Place : LIX Salle Henri Poincaré
Abstract : Supersingular isogeny-based cryptography is one of the newer families of post-quantum proposals. An interesting feature thereof is their comparatively low bandwidth occupation, which stems from the possibility of key compression. However, compression and decompression introduce a significant overhead to the overall processing cost despite recent progress. In this talk I indicate the main processing bottlenecks involved in key compression and decompression, and describe recent, substantial improvements for each of them. Some of these techniques may have an independent interest for other, more conventional areas of elliptic curve cryptography as well.
