Efficient supersingularity testing over GF(p) and CSIDH key validation


Key validation
Elliptic Curves

How to Cite

Banegas, G., Gilchrist, V., & Smith, B. (2022). Efficient supersingularity testing over GF(p) and CSIDH key validation. Mathematical Cryptology, 2(1), 21–35. Retrieved from https://journals.flvc.org/mathcryptology/article/view/132125


Many public-key cryptographic protocols, notably non-interactive key exchange (NIKE), require incoming public keys to be validated to mitigate some adaptive attacks. In CSIDH, an isogeny-based post-quantum NIKE, a key is deemed legitimate if the given Montgomery coefficient specifies a supersingular elliptic curve over the prime field. In this work, we survey the current supersingularity tests used for CSIDH key validation, and implement and measure two new alternative algorithms. Our implementation shows that we can determine supersingularity substantially faster, and using less memory, than the state-of-the-art.

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Copyright (c) 2022 Gustavo Banegas, Valerie Gilchrist, Benjamin Smith