Sike selected Nist post -quantal cryptoalgorithm, was not protected from hacking on a regular computer

Researchers from the LEVEN Catholic University developed method of attack on the mechanism of encapsulation of keys Sike (Supersingular ISogeny Key Encapsulation), which entered the final of the post -scan of cryptosystems conducted by the National Institute of Standards and Technologies of the United States (Sike was included in the number of additional algorithms that passed the main stages of selection, but sent by Refinery to eliminate comments before transferring recommended to the category). The proposed attack method allows you to restore the value of the key used for encryption when using the protocol SIDH (SUPERSINGULAR ISOGENY DIFFIE-SheLMAN) used in Sike.

Ready implementation of the hacking method of sike published as a scenario for the algebraic system magma . To restore the closed key used to encrypt protected network sessions, when using the SikeP434 (LEVEL 1) set set, it took 62 minutes, SikeP503 (LEVEL 2) – 2 hours 19 minutes, SikeP610 (LEVEL 3) – 8 hours 15 minutes, 8 hours 15 minutes, 8 hours 15 minutes SikeP751 (Level 5) – 20 hours 37 minutes. The solution of the $ iKep182 and $ IKEP217 developed by Microsoft was spent 4 and 6 minutes, respectively.

Sike algorithm is based on the use of the super -systemicular Issue (circulation in super -symbolic isogenic graph ) and was considered NIST in The candidate for standardization, as it differed from other applicants to the smallest key size and support for perfect direct secrecy (compromising of one of the long -term keys does not allow to decipher the previously intercepted session). SIDH is an analogue of the Diffe Hellman protocol, based on a circle in a super-sengular isogenic column.

The published Sike hacking method is based on the adaptive attack in 2016 gpst (Galbraith-petit-shani-ti ) on the super -syluclaric isogenic mechanisms of keys encapsulation and uses the existence of a small non -orderly Endomorphism At the beginning of the curve supported by additional information about Point of twist transmitted Agents interacting during the protocol.

/Media reports.