{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,9]],"date-time":"2025-09-09T22:31:00Z","timestamp":1757457060553,"version":"3.40.5"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783031172335"},{"type":"electronic","value":"9783031172342"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-17234-2_20","type":"book-chapter","created":{"date-parts":[[2022,9,25]],"date-time":"2022-09-25T21:02:18Z","timestamp":1664139738000},"page":"422-450","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Post-Quantum Signal Key Agreement from\u00a0SIDH"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0775-4019","authenticated-orcid":false,"given":"Samuel","family":"Dobson","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7114-8377","authenticated-orcid":false,"given":"Steven D.","family":"Galbraith","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,9,21]]},"reference":[{"key":"20_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-030-17653-2_5","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"J Alwen","year":"2019","unstructured":"Alwen, J., Coretti, S., Dodis, Y.: The double ratchet: security notions, proofs, and modularization for the Signal protocol. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11476, pp. 129\u2013158. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17653-2_5"},{"key":"20_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1007\/978-3-319-72565-9_3","volume-title":"Selected Areas in Cryptography \u2013 SAC 2017","author":"R Azarderakhsh","year":"2018","unstructured":"Azarderakhsh, R., Jao, D., Leonardi, C.: Post-quantum static-static key agreement using multiple protocol instances. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 45\u201363. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-72565-9_3"},{"issue":"4","key":"20_CR3","doi-asserted-by":"publisher","first-page":"351","DOI":"10.46586\/tches.v2021.i4.351-387","volume":"2021","author":"G Banegas","year":"2021","unstructured":"Banegas, G., et al.: CTIDH: faster constant-time CSIDH. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(4), 351\u2013387 (2021)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"20_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"404","DOI":"10.1007\/978-3-030-81652-0_16","volume-title":"Selected Areas in Cryptography","author":"J Brendel","year":"2021","unstructured":"Brendel, J., Fischlin, M., G\u00fcnther, F., Janson, C., Stebila, D.: Towards post-quantum security for Signal\u2019s X3DH handshake. In: Dunkelman, O., Jacobson, Jr., M.J., O\u2019Flynn, C. (eds.) SAC 2020. LNCS, vol. 12804, pp. 404\u2013430. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-81652-0_16"},{"key":"20_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-97131-1_1","volume-title":"Public-Key Cryptography","author":"J Brendel","year":"2022","unstructured":"Brendel, J., Fiedler, R., G\u00fcnther, F., Janson, C., Stebila, D.: Post-quantum asynchronous deniable key exchange and the Signal handshake. In: Hanaoka, G., Shikata, J., Watanabe, Y. (eds.) PKC 2022. LNCS, vol. 13178, pp. 3\u201334. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-030-97131-1_1"},{"key":"20_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"464","DOI":"10.1007\/978-3-030-64834-3_16","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2020","author":"W Beullens","year":"2020","unstructured":"Beullens, W., Katsumata, S., Pintore, F.: Calamari and Falafl: logarithmic (linkable) ring signatures from isogenies and lattices. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12492, pp. 464\u2013492. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64834-3_16"},{"key":"20_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1007\/BFb0024447","volume-title":"Crytography and Coding","author":"S Blake-Wilson","year":"1997","unstructured":"Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30\u201345. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/BFb0024447"},{"key":"20_CR8","unstructured":"Campagna, M., et al.: Supersingular isogeny key encapsulation (2019). https:\/\/sike.org\/"},{"key":"20_CR9","unstructured":"Castryck, W., Decru, T.: An efficient key recovery attack on SIDH (preliminary version). Cryptology ePrint Archive, Paper 2022\/975 (2022). https:\/\/ia.cr\/2022\/975"},{"issue":"4","key":"20_CR10","doi-asserted-by":"publisher","first-page":"1914","DOI":"10.1007\/s00145-020-09360-1","volume":"33","author":"K Cohn-Gordon","year":"2020","unstructured":"Cohn-Gordon, K., Cremers, C., Dowling, B., Garratt, L., Stebila, D.: A formal security analysis of the Signal messaging protocol. J. Cryptol. 33(4), 1914\u20131983 (2020)","journal-title":"J. Cryptol."},{"key":"20_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1007\/3-540-44987-6_28","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2001","author":"R Canetti","year":"2001","unstructured":"Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453\u2013474. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44987-6_28"},{"key":"20_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"395","DOI":"10.1007\/978-3-030-03332-3_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2018","author":"W Castryck","year":"2018","unstructured":"Castryck, W., Lange, T., Martindale, C., Panny, L., Renes, J.: CSIDH: an efficient post-quantum commutative group action. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11274, pp. 395\u2013427. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-03332-3_15"},{"issue":"5","key":"20_CR13","doi-asserted-by":"publisher","first-page":"364","DOI":"10.1049\/ise2.12027","volume":"15","author":"D Cervantes-V\u00e1zquez","year":"2021","unstructured":"Cervantes-V\u00e1zquez, D., Ochoa-Jim\u00e9nez, E., Rodr\u00edguez-Henr\u00edquez, F.: Extended supersingular isogeny Diffie-Hellman key exchange protocol: revenge of the SIDH. IET Inf. Secur. 15(5), 364\u2013374 (2021)","journal-title":"IET Inf. Secur."},{"key":"20_CR14","unstructured":"De Feo, L., Dobson, S., Galbraith, S.D., Zobernig, L.: SIDH proof of knowledge. Cryptology ePrint Archive, Paper 2021\/1023 (2021). https:\/\/ia.cr\/2021\/1023"},{"issue":"4","key":"20_CR15","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1080\/23799927.2020.1822446","volume":"5","author":"S Dobson","year":"2020","unstructured":"Dobson, S., Galbraith, S.D., LeGrow, J., Ti, Y.B., Zobernig, L.: An adaptive attack on 2-SIDH. Int. J. Comput. Math. Comput. Syst. Theory 5(4), 282\u2013299 (2020)","journal-title":"Int. J. Comput. Math. Comput. Syst. Theory"},{"key":"20_CR16","unstructured":"Duits, I.: The post-quantum Signal protocol: secure chat in a quantum world. Master\u2019s thesis, University of Twente (2019). https:\/\/essay.utwente.nl\/77239\/"},{"key":"20_CR17","unstructured":"Galbraith, S.D.: Authenticated key exchange for SIDH. Cryptology ePrint Archive, Paper 2018\/266 (2018). https:\/\/ia.cr\/2018\/266"},{"key":"20_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-662-53887-6_3","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"SD Galbraith","year":"2016","unstructured":"Galbraith, S.D., Petit, C., Shani, B., Ti, Y.B.: On the security of supersingular isogeny cryptosystems. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 63\u201391. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53887-6_3"},{"key":"20_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/978-3-319-70500-2_12","volume-title":"Theory of Cryptography","author":"D Hofheinz","year":"2017","unstructured":"Hofheinz, D., H\u00f6velmanns, K., Kiltz, E.: A modular analysis of the Fujisaki-Okamoto transformation. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 341\u2013371. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70500-2_12"},{"key":"20_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"410","DOI":"10.1007\/978-3-030-75248-4_15","volume-title":"Public-Key Cryptography \u2013 PKC 2021","author":"K Hashimoto","year":"2021","unstructured":"Hashimoto, K., Katsumata, S., Kwiatkowski, K., Prest, T.: An efficient and generic construction for Signal\u2019s handshake (X3DH): post-quantum, state leakage secure, and deniable. In: Garay, J.A. (ed.) PKC 2021. LNCS, vol. 12711, pp. 410\u2013440. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-75248-4_15"},{"key":"20_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/978-3-642-25405-5_2","volume-title":"Post-Quantum Cryptography","author":"D Jao","year":"2011","unstructured":"Jao, D., De Feo, L.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 19\u201334. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25405-5_2"},{"key":"20_CR22","unstructured":"Kirkwood, D., Lackey, B.C., McVey, J., Motley, M., Solinas, J.A., Tuller, D.: Failure is not an option: standardization issues for post-quantum key agreement. In: Workshop on Cybersecurity in a Post-Quantum World (2015)"},{"key":"20_CR23","unstructured":"Maino, L., Martindale, C.: An attack on SIDH with arbitrary starting curve. Cryptology ePrint Archive, Paper 2022\/1026 (2022). https:\/\/ia.cr\/2022\/1026"},{"key":"20_CR24","unstructured":"Marlinspike, M., Perrin, T.: The double ratchet algorithm (2016). https:\/\/signal.org\/docs\/specifications\/doubleratchet\/. Accessed 20 Nov 2016"},{"key":"20_CR25","unstructured":"Marlinspike, M., Perrin, T.: The X3DH key agreement protocol 2016. https:\/\/signal.org\/docs\/specifications\/x3dh\/. Accessed 04 Nov 2016"},{"key":"20_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1007\/978-3-319-11659-4_12","volume-title":"Post-Quantum Cryptography","author":"C Peikert","year":"2014","unstructured":"Peikert, C.: Lattice cryptography for the internet. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 197\u2013219. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-11659-4_12"},{"key":"20_CR27","unstructured":"Perrin, T.: The XEdDSA and VXEdDSA signature schemes 2016. https:\/\/signal.org\/docs\/specifications\/xeddsa\/. Accessed 20 Oct 2016"},{"key":"20_CR28","unstructured":"Robert, D.: Breaking SIDH in polynomial time. Cryptology ePrint Archive, Paper 2022\/1038 (2022). https:\/\/ia.cr\/2022\/1038"},{"key":"20_CR29","doi-asserted-by":"crossref","unstructured":"Sun, X., Tian, H., Wang, Y.: Toward quantum-resistant strong designated verifier signature from isogenies. In: INCoS 2012, pp. 292\u2013296. IEEE (2012)","DOI":"10.1109\/iNCoS.2012.70"},{"key":"20_CR30","doi-asserted-by":"crossref","unstructured":"Unger, N., Goldberg, I.: Improved strongly deniable authenticated key exchanges for secure messaging. Proc. Priv. Enh. Technol. 2018(1), 21\u201366 (2018)","DOI":"10.1515\/popets-2018-0003"},{"key":"20_CR31","unstructured":"V\u00e9lu, J.: Isog\u00e9nies entre courbes elliptiques. C. R. Acad. Sci. Paris S\u00e9r. A-B 273, A238\u2013A241 (1971)"},{"key":"20_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"188","DOI":"10.1007\/978-3-030-57878-7_10","volume-title":"Applied Cryptography and Network Security","author":"N Vatandas","year":"2020","unstructured":"Vatandas, N., Gennaro, R., Ithurburn, B., Krawczyk, H.: On the cryptographic deniability of the Signal protocol. In: Conti, M., Zhou, J., Casalicchio, E., Spognardi, A. (eds.) ACNS 2020. LNCS, vol. 12147, pp. 188\u2013209. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-57878-7_10"}],"container-title":["Lecture Notes in Computer Science","Post-Quantum Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-17234-2_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,25]],"date-time":"2022-09-25T21:04:31Z","timestamp":1664139871000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-17234-2_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031172335","9783031172342"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-17234-2_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"21 September 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PQCrypto","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Post-Quantum Cryptography","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 September 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 September 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pqcrypto2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/2022.pqcrypto.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"66","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"35% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.1","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}