Trapdoor DDH groups are an appealing cryptographic primitive introduced by Dent–Galbraith (ANTS 2006), where DDH instances are hard to solve unless provided with additional information (i.e., a trapdoor). In this paper, we introduce a new trapdoor DDH group construction using pairings and isogenies of supersingular elliptic curves, and present two instantiations of it. The construction solves all shortcomings of previous constructions as identified by Seurin (RSA 2013). We also present partial attacks on a previous construction due to Dent–Galbraith, and we provide a formal security definition of the related notion of “trapdoor pairings”.
CITATION STYLE
Kutas, P., Petit, C., & Silva, J. (2021). Trapdoor DDH Groups from Pairings and Isogenies. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 12804 LNCS, pp. 431–450). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-81652-0_17
Mendeley helps you to discover research relevant for your work.