Isogeny-based cryptography: from theory to practice

The security of many cryptographic protocols in use today relies on the computational hardness of mathematical problems such as integer factorization. These problems can be solved using quantum computers, and therefore most of our security infrastructures will become completely insecure once quantum computers are built. Post-quantum cryptography aims at developing security protocols that will remain secure even after quantum computers are built. The biggest security agencies in the world including GCHQ and the NSA have recommended a move towards post-quantum protocols, and the new generation of cryptographic standards will aim at post-quantum security.

This project will consider cryptography based on isogeny problems, a particular family of protocols that are considered for post-quantum security. Isogeny-based protocols are particularly appealing for three reasons 1) they require very small keys compared to other post-quantum cryptography candidates, saving on bandwidth and storage 2) there exists an isogeny-based version of the widely used Diffie-Hellman protocol, which can be used as a direct replacement of current instantiations 3) their mathematical grounding has a lot in common with currently used elliptic curve protocols, which will accelerate implementations in a wide range of devices.

Isogeny-based cryptography protocols have only been invented recently, and like many other protocols currently investigated for post-quantum security they yet have to survive the "test of time". As they have not been investigated as thoroughly as currently deployed solutions, they may be more vulnerable to unanticipated weaknesses. Moreover, the protocols are still at the stage of theoretical papers and remain to be evaluated against the specific constraints of real-life applications.

This project will advance the field of isogeny-based cryptography, from its mathematical grounding right up to the application of protocols in the real world. We will develop new protocols, new analysis techniques, and determine the suitability of isogeny-based cryptography for selected applications.

Once quantum computers are built, the main cryptographic protocols in use today will become completely insecure. This will dramatically impact the digital security of individuals, industry and governments in the UK and worldwide. Security agencies including GCHQ and the NSA perceive this as a very serious threat, and they are therefore encouraging the development of new cryptographic protocols that will remain secure in the presence of quantum computers. While quantum computers are still in an early stage of development, research in post-quantum cryptography is already needed today because, as was stressed by NIST mathematician Dustin Moody, "it will take 10 to 20 years to get new algorithms selected, standardized and implemented out into the field". Our project fits in this context, focusing on one promising approach for building such protocols.


Industrial impact

Even though quantum computers are in their infancy, Google has taken a first step toward adapting to the post-quantum cryptography world by launching a two-year experiment that involves incorporating into its Chrome browser a modified version of a key exchange algorithm called NewHope. This could be the beginning of post-quantum cryptography entering main stream. There are a few SMEs entering into this space in UK. As shown by National Cyber Security Centre (NCSC) support to our project, this project will contribute to the security of the UK and the world's digital economies by developing and evaluating post-quantum cryptographic algorithms that are currently considered for standardization. In particular, the research will strongly influence the development of new cryptographic standards under development at NIST. Industry will adopt these standards in their security products requiring long term security. We will particularly investigate security applications developed by our project partner L3-TRL.


Societal impact

Quantum computers will dramatically impact the digital security of individuals, industry and governments in the UK and worldwide. As such, individuals and governments will benefit from new, more secure cryptographic protocols, to protect their privacy and national security assets. This is again evidenced in NCSC's support to our project.
Starting from December 2017 and for the next few years NIST will be reviewing standardization proposals for post-quantum cryptography algorithms, including one proposal based on isogeny problems. Our engagement with NCSC and involvement in standards regulation through NIST will lead to the broadest possible impact on ubiquitous security applications. This may eventually provide benefits for all citizens in this age of connected digital technologies. New protocols offering post-quantum security will spread to all aspects of technology, from personal devices to national infrastructure. The focus of the project on the transition from theory to practice will ensure the impact propagates outwards from core academic communities to industry and on to society as a whole.


Academic impact

The research findings in this project will also have a wide academic impact, as detailed in the "academic beneficiaries" section. There will be both immediate and longer term impacts on the cryptography and algorithmic number theory communities.