SIKE ==== - **Algorithm type**: key encapsulation mechanism - **Main cryptographic assumption**: (supersingular) isogeny walk problem - **Scheme authors**: David Jao, Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca De Feo, Basil Hess, Amir Jalali, Brian Koziel, Brian LaMacchia, Patrick Longa, Michael Naehrig, Joost Renes, Vladimir Soukharev, David Urbanik - **Authors' website**: http://sike.org/ - **Version**: 3.4 - **Added to liboqs by**: Christian Paquin Implementation -------------- - **Source of implementation**: https://github.com/Microsoft/PQCrypto-SIDH - **Implementation version**: https://github.com/microsoft/PQCrypto-SIDH/commit/28b4b5d0a7926e0e7eb4f9c03f75887236e1cebd (bugfix on v3.4) - **License**: MIT License - **Constant-time**: Yes - **Optimizations**: Portable C, with assembly optimizations on AMD64 and selected parameter sets on ARM64 (selected at compile-time, enabled by default if available) Parameter sets -------------- | Parameter set | Security model | Claimed NIST security level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) | |----------------------|:--------------:|:---------------------------:|:-----------------------:|:-----------------------:|:-----------------------:|:--------------------------:| | SIDH-p434 | IND-CPA | 1 | 330 | 28 | 330 | 110 | | SIDH-p434-compressed | IND-CPA | 1 | 197 | 28 | 197 | 110 | | SIDH-p503 | IND-CPA | 2 | 378 | 32 | 378 | 126 | | SIDH-p503-compressed | IND-CPA | 2 | 225 | 32 | 225 | 126 | | SIDH-p610 | IND-CPA | 3 | 462 | 39 | 462 | 154 | | SIDH-p610-compressed | IND-CPA | 3 | 274 | 39 | 274 | 154 | | SIDH-p751 | IND-CPA | 5 | 564 | 48 | 564 | 188 | | SIDH-p751-compressed | IND-CPA | 5 | 335 | 48 | 335 | 188 | | SIKE-p434 | IND-CCA | 1 | 330 | 374 | 346 | 16 | | SIKE-p434-compressed | IND-CCA | 1 | 197 | 350 | 236 | 16 | | SIKE-p503 | IND-CCA | 2 | 378 | 434 | 402 | 24 | | SIKE-p503-compressed | IND-CCA | 2 | 225 | 407 | 280 | 24 | | SIKE-p610 | IND-CCA | 3 | 462 | 524 | 486 | 24 | | SIKE-p610-compressed | IND-CCA | 3 | 274 | 491 | 336 | 24 | | SIKE-p751 | IND-CCA | 5 | 564 | 644 | 596 | 32 | | SIKE-p751-compressed | IND-CCA | 5 | 335 | 602 | 410 | 32 | Additional comments ------------------- No KAT are available for SIDH.