Damien Robert
unread,Jul 3, 2026, 1:37:38 PM (2 days ago) Jul 3Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to pqc-forum, John Mattsson, Thom Wiggers, IRTF CFRG
Speaking of isogeny-based KEM, I would like to advertise our upcoming isogeny-based post-quantum Non-Interactive Key Exchange (NIKE), called **MIKE** (Module Isogeny Key Exchange), which we believe will be of great interest to this community.
- **Compact keys:** 64B for NIST Level 1, and 128B for NIST Level 5.
- **Fast key exchange:** For NIST Level 1, our Rust implementation requires <1 ms for key generation and <5 ms for the full key exchange (benchmarked on an AMD Ryzen 7 PRO 7840U @ 3.3GHz).
- **Simple Implementation:** Our implementation is simple ($$\approx 4200$$ LoC, excluding finite field arithmetic) and constant time
- **Active security:** It is an actively-secure NIKE. The timings above include public key validation, which is a supersingularity test over $$\mathbb{F}_{p^2}$$.
- **Provable security:** We prove MIKE's security (in the algebraic isogeny model) as a passively-secure NIKE or a KEM assuming only the supersingular endomorphism ring problem (the core assumption in isogeny-based cryptography).
We aim to release the paper and code by the end of August.
Damien, on behalf of the MIKE team: Andrea Basso, Pierrick Dartois, Max Duparc, Jonathan Komada Eriksen, Sabrina Kunzweiler, Michael Meyer, Giacomo Pope, Krijn Reijnders, Damien Robert, Ryan Rueger, and Sina Schaeffler.