Publishing house / Banach Center Publications / All volumes

Abstract

SQISign is an isogeny-based signature scheme that has short keys and signatures and is expected to be a post-quantum scheme. Its security depends on the hardness of the problem to find an isogeny between given two elliptic curves over $\mathbb{F}_{p^2}$, where $p$ is a large prime. For efficiency reasons, a public key in SQISign is taken from a set of supersingular elliptic curves with a particular property. In this paper, we investigate the security related to public keys in SQISign. First, we show some properties of the set of public keys. Next, we show that a key generation procedure used in implementing SQISign could not generate all public keys and propose a modification for the procedure. In addition, we confirm the latter result through an experiment.