSIDH for short) is a recently-proposed post-quantum key establishment scheme that belongs to the family of isogeny-based cryptosystems. The CSIDH protocol is based on the action of an ideal class group on a set of supersingular elliptic curves and comes with some very attractive features, e.g. the ability to serve as a “drop-in” replacement for the standard elliptic curve Diffie-Hellman protocol. Unfortunately, the execution time of CSIDH is prohibitively h… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1

Citation Types

0
4
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
2
1
1
1

Relationship

0
5

Authors

Journals

citations
Cited by 6 publications
(4 citation statements)
references
References 18 publications
0
4
0
Order By: Relevance
“…We also do not consider vectorization: if it was to be used, we expect that the best way to exploit it would be at the field arithmetic layer. This would lead to improvements similar to those from [24][25][26] which are well documented and are largely parallel to our multi-core improvements.…”
Section: Assumptions and Generalizationsmentioning
confidence: 60%
See 2 more Smart Citations
“…We also do not consider vectorization: if it was to be used, we expect that the best way to exploit it would be at the field arithmetic layer. This would lead to improvements similar to those from [24][25][26] which are well documented and are largely parallel to our multi-core improvements.…”
Section: Assumptions and Generalizationsmentioning
confidence: 60%
“…Different forms of parallelism have been explored at various layers of isogeny-based protocols. For instance, the use of vectorization through Intel's Advanced Vector Extensions (AVX-512) has been exploited for the finite field arithmetic layer, both in the context of CSIDH [24] and of the now obsolete SIKE protocol [25,26], obtaining speedup factors in the order of 1.5. Additionally, it has also been proposed to use AVX-512 to batch multiple evaluations of the protocols, leading to increases in throughput of up to 3.6 for CSIDH [24] and 4.6 in SIKE [26].…”
Section: Assumptions and Generalizationsmentioning
confidence: 99%
See 1 more Smart Citation
“…Cheng et al [26] proposed a highly vectorized implementation for SIKE. [27] presented an implementation using AVX-512 to batch CSIDH group actions. [28] presented an implementation using AVX-512 for SPHINCS+.…”
Section: Introductionmentioning
confidence: 99%