{"id":116,"date":"2025-03-03T22:28:00","date_gmt":"2025-03-03T14:28:00","guid":{"rendered":"http:\/\/www.triode.cc\/?p=116"},"modified":"2025-09-28T09:50:07","modified_gmt":"2025-09-28T01:50:07","slug":"isogeny2-break-sidh","status":"publish","type":"post","link":"https:\/\/www.triode.cc\/index.php\/2025\/03\/03\/isogeny2-break-sidh\/","title":{"rendered":"\u540c\u6e90\uff082\uff09\u2014\u2014SIDH\u901a\u89e3"},"content":{"rendered":"\n
\n

\u53c2\u8003\u8d44\u6599\uff1aAn efficient key recovery attack on SIDH<\/a><\/p>\n<\/blockquote>\n\n\n\n

\u524d\u6587\u518d\u7eed\uff0c\u4e66\u63a5\u4e0a\u4e00\u56de<\/a>\uff0c\u4e0a\u56de\u8bb2\u5230\uff0cSIDH\u55ba2022\u5e74\u5c31\u88ab\u5ba3\u5e03\u7540\u4eba\u5b8c\u5168\u7834\u89e3\u5497\u2026\u2026<\/p>\n\n\n\n

\u524d\u8a00<\/h2>\n\n\n\n

\u672c\u6765\u6ca1\u60f3\u8fc7\u5199\u8fd9\u4e00\u7bc7\u7684\uff0c\u56e0\u4e3a\u672c\u6765\u60f3\u7740\u65e2\u7136\u90fd\u6709\u73b0\u6210\u4ee3\u7801\u4e86\uff0c\u90a3\u7528\u8d77\u6765\u5e94\u8be5\u4f1a\u5f88\u65b9\u4fbf\u5427\uff0c\u4f46\u662f\u5728NSS\u4e0a\u5237\u9898\u7684\u65f6\u5019\u505a\u5230CryptoCTF 2023\u7684\u4e00\u9053\u9898\uff1a[CryptoCTF 2023]Shevid | NSSCTF<\/a>\uff0c\u5176\u5b9e\u5c31\u662fSIDH\u4e2d\u5df2\u77e5Alice\u79c1\u94a5\u4ee5\u53ca\u53cc\u65b9\u516c\u94a5\u6765\u6062\u590dBob\u79c1\u94a5\uff0c\u4f46\u662f\u5728\u7528GiacomoPope\/Castryck-Decru-SageMath: A SageMath implementation of the Castryck-Decru Key Recovery attack on SIDH<\/a>\u7ed9\u51fa\u7684\u4ee3\u7801\u65f6\u56db\u5904\u78b0\u58c1\uff0c\u6240\u4ee5\u60f3\u7740\u5199\u8fd9\u7bc7\u535a\u5ba2\u8bb0\u5f55\u4e00\u4e0b\u5982\u4f55\u4f7f\u7528\u8fd9\u4e9b\u4ee3\u7801\u3002<\/p>\n\n\n\n

\u5bf9SIDH\u7684\u7834\u89e3<\/h2>\n\n\n\n

\u6709\u73b0\u6210\u4ee3\u7801\uff0c\u539f\u7406\u4f3c\u4e4e\u4e5f\u4e0d\u662f\u5f88\u91cd\u8981<\/del><\/p>\n\n\n\n

\u5927\u81f4\u626b\u4e86\u4e00\u773c\u8bba\u6587\u548cGitHub\u9879\u76ee\u4e0a\u7684\u6837\u4f8b\u4ee3\u7801\uff08baby_SIDH.sage<\/a>\uff09\uff0c\u53d1\u73b0\u6211\u4eec\u8981\u505a\u7684\u4f3c\u4e4e\u5176\u5b9e\u4ec5\u4ec5\u662f\u9700\u8981\u6784\u9020\u4e00\u4e2a\u66f2\u7ebf\u4e0a\u7684\u81ea\u540c\u6001\\([2i]\\)\uff0c\u4f7f\u5f97\\([2i]\\circ[2i]=[-4]\\)\uff08\u5b9e\u9645\u4e0a\u5c31\u662f\\(2i\\)\u500d\u70b9\u6620\u5c04\u5427\uff0c\u4f46\u662fsage\u5e76\u4e0d\u80fd\u76f4\u63a5\u7ed9\\(GF(p^2)\\)\u4e0a\u7684\u70b9\u4e58\u4e0a\\(2i\\)\uff09\uff0c\u6240\u4ee5\u8fd9\u4e2a\u8fc7\u7a0b\u5176\u5b9e\u8981\u6211\u4eec\u81ea\u5df1\u5199\uff0c\u4f46\u662f\u5728Github\u7684\u9879\u76ee\u91cc\u9762\u5176\u5b9e\u662f\u6709\u7ed9\u7531\u65b9\u7a0b\\(y^2=x^3+6x^2+x\\)\u6240\u5b9a\u4e49\u7684\u692d\u5706\u66f2\u7ebf\u4e0a\u7684\\(2i\\)\u500d\u70b9\u6620\u5c04\u7684\u7b97\u6cd5\uff0c\u800c\u901a\u8fc7\u9605\u8bfb\u8bba\u6587\uff0c\u6211\u4eec\u4e5f\u53ef\u4ee5\u5199\u51fa\u7531\u65b9\u7a0b\\(y^2=x^3+x\\)\u6240\u5b9a\u4e49\u7684\u692d\u5706\u66f2\u7ebf\u4e0a\u7684\\(2i\\)\u500d\u70b9\u6620\u5c04\uff1a\\([2i]:(x,y)\\mapsto[2](-x,iy)\\)\uff08\u5176\u4e2d\\([2]\\)\u4e3a\u4e8c\u500d\u70b9\u6620\u5c04\uff09\uff0c\u5728\u8bba\u6587\u91cc\u9762\u4e5f\u53ea\u8ba8\u8bba\u4e86\u8fd9\u4e24\u79cd\u65b9\u7a0b\u5b9a\u4e49\u7684\u66f2\u7ebf\u3002<\/p>\n\n\n\n

\u4ee3\u7801\u4f7f\u7528\u5b9e\u4f8b<\/h3>\n\n\n\n

\u5728\u8fd9\u91cc\u901a\u8fc7\u4e24\u4e2a\u4f8b\u5b50\u6765\u516c\u5f0f\u5316\u5730\u4f7f\u7528Github\u9879\u76ee\u4e2d\u7ed9\u51fa\u7684\u4ee3\u7801\u89e3\u51b3\u5206\u522b\u7531\\(y^2=x^3+6x^2+x\\)\u4e0e\\(y^2=x^3+x\\)\u5b9a\u4e49\u7684\u66f2\u7ebf\u4e0a\u7684SIDH\uff1a<\/p>\n\n\n\n

[CryptoCTF 2023]Shevid<\/h4>\n\n\n\n

\u9898\u76ee\u7ed9\u51fa\u4ee3\u7801\u5982\u4e0b\uff1a<\/p>\n\n\n\n

<\/circle><\/circle><\/circle><\/g><\/svg><\/span>