{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,8]],"date-time":"2026-01-08T05:01:08Z","timestamp":1767848468029,"version":"3.49.0"},"reference-count":41,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2022,5,31]],"date-time":"2022-05-31T00:00:00Z","timestamp":1653955200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Wroc\u0142aw University of Science and Technology","award":["8211104160"],"award-info":[{"award-number":["8211104160"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"Public-key cryptography provides security for digital systems and communication. Traditional cryptographic solutions are constantly improved, e.g., to suppress brute-force attacks. However, Shor\u2019s algorithm suited for quantum computers can break the bedrock of most currently used systems, i.e., the RSA problem and discrete logarithm problem. Post-quantum cryptography can withstand attacks carried out by quantum computers. Several families of post-quantum systems exist; one of them is isogeny-based cryptography. As a main contribution, in this paper, we provide a survey of chosen, fundamental isogeny-based schemes. The target audience of this review is researchers interested in practical aspects of this field of cryptography; therefore the survey contains exemplary implementations. Our goal was not to develop an efficient implementation, but to provide materials that make it easier to analyze isogeny-based cryptography.<\/jats:p>","DOI":"10.3390\/cryptography6020027","type":"journal-article","created":{"date-parts":[[2022,5,31]],"date-time":"2022-05-31T09:24:29Z","timestamp":1653989069000},"page":"27","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["Review of Chosen Isogeny-Based Cryptographic Schemes"],"prefix":"10.3390","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9361-3823","authenticated-orcid":false,"given":"Bartosz","family":"Drzazga","sequence":"first","affiliation":[{"name":"Faculty of Information and Communication Technology, Wroc\u0142aw University of Science and Technology, 27 Wybrzeze Wyspianskiego St., 50-370 Wroclaw, Poland"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5326-3627","authenticated-orcid":false,"given":"\u0141ukasz","family":"Krzywiecki","sequence":"additional","affiliation":[{"name":"Faculty of Information and Communication Technology, Wroc\u0142aw University of Science and Technology, 27 Wybrzeze Wyspianskiego St., 50-370 Wroclaw, Poland"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2022,5,31]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"1484","DOI":"10.1137\/S0097539795293172","article-title":"Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer","volume":"26","author":"Shor","year":"1997","journal-title":"SIAM J. Comput."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"120","DOI":"10.1145\/359340.359342","article-title":"A method for obtaining digital signatures and public-key cryptosystems","volume":"2","author":"Rivest","year":"1978","journal-title":"Commun. ACM"},{"key":"ref_3","unstructured":"(2022, February 26). NIST Post-Quantum Cryptography Competition, Available online: https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Buhler, J.P. (1998). NTRU: A ring-based public key cryptosystem. Algorithmic Number Theory, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/BFb0054849"},{"key":"ref_5","unstructured":"Fouque, P., Hoffstein, J., Kirchner, P., Lyubashevsky, V., Pornin, T., Prest, T., Ricosset, T., Seiler, G., Whyte, W., and Zhang, Z. (2022, February 26). Falcon: Fast-Fourier Lattice-Based Compact Signatures over NTRU. Available online: https:\/\/www.di.ens.fr\/~prest\/Publications\/falcon.pdf."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Ioannidis, J., Keromytis, A., and Yung, M. (2005). Rainbow, a New Multivariable Polynomial Signature Scheme. Applied Cryptography and Network Security, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/b137093"},{"key":"ref_7","unstructured":"McEliece, R.J. (2022, February 26). A Public-Key Cryptosystem Based on Algebraic Coding Theory, Available online: https:\/\/ipnpr.jpl.nasa.gov\/progress_report2\/42-44\/44N.PDF."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Oswald, E., and Fischlin, M. (2015). SPHINCS: Practical Stateless Hash-Based Signatures. Advances in Cryptology-EUROCRYPT 2015, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-662-46800-5"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Chase, M., Derler, D., Goldfeder, S., Orlandi, C., Ramacher, S., Rechberger, C., Slamanig, D., and Zaverucha, G. (November, January 30). Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS \u201917), Dallas, TX, USA.","DOI":"10.1145\/3133956.3133997"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Yang, B.Y. (2011). Towards Quantum-Resistant Cryptosystems from Supersingular Elliptic Curve Isogenies. Post-Quantum Cryptography, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-642-25405-5"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Kiayias, A. (2017). A Post-quantum Digital Signature Scheme Based on Supersingular Isogenies. Financial Cryptography and Data Security, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-319-70972-7"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Sun, X., Tian, H., and Wang, Y. (2012, January 19\u201321). Toward Quantum-Resistant Strong Designated Verifier Signature from Isogenies. Proceedings of the 2012 Fourth International Conference on Intelligent Networking and Collaborative Systems, Bucharest, Romania.","DOI":"10.1109\/iNCoS.2012.70"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Mosca, M. (2014). Isogeny-Based Quantum-Resistant Undeniable Signatures. Post-Quantum Cryptography, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-319-11659-4"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Barreto, P., Nascimento, A., Oliveira, G., and Benits, W. (2018). Supersingular Isogeny Oblivious Transfer (SIOT). arXiv.","DOI":"10.5753\/sbseg.2019.13965"},{"key":"ref_15","unstructured":"Castryck, W., Lange, T., Martindale, C., Panny, L., and Renes, J. (2021, November 18). CSIDH: An Efficient Post-Quantum Commutative Group Action. Available online: https:\/\/cSIDH.isogeny.org\/."},{"key":"ref_16","unstructured":"(2022, February 26). SIKE\u2014Supersingular Isogeny Key Encapsulation. Available online: https:\/\/sike.org."},{"key":"ref_17","unstructured":"Moriai, S., and Wang, H. (2020). Oblivious Pseudorandom Functions from Isogenies. Advances in Cryptology-ASIACRYPT 2020, Springer. Lecture Notes in Computer Science."},{"key":"ref_18","unstructured":"Joseph, H. (1992). The arithmetic of elliptic curves. Graduate Texts in Mathematics, Springer."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Cheon, J., and Takagi, T. (2016). On the Security of Supersingular Isogeny Cryptosystems. Advances in Cryptology\u2014ASIACRYPT 2016, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-662-53887-6"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Cid, C., and Jacobson, M. (2019). On the Cost of Computing Isogenies Between Supersingular Elliptic Curves. Selected Areas in Cryptography\u2014SAC 2018, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-030-10970-7"},{"key":"ref_21","first-page":"145","article-title":"Public-Key Cryptosystem Based on Isogenies","volume":"2006","author":"Alexander","year":"2006","journal-title":"IACR Cryptol. Eprint Arch."},{"key":"ref_22","unstructured":"Costello, C. (2021). The Case for SIKE: A Decade of the Supersingular Isogeny Problem. Cryptol. Eprint Arch., Available online: https:\/\/eprint.iacr.org\/2021\/543."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"644","DOI":"10.1109\/TIT.1976.1055638","article-title":"New directions in cryptography","volume":"22","author":"Diffie","year":"1976","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"572","DOI":"10.1007\/978-3-662-53018-4_21","article-title":"Efficient Algorithms for Supersingular Isogeny Diffie\u2013Hellman","volume":"Volume 9814","author":"Costello","year":"2016","journal-title":"Proceedings of the 36th Annual International Cryptology Conference on Advances in Cryptology\u2014CRYPTO 2016"},{"key":"ref_25","unstructured":"Oswald, E., and Fischlin, M. (2015). Non-Interactive Zero-Knowledge Proofs in the Quantum Random Oracle Model. Advances in Cryptology\u2014EUROCRYPT 2015, Springer. Lecture Notes in Computer Science."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Ambainis, A., Rosmanis, A., and Unruh, D. (2014, January 18\u201321). Quantum Attacks on Classical Proof Systems: The Hardness of Quantum Rewinding. Proceedings of the 2014 IEEE 55th Annual Symposium on Foundations of Computer Science (FOCS\u201914), IEEE Computer Society, Washington, DC, USA.","DOI":"10.1109\/FOCS.2014.57"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Sako, K., and Sarkar, P. (2013). The Fiat\u2013Shamir Transformation in a Quantum World. Advances in Cryptology\u2014ASIACRYPT 2013, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-642-42033-7"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Chou, T., and Orlandi, C. (2015, January 23\u201326). The simplest protocol for oblivious transfer. Proceedings of the International Conference on Cryptology and Information Security in Latin America, Guadalajara, Mexico. Available online: https:\/\/eprint.iacr.org\/2015\/267.pdf.","DOI":"10.1007\/978-3-319-22174-8_3"},{"key":"ref_29","unstructured":"Wagner, D. (2022, February 26). Midterm Solution. Available online: http:\/\/www.cs.berkeley.edu\/~daw\/teaching\/cs276-s06\/mtsol.ps."},{"key":"ref_30","unstructured":"Reza, A., David, J., Brian, K., Jason, L., Vladimir, S., and Oleg, T. (2020). How Not to Create an Isogeny-Based PAKE, Springer."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"766","DOI":"10.1016\/j.ins.2007.07.005","article-title":"A novel ID-based designated verifier signature scheme","volume":"178","author":"Zhang","year":"2008","journal-title":"Inf. Sci."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Enokido, T., Yan, L., Xiao, B., Kim, D., Dai, Y., and Yang, L.T. (2005). Short Designated Verifier Proxy Signature from Pairings. Embedded and Ubiquitous Computing\u2014EUC 2005 Workshops, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/11596042"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Blundo, C., and Cimato, S. (2005). Designated Verifier Signatures: Anonymity and Efficient Construction from Any Bilinear Map. Security in Communication Networks, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/b105083"},{"key":"ref_34","first-page":"1","article-title":"Strong designated verifier signature scheme: New definition and construction","volume":"490","author":"Shao","year":"2010","journal-title":"IACR Cryptol. Eprint Arch."},{"key":"ref_35","unstructured":"Bellovin, S.M., and Merritt, M. (1992, January 4\u20136). Encrypted key exchange: Password-based protocols secure against dictionary attacks. Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, USA."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1145\/242896.242897","article-title":"Strong password-only authenticated key exchange","volume":"26","author":"David","year":"1996","journal-title":"Sigcomm Comput. Commun. Rev."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Preneel, B. (2000). Provably Secure Password-Authenticated Key Exchange Using Diffie\u2013Hellman. Advances in Cryptology\u2014EUROCRYPT 2000, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/3-540-45539-6"},{"key":"ref_38","unstructured":"(2022, February 26). RFC 6124 An EAP Authentication Method Based on the Encrypted Key Exchange (EKE) Protocol. Available online: https:\/\/tools.ietf.org\/html\/rfc6124."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Steinfeld, R., and Yuen, T. (2019). Password-Based Authenticated Key Exchange from Standard Isogeny Assumptions. Provable Security, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-030-31919-9"},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1515\/jmc-2020-0071","article-title":"Towards Isogeny-Based Password-Authenticated Key Establishment","volume":"15","author":"Taraskin","year":"2020","journal-title":"J. Math. Cryptol."},{"key":"ref_41","unstructured":"Galbraith, S., and Moriai, S. (2019). CSI-FiSh: Efficient Isogeny Based Signatures Through Class Group Computations. Advances in Cryptology-ASIACRYPT 2019, Springer. Lecture Notes in Computer Science."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/6\/2\/27\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T23:22:48Z","timestamp":1760138568000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/6\/2\/27"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5,31]]},"references-count":41,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2022,6]]}},"alternative-id":["cryptography6020027"],"URL":"https:\/\/doi.org\/10.3390\/cryptography6020027","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,5,31]]}}}