Constructing Canonical Strategies for Parallel Implementation of Isogeny Based Cryptography

摘要

Isogeny based cryptographic systems are one of the very competitive systems that are potentially secure against quantum attacks. The run time of isogeny based systems are dominated by a sequence of point multiplications and isogeny computations performed over supersingular elliptic curves in a specific order. The order of the sequence play an important role in the run time of the algorithms, and an optimal strategy can be efficiently determined yielding the minimum cost among all possible choices when a single processor is in use. In this paper, we generalize this idea and propose new algorithms that determine strategies for K processors under two different parallelization models: Per-Curve Parallelization (PCP) and Consecutive-Curve Parallelization (CCP). We present several recursive formulation of canonical strategies and their cost under the PCP model. As a result, we show how to construct the best (optimal) strategies under the PCP model. For some cryptographically interesting parameters, we obtain up to 24% (for K = 2), 40% (for K = 4), and 51% (for K = 8) theoretical speed ups over the optimal strategies with one processor. The more general CCP model offers a refinement of PCP, and yields up to 30% (for K = 2), 47% (for K = 4), and 55% (for K = 8) theoretical speed ups over the optimal strategies with one processor.